summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMayra Cabrera <mcabrera@gitlab.com>2018-02-22 15:13:30 -0600
committerMayra Cabrera <mcabrera@gitlab.com>2018-02-22 15:27:56 -0600
commit14978ddc53d3ae80a87198d543dbdd14674390dd (patch)
tree294008baa8589d5c49b6a5bb53f5b42b6a535415
parentf330f6596094751ec03dbde4eb8389d0281acaae (diff)
downloadgitlab-ce-14978ddc53d3ae80a87198d543dbdd14674390dd.tar.gz
Modify cluster creation API method to enable legacy_apac as default
GKE 1.8 has RBAC on by default, since GKE has bumped the default version to 1.8.7 RBAC is now on, and we don't support that out of the box. This was also avoiding cluster applications (tiller, prometheus, etc), to be installed. Closes #41619
-rw-r--r--app/services/clusters/gcp/finalize_creation_service.rb4
-rw-r--r--changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml5
-rw-r--r--lib/google_api/cloud_platform/client.rb6
-rw-r--r--spec/lib/google_api/cloud_platform/client_spec.rb3
4 files changed, 15 insertions, 3 deletions
diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb
index cea56f4e849..15ab2d54404 100644
--- a/app/services/clusters/gcp/finalize_creation_service.rb
+++ b/app/services/clusters/gcp/finalize_creation_service.rb
@@ -30,10 +30,10 @@ module Clusters
ca_cert: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
username: gke_cluster.master_auth.username,
password: gke_cluster.master_auth.password,
- token: request_kuberenetes_token)
+ token: request_kubernetes_token)
end
- def request_kuberenetes_token
+ def request_kubernetes_token
Ci::FetchKubernetesTokenService.new(
'https://' + gke_cluster.endpoint,
Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate),
diff --git a/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml b/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml
new file mode 100644
index 00000000000..507367c98c4
--- /dev/null
+++ b/changelogs/unreleased/41619-turn-on-legacy-authorization-for-new-clusters-on-gke.yml
@@ -0,0 +1,5 @@
+---
+title: Enable Legacy Authorization by default on Cluster creations
+merge_request: 17302
+author:
+type: fixed
diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb
index ff638c07755..f30dd995695 100644
--- a/lib/google_api/cloud_platform/client.rb
+++ b/lib/google_api/cloud_platform/client.rb
@@ -76,9 +76,13 @@ module GoogleApi
"initial_node_count": cluster_size,
"node_config": {
"machine_type": machine_type
+ },
+ "legacy_abac": {
+ "enabled": true
}
}
- } )
+ }
+ )
service.create_cluster(project_id, zone, request_body, options: user_agent_header)
end
diff --git a/spec/lib/google_api/cloud_platform/client_spec.rb b/spec/lib/google_api/cloud_platform/client_spec.rb
index f65e41dfea3..db9d9158b29 100644
--- a/spec/lib/google_api/cloud_platform/client_spec.rb
+++ b/spec/lib/google_api/cloud_platform/client_spec.rb
@@ -115,6 +115,9 @@ describe GoogleApi::CloudPlatform::Client do
"initial_node_count": cluster_size,
"node_config": {
"machine_type": machine_type
+ },
+ "legacy_abac": {
+ "enabled": true
}
}
} )