diff options
author | Thong Kuah <tkuah@gitlab.com> | 2018-09-06 22:45:04 +1200 |
---|---|---|
committer | Thong Kuah <tkuah@gitlab.com> | 2018-09-14 16:26:51 +1200 |
commit | ab6d74da9a31095c17ee4f7fedc0f27a37dde3c1 (patch) | |
tree | 16714983b70f90892e1a9d332cb9e14cfe3f558a /app/services/clusters/gcp | |
parent | 7a4d74edf6d4bf296a7bac1b6e5bafde24a2fa64 (diff) | |
download | gitlab-ce-ab6d74da9a31095c17ee4f7fedc0f27a37dde3c1.tar.gz |
Only create new service account with cluster-admin clusterrolebinding for when we have the rbac cluster FF enabled.
This syncs up with `authorization_type`.
Diffstat (limited to 'app/services/clusters/gcp')
-rw-r--r-- | app/services/clusters/gcp/finalize_creation_service.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb index e5bc80f6697..91e49b8394a 100644 --- a/app/services/clusters/gcp/finalize_creation_service.rb +++ b/app/services/clusters/gcp/finalize_creation_service.rb @@ -25,7 +25,9 @@ module Clusters private def create_gitlab_service_account! - Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute + if rbac_clusters_feature_enabled? + Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute + end end def configure_provider @@ -49,7 +51,11 @@ module Clusters end def authorization_type - Feature.enabled?(:rbac_clusters) ? 'rbac' : 'abac' + rbac_clusters_feature_enabled? ? 'rbac' : 'abac' + end + + def rbac_clusters_feature_enabled? + Feature.enabled?(:rbac_clusters) end def kube_client |