diff options
author | Dylan Griffith <dyl.griffith@gmail.com> | 2018-11-28 13:29:01 +0100 |
---|---|---|
committer | Dylan Griffith <dyl.griffith@gmail.com> | 2018-11-30 11:03:42 +0100 |
commit | e7f2be49d812079e1521dd7479ce4e8007afbf43 (patch) | |
tree | 6c1b2f78eaf1903d403166d83f72bb48a4f166f2 /app/models/project_services/kubernetes_service.rb | |
parent | 817bb1905703f0ae63c3a877348b7b4bcc1136c6 (diff) | |
download | gitlab-ce-e7f2be49d812079e1521dd7479ce4e8007afbf43.tar.gz |
Make KUBECONFIG nil if KUBE_TOKEN is nil
Having an invalid KUBECONFIG without a token in it is not helpful. This
only became possible recently now that we are creating a separate
namespace and service account (and hence token) to send to the runners.
This led to somewhat surprising results when troubleshooting
https://gitlab.com/gitlab-org/gitlab-ce/issues/53879 as I found that the
KUBECONFIG was still being passed but KUBE_TOKEN was not. These things
really should have been linked.
Furthermore now that we are also using the [presence of KUBECONFIG to
decide whether or not to run build steps in Auto
DevOps](https://gitlab.com/gitlab-org/gitlab-ce/blob/294d15be3e9497e7b67e1f9131ce9d5c0d68406c/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml#L164)
I think it makes even more sense to ensure that KUBECONFIG is a complete
config if passed to a job.
Diffstat (limited to 'app/models/project_services/kubernetes_service.rb')
-rw-r--r-- | app/models/project_services/kubernetes_service.rb | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/app/models/project_services/kubernetes_service.rb b/app/models/project_services/kubernetes_service.rb index c52a531e5fe..b801fd84a07 100644 --- a/app/models/project_services/kubernetes_service.rb +++ b/app/models/project_services/kubernetes_service.rb @@ -110,14 +110,12 @@ class KubernetesService < DeploymentService # Clusters::Platforms::Kubernetes, it won't be used on this method # as it's only needed for Clusters::Cluster. def predefined_variables(project:) - config = YAML.dump(kubeconfig) - Gitlab::Ci::Variables::Collection.new.tap do |variables| variables .append(key: 'KUBE_URL', value: api_url) .append(key: 'KUBE_TOKEN', value: token, public: false) .append(key: 'KUBE_NAMESPACE', value: actual_namespace) - .append(key: 'KUBECONFIG', value: config, public: false, file: true) + .append(key: 'KUBECONFIG', value: kubeconfig, public: false, file: true) if ca_pem.present? variables |