Implement commands to uninstall cluster applicationshelm_uninstall_command

This is the backend part which just allows uninstalling Prometheus for
now.

4 files changed, 161 insertions, 0 deletions

diff --git a/app/models/clusters/concerns/application_data.rb b/app/models/clusters/concerns/application_data.rb
index 52498f123ff..a48ee340fac 100644
--- a/app/models/clusters/concerns/application_data.rb
+++ b/app/models/clusters/concerns/application_data.rb
@@ -6,6 +6,14 @@ module Clusters
       extend ActiveSupport::Concern
 
       included do
+        def uninstall_command
+          Gitlab::Kubernetes::Helm::DeleteCommand.new(
+            name: name,
+            rbac: cluster.platform_kubernetes_rbac?,
+            files: files
+          )
+        end
+
         def repository
           nil
         end
diff --git a/lib/gitlab/kubernetes/helm/delete_command.rb b/lib/gitlab/kubernetes/helm/delete_command.rb
new file mode 100644
index 00000000000..876994d2678
--- /dev/null
+++ b/lib/gitlab/kubernetes/helm/delete_command.rb
@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Kubernetes
+    module Helm
+      class DeleteCommand
+        include BaseCommand
+        include ClientCommand
+
+        attr_accessor :name, :files
+
+        def initialize(name:, rbac:, files:)
+          @name = name
+          @files = files
+          @rbac = rbac
+        end
+
+        def generate_script
+          super + [
+            init_command,
+            wait_for_tiller_command,
+            delete_command
+          ].compact.join("\n")
+        end
+
+        def pod_name
+          "uninstall-#{name}"
+        end
+
+        def rbac?
+          @rbac
+        end
+
+        private
+
+        def delete_command
+          command = ['helm', 'delete', '--purge', name] + optional_tls_flags
+
+          command.shelljoin
+        end
+
+        def optional_tls_flags
+          return [] unless files.key?(:'ca.pem')
+
+          [
+            '--tls',
+            '--tls-ca-cert', "#{files_dir}/ca.pem",
+            '--tls-cert', "#{files_dir}/cert.pem",
+            '--tls-key', "#{files_dir}/key.pem"
+          ]
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb b/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb
new file mode 100644
index 00000000000..cae92305b19
--- /dev/null
+++ b/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb
@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Kubernetes::Helm::DeleteCommand do
+  let(:app_name) { 'app-name' }
+  let(:rbac) { true }
+  let(:files) { {} }
+  let(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files) }
+
+  subject { delete_command }
+
+  it_behaves_like 'helm commands' do
+    let(:commands) do
+      <<~EOS
+      helm init --upgrade
+      for i in $(seq 1 30); do helm version && break; sleep 1s; echo "Retrying ($i)..."; done
+      helm delete --purge app-name
+      EOS
+    end
+  end
+
+  context 'when there is a ca.pem file' do
+    let(:files) { { 'ca.pem': 'some file content' } }
+
+    it_behaves_like 'helm commands' do
+      let(:commands) do
+        <<~EOS
+        helm init --upgrade
+        for i in $(seq 1 30); do helm version && break; sleep 1s; echo "Retrying ($i)..."; done
+        #{helm_delete_command}
+        EOS
+      end
+
+      let(:helm_delete_command) do
+        <<~EOS.squish
+        helm delete --purge app-name
+        --tls
+        --tls-ca-cert /data/helm/app-name/config/ca.pem
+        --tls-cert /data/helm/app-name/config/cert.pem
+        --tls-key /data/helm/app-name/config/key.pem
+        EOS
+      end
+    end
+  end
+
+  describe '#pod_resource' do
+    subject { delete_command.pod_resource }
+
+    context 'rbac is enabled' do
+      let(:rbac) { true }
+
+      it 'generates a pod that uses the tiller serviceAccountName' do
+        expect(subject.spec.serviceAccountName).to eq('tiller')
+      end
+    end
+
+    context 'rbac is not enabled' do
+      let(:rbac) { false }
+
+      it 'generates a pod that uses the default serviceAccountName' do
+        expect(subject.spec.serviceAcccountName).to be_nil
+      end
+    end
+  end
+
+  describe '#pod_name' do
+    subject { delete_command.pod_name }
+
+    it { is_expected.to eq('uninstall-app-name') }
+  end
+end
diff --git a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
index 033b65bdc84..bd3661471f8 100644
--- a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
@@ -1,6 +1,32 @@
 shared_examples 'cluster application helm specs' do |application_name|
   let(:application) { create(application_name) }
 
+  describe '#uninstall_command' do
+    subject { application.uninstall_command }
+
+    it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::DeleteCommand) }
+
+    it 'has the application name' do
+      expect(subject.name).to eq(application.name)
+    end
+
+    it 'has files' do
+      expect(subject.files).to eq(application.files)
+    end
+
+    it 'is rbac' do
+      expect(subject).to be_rbac
+    end
+
+    context 'on a non rbac enabled cluster' do
+      before do
+        application.cluster.platform_kubernetes.abac!
+      end
+
+      it { is_expected.not_to be_rbac }
+    end
+  end
+
   describe '#files' do
     subject { application.files }