diff options
author | Thong Kuah <tkuah@gitlab.com> | 2019-03-12 22:38:18 +1300 |
---|---|---|
committer | Thong Kuah <tkuah@gitlab.com> | 2019-03-13 16:28:04 +1300 |
commit | 428ee4bc6017c2df2a1fa02a358c33b7b67480a8 (patch) | |
tree | e5ffb036bb8ae838ce199680c72a32b0a6a24be4 /lib/google_api | |
parent | b8ca2fc64a313be332d870438d32c296e4801366 (diff) | |
download | gitlab-ce-428ee4bc6017c2df2a1fa02a358c33b7b67480a8.tar.gz |
Explicitly set master_auth for new GKE clusters
From 1.12, GKE will disable basic auth and client certificate by
default. Explicitly enable those now (currently we use 1.10/1.11
clusters) so that GKE cluster configuration will continue to work.
Diffstat (limited to 'lib/google_api')
-rw-r--r-- | lib/google_api/cloud_platform/client.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index e74ff6a9129..b5f99ea012b 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -10,6 +10,7 @@ module GoogleApi class Client < GoogleApi::Auth SCOPE = 'https://www.googleapis.com/auth/cloud-platform'.freeze LEAST_TOKEN_LIFE_TIME = 10.minutes + CLUSTER_MASTER_AUTH_USERNAME = 'admin'.freeze class << self def session_key_for_token @@ -64,6 +65,12 @@ module GoogleApi "node_config": { "machine_type": machine_type }, + "master_auth": { + "username": CLUSTER_MASTER_AUTH_USERNAME, + "client_certificate_config": { + issue_client_certificate: true + } + }, "legacy_abac": { "enabled": legacy_abac } |