diff options
author | Kamil Trzciński <ayufan@ayufan.eu> | 2017-10-06 17:06:55 +0000 |
---|---|---|
committer | Kamil Trzciński <ayufan@ayufan.eu> | 2017-10-06 17:06:55 +0000 |
commit | fb70fadaca6d2ce30730e9a6c995ad8e4f0526e3 (patch) | |
tree | 846e43a446ab90c4320cee4d1c1379851ebb10ea /spec | |
parent | a68a39e34120e0cf67d95e143326d03f61288cdf (diff) | |
parent | 86cea3a544951b1d2fd9795c6ffb83e98cbd97cd (diff) | |
download | gitlab-ce-fb70fadaca6d2ce30730e9a6c995ad8e4f0526e3.tar.gz |
Merge branch 'feature/sm/35954-create-kubernetes-cluster-on-gke-from-k8s-service' into 'master'
Create Kubernetes cluster on GKE from k8s service
Closes #35954
See merge request gitlab-org/gitlab-ce!14470
Diffstat (limited to 'spec')
28 files changed, 1653 insertions, 0 deletions
diff --git a/spec/controllers/google_api/authorizations_controller_spec.rb b/spec/controllers/google_api/authorizations_controller_spec.rb new file mode 100644 index 00000000000..80d553f0f34 --- /dev/null +++ b/spec/controllers/google_api/authorizations_controller_spec.rb @@ -0,0 +1,49 @@ +require 'spec_helper' + +describe GoogleApi::AuthorizationsController do + describe 'GET|POST #callback' do + let(:user) { create(:user) } + let(:token) { 'token' } + let(:expires_at) { 1.hour.since.strftime('%s') } + + subject { get :callback, code: 'xxx', state: @state } + + before do + sign_in(user) + + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:get_token).and_return([token, expires_at]) + end + + it 'sets token and expires_at in session' do + subject + + expect(session[GoogleApi::CloudPlatform::Client.session_key_for_token]) + .to eq(token) + expect(session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at]) + .to eq(expires_at) + end + + context 'when redirect uri key is stored in state' do + set(:project) { create(:project) } + let(:redirect_uri) { project_clusters_url(project).to_s } + + before do + @state = GoogleApi::CloudPlatform::Client + .new_session_key_for_redirect_uri do |key| + session[key] = redirect_uri + end + end + + it 'redirects to the URL stored in state param' do + expect(subject).to redirect_to(redirect_uri) + end + end + + context 'when redirection url is not stored in state' do + it 'redirects to root_path' do + expect(subject).to redirect_to(root_path) + end + end + end +end diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb new file mode 100644 index 00000000000..7985028d73b --- /dev/null +++ b/spec/controllers/projects/clusters_controller_spec.rb @@ -0,0 +1,308 @@ +require 'spec_helper' + +describe Projects::ClustersController do + set(:user) { create(:user) } + set(:project) { create(:project) } + let(:role) { :master } + + before do + project.team << [user, role] + + sign_in(user) + end + + describe 'GET index' do + subject do + get :index, namespace_id: project.namespace, + project_id: project + end + + context 'when cluster is already created' do + let!(:cluster) { create(:gcp_cluster, :created_on_gke, project: project) } + + it 'redirects to show a cluster' do + subject + + expect(response).to redirect_to(project_cluster_path(project, cluster)) + end + end + + context 'when we do not have cluster' do + it 'redirects to create a cluster' do + subject + + expect(response).to redirect_to(new_project_cluster_path(project)) + end + end + end + + describe 'GET login' do + render_views + + subject do + get :login, namespace_id: project.namespace, + project_id: project + end + + context 'when we do have omniauth configured' do + it 'shows login button' do + subject + + expect(response.body).to include('auth_buttons/signin_with_google') + end + end + + context 'when we do not have omniauth configured' do + before do + stub_omniauth_setting(providers: []) + end + + it 'shows notice message' do + subject + + expect(response.body).to include('Ask your GitLab administrator if you want to use this service.') + end + end + end + + shared_examples 'requires to login' do + it 'redirects to create a cluster' do + subject + + expect(response).to redirect_to(login_project_clusters_path(project)) + end + end + + describe 'GET new' do + render_views + + subject do + get :new, namespace_id: project.namespace, + project_id: project + end + + context 'when logged' do + before do + make_logged_in + end + + it 'shows a creation form' do + subject + + expect(response.body).to include('Create cluster') + end + end + + context 'when not logged' do + it_behaves_like 'requires to login' + end + end + + describe 'POST create' do + subject do + post :create, params.merge(namespace_id: project.namespace, + project_id: project) + end + + context 'when not logged' do + let(:params) { {} } + + it_behaves_like 'requires to login' + end + + context 'when logged in' do + before do + make_logged_in + end + + context 'when all required parameters are set' do + let(:params) do + { + cluster: { + gcp_cluster_name: 'new-cluster', + gcp_project_id: '111' + } + } + end + + before do + expect(ClusterProvisionWorker).to receive(:perform_async) { } + end + + it 'creates a new cluster' do + expect { subject }.to change { Gcp::Cluster.count } + + expect(response).to redirect_to(project_cluster_path(project, project.cluster)) + end + end + + context 'when not all required parameters are set' do + render_views + + let(:params) do + { + cluster: { + project_namespace: 'some namespace' + } + } + end + + it 'shows an error message' do + expect { subject }.not_to change { Gcp::Cluster.count } + + expect(response).to render_template(:new) + end + end + end + end + + describe 'GET status' do + let(:cluster) { create(:gcp_cluster, :created_on_gke, project: project) } + + subject do + get :status, namespace_id: project.namespace, + project_id: project, + id: cluster, + format: :json + end + + it "responds with matching schema" do + subject + + expect(response).to have_http_status(:ok) + expect(response).to match_response_schema('cluster_status') + end + end + + describe 'GET show' do + render_views + + let(:cluster) { create(:gcp_cluster, :created_on_gke, project: project) } + + subject do + get :show, namespace_id: project.namespace, + project_id: project, + id: cluster + end + + context 'when logged as master' do + it "allows to update cluster" do + subject + + expect(response).to have_http_status(:ok) + expect(response.body).to include("Save") + end + + it "allows remove integration" do + subject + + expect(response).to have_http_status(:ok) + expect(response.body).to include("Remove integration") + end + end + + context 'when logged as developer' do + let(:role) { :developer } + + it "does not allow to access page" do + subject + + expect(response).to have_http_status(:not_found) + end + end + end + + describe 'PUT update' do + render_views + + let(:service) { project.build_kubernetes_service } + let(:cluster) { create(:gcp_cluster, :created_on_gke, project: project, service: service) } + let(:params) { {} } + + subject do + put :update, params.merge(namespace_id: project.namespace, + project_id: project, + id: cluster) + end + + context 'when logged as master' do + context 'when valid params are used' do + let(:params) do + { + cluster: { enabled: false } + } + end + + it "redirects back to show page" do + subject + + expect(response).to redirect_to(project_cluster_path(project, project.cluster)) + expect(flash[:notice]).to eq('Cluster was successfully updated.') + end + end + + context 'when invalid params are used' do + let(:params) do + { + cluster: { project_namespace: 'my Namespace 321321321 #' } + } + end + + it "rejects changes" do + subject + + expect(response).to have_http_status(:ok) + expect(response).to render_template(:show) + end + end + end + + context 'when logged as developer' do + let(:role) { :developer } + + it "does not allow to update cluster" do + subject + + expect(response).to have_http_status(:not_found) + end + end + end + + describe 'delete update' do + let(:cluster) { create(:gcp_cluster, :created_on_gke, project: project) } + + subject do + delete :destroy, namespace_id: project.namespace, + project_id: project, + id: cluster + end + + context 'when logged as master' do + it "redirects back to clusters list" do + subject + + expect(response).to redirect_to(project_clusters_path(project)) + expect(flash[:notice]).to eq('Cluster integration was successfully removed.') + end + end + + context 'when logged as developer' do + let(:role) { :developer } + + it "does not allow to destroy cluster" do + subject + + expect(response).to have_http_status(:not_found) + end + end + end + + def make_logged_in + session[GoogleApi::CloudPlatform::Client.session_key_for_token] = '1234' + session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] = in_hour.to_i.to_s + end + + def in_hour + Time.now + 1.hour + end +end diff --git a/spec/factories/gcp/cluster.rb b/spec/factories/gcp/cluster.rb new file mode 100644 index 00000000000..630e40da888 --- /dev/null +++ b/spec/factories/gcp/cluster.rb @@ -0,0 +1,38 @@ +FactoryGirl.define do + factory :gcp_cluster, class: Gcp::Cluster do + project + user + enabled true + gcp_project_id 'gcp-project-12345' + gcp_cluster_name 'test-cluster' + gcp_cluster_zone 'us-central1-a' + gcp_cluster_size 1 + gcp_machine_type 'n1-standard-4' + + trait :with_kubernetes_service do + after(:create) do |cluster, evaluator| + create(:kubernetes_service, project: cluster.project).tap do |service| + cluster.update(service: service) + end + end + end + + trait :custom_project_namespace do + project_namespace 'sample-app' + end + + trait :created_on_gke do + status_event :make_created + endpoint '111.111.111.111' + ca_cert 'xxxxxx' + kubernetes_token 'xxxxxx' + username 'xxxxxx' + password 'xxxxxx' + end + + trait :errored do + status_event :make_errored + status_reason 'general error' + end + end +end diff --git a/spec/features/projects/clusters_spec.rb b/spec/features/projects/clusters_spec.rb new file mode 100644 index 00000000000..810f2c39b43 --- /dev/null +++ b/spec/features/projects/clusters_spec.rb @@ -0,0 +1,111 @@ +require 'spec_helper' + +feature 'Clusters', :js do + let!(:project) { create(:project, :repository) } + let!(:user) { create(:user) } + + before do + project.add_master(user) + gitlab_sign_in(user) + end + + context 'when user has signed in Google' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:validate_token).and_return(true) + end + + context 'when user does not have a cluster and visits cluster index page' do + before do + visit project_clusters_path(project) + end + + it 'user sees a new page' do + expect(page).to have_button('Create cluster') + end + + context 'when user filled form with valid parameters' do + before do + double.tap do |dbl| + allow(dbl).to receive(:status).and_return('RUNNING') + allow(dbl).to receive(:self_link) + .and_return('projects/gcp-project-12345/zones/us-central1-a/operations/ope-123') + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_clusters_create).and_return(dbl) + end + + allow(WaitForClusterCreationWorker).to receive(:perform_in).and_return(nil) + + fill_in 'cluster_gcp_project_id', with: 'gcp-project-123' + fill_in 'cluster_gcp_cluster_name', with: 'dev-cluster' + click_button 'Create cluster' + end + + it 'user sees a cluster details page and creation status' do + expect(page).to have_content('Cluster is being created on Google Container Engine...') + + Gcp::Cluster.last.make_created! + + expect(page).to have_content('Cluster was successfully created on Google Container Engine') + end + end + + context 'when user filled form with invalid parameters' do + before do + click_button 'Create cluster' + end + + it 'user sees a validation error' do + expect(page).to have_css('#error_explanation') + end + end + end + + context 'when user has a cluster and visits cluster index page' do + let!(:cluster) { create(:gcp_cluster, :created_on_gke, :with_kubernetes_service, project: project) } + + before do + visit project_clusters_path(project) + end + + it 'user sees an cluster details page' do + expect(page).to have_button('Save') + expect(page.find(:css, '.cluster-name').value).to eq(cluster.gcp_cluster_name) + end + + context 'when user disables the cluster' do + before do + page.find(:css, '.js-toggle-cluster').click + click_button 'Save' + end + + it 'user sees the succeccful message' do + expect(page).to have_content('Cluster was successfully updated.') + end + end + + context 'when user destory the cluster' do + before do + page.accept_confirm do + click_link 'Remove integration' + end + end + + it 'user sees creation form with the succeccful message' do + expect(page).to have_content('Cluster integration was successfully removed.') + expect(page).to have_button('Create cluster') + end + end + end + end + + context 'when user has not signed in Google' do + before do + visit project_clusters_path(project) + end + + it 'user sees a login page' do + expect(page).to have_css('.signin-with-google') + end + end +end diff --git a/spec/fixtures/api/schemas/cluster_status.json b/spec/fixtures/api/schemas/cluster_status.json new file mode 100644 index 00000000000..1f255a17881 --- /dev/null +++ b/spec/fixtures/api/schemas/cluster_status.json @@ -0,0 +1,11 @@ +{ + "type": "object", + "required" : [ + "status" + ], + "properties" : { + "status": { "type": "string" }, + "status_reason": { "type": ["string", "null"] } + }, + "additionalProperties": false +} diff --git a/spec/javascripts/clusters_spec.js b/spec/javascripts/clusters_spec.js new file mode 100644 index 00000000000..eb1cd6eb804 --- /dev/null +++ b/spec/javascripts/clusters_spec.js @@ -0,0 +1,79 @@ +import Clusters from '~/clusters'; + +describe('Clusters', () => { + let cluster; + preloadFixtures('clusters/show_cluster.html.raw'); + + beforeEach(() => { + loadFixtures('clusters/show_cluster.html.raw'); + cluster = new Clusters(); + }); + + describe('toggle', () => { + it('should update the button and the input field on click', () => { + cluster.toggleButton.click(); + + expect( + cluster.toggleButton.classList, + ).not.toContain('checked'); + + expect( + cluster.toggleInput.getAttribute('value'), + ).toEqual('false'); + }); + }); + + describe('updateContainer', () => { + describe('when creating cluster', () => { + it('should show the creating container', () => { + cluster.updateContainer('creating'); + + expect( + cluster.creatingContainer.classList.contains('hidden'), + ).toBeFalsy(); + expect( + cluster.successContainer.classList.contains('hidden'), + ).toBeTruthy(); + expect( + cluster.errorContainer.classList.contains('hidden'), + ).toBeTruthy(); + }); + }); + + describe('when cluster is created', () => { + it('should show the success container', () => { + cluster.updateContainer('created'); + + expect( + cluster.creatingContainer.classList.contains('hidden'), + ).toBeTruthy(); + expect( + cluster.successContainer.classList.contains('hidden'), + ).toBeFalsy(); + expect( + cluster.errorContainer.classList.contains('hidden'), + ).toBeTruthy(); + }); + }); + + describe('when cluster has error', () => { + it('should show the error container', () => { + cluster.updateContainer('errored', 'this is an error'); + + expect( + cluster.creatingContainer.classList.contains('hidden'), + ).toBeTruthy(); + expect( + cluster.successContainer.classList.contains('hidden'), + ).toBeTruthy(); + expect( + cluster.errorContainer.classList.contains('hidden'), + ).toBeFalsy(); + + expect( + cluster.errorReasonContainer.textContent, + ).toContain('this is an error'); + }); + }); + }); +}); diff --git a/spec/javascripts/fixtures/clusters.rb b/spec/javascripts/fixtures/clusters.rb new file mode 100644 index 00000000000..5774f36f026 --- /dev/null +++ b/spec/javascripts/fixtures/clusters.rb @@ -0,0 +1,34 @@ +require 'spec_helper' + +describe Projects::ClustersController, '(JavaScript fixtures)', type: :controller do + include JavaScriptFixturesHelpers + + let(:admin) { create(:admin) } + let(:namespace) { create(:namespace, name: 'frontend-fixtures' )} + let(:project) { create(:project, :repository, namespace: namespace) } + let(:cluster) { project.create_cluster!(gcp_cluster_name: "gke-test-creation-1", gcp_project_id: 'gitlab-internal-153318', gcp_cluster_zone: 'us-central1-a', gcp_cluster_size: '1', project_namespace: 'aaa', gcp_machine_type: 'n1-standard-1')} + + render_views + + before(:all) do + clean_frontend_fixtures('clusters/') + end + + before do + sign_in(admin) + end + + after do + remove_repository(project) + end + + it 'clusters/show_cluster.html.raw' do |example| + get :show, + namespace_id: project.namespace.to_param, + project_id: project, + id: cluster + + expect(response).to be_success + store_frontend_fixture(response, example.description) + end +end diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml index 3fb8edeb701..ec425fd2803 100644 --- a/spec/lib/gitlab/import_export/all_models.yml +++ b/spec/lib/gitlab/import_export/all_models.yml @@ -147,6 +147,10 @@ deploy_keys: - user - deploy_keys_projects - projects +cluster: +- project +- user +- service services: - project - service_hook @@ -177,6 +181,7 @@ project: - tag_taggings - tags - chat_services +- cluster - creator - group - namespace diff --git a/spec/lib/gitlab/import_export/safe_model_attributes.yml b/spec/lib/gitlab/import_export/safe_model_attributes.yml index 0ab493a4246..80d92b2e6a3 100644 --- a/spec/lib/gitlab/import_export/safe_model_attributes.yml +++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml @@ -313,6 +313,32 @@ Ci::PipelineSchedule: - deleted_at - created_at - updated_at +Gcp::Cluster: +- id +- project_id +- user_id +- service_id +- enabled +- status +- status_reason +- project_namespace +- endpoint +- ca_cert +- encrypted_kubernetes_token +- encrypted_kubernetes_token_iv +- username +- encrypted_password +- encrypted_password_iv +- gcp_project_id +- gcp_cluster_zone +- gcp_cluster_name +- gcp_cluster_size +- gcp_machine_type +- gcp_operation_id +- encrypted_gcp_token +- encrypted_gcp_token_iv +- created_at +- updated_at DeployKey: - id - user_id diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb index ee152872acc..777e9c8e21d 100644 --- a/spec/lib/gitlab/usage_data_spec.rb +++ b/spec/lib/gitlab/usage_data_spec.rb @@ -60,6 +60,7 @@ describe Gitlab::UsageData do deploy_keys deployments environments + gcp_clusters in_review_folder groups issues diff --git a/spec/lib/google_api/auth_spec.rb b/spec/lib/google_api/auth_spec.rb new file mode 100644 index 00000000000..87a3f43274f --- /dev/null +++ b/spec/lib/google_api/auth_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe GoogleApi::Auth do + let(:redirect_uri) { 'http://localhost:3000/google_api/authorizations/callback' } + let(:redirect_to) { 'http://localhost:3000/namaspace/project/clusters' } + + let(:client) do + GoogleApi::CloudPlatform::Client + .new(nil, redirect_uri, state: redirect_to) + end + + describe '#authorize_url' do + subject { client.authorize_url } + + it 'returns authorize_url' do + is_expected.to start_with('https://accounts.google.com/o/oauth2') + is_expected.to include(URI.encode(redirect_uri, URI::PATTERN::RESERVED)) + is_expected.to include(URI.encode(redirect_to, URI::PATTERN::RESERVED)) + end + end + + describe '#get_token' do + let(:token) do + double.tap do |dbl| + allow(dbl).to receive(:token).and_return('token') + allow(dbl).to receive(:expires_at).and_return('expires_at') + end + end + + before do + allow_any_instance_of(OAuth2::Strategy::AuthCode) + .to receive(:get_token).and_return(token) + end + + it 'returns token and expires_at' do + token, expires_at = client.get_token('xxx') + expect(token).to eq('token') + expect(expires_at).to eq('expires_at') + end + end +end diff --git a/spec/lib/google_api/cloud_platform/client_spec.rb b/spec/lib/google_api/cloud_platform/client_spec.rb new file mode 100644 index 00000000000..acc5bd1da35 --- /dev/null +++ b/spec/lib/google_api/cloud_platform/client_spec.rb @@ -0,0 +1,128 @@ +require 'spec_helper' + +describe GoogleApi::CloudPlatform::Client do + let(:token) { 'token' } + let(:client) { described_class.new(token, nil) } + + describe '.session_key_for_redirect_uri' do + let(:state) { 'random_string' } + + subject { described_class.session_key_for_redirect_uri(state) } + + it 'creates a new session key' do + is_expected.to eq('cloud_platform_second_redirect_uri_random_string') + end + end + + describe '.new_session_key_for_redirect_uri' do + it 'generates a new session key' do + expect { |b| described_class.new_session_key_for_redirect_uri(&b) } + .to yield_with_args(String) + end + end + + describe '#validate_token' do + subject { client.validate_token(expires_at) } + + let(:expires_at) { 1.hour.since.utc.strftime('%s') } + + context 'when token is nil' do + let(:token) { nil } + + it { is_expected.to be_falsy } + end + + context 'when expires_at is nil' do + let(:expires_at) { nil } + + it { is_expected.to be_falsy } + end + + context 'when expires in 1 hour' do + it { is_expected.to be_truthy } + end + + context 'when expires in 10 minutes' do + let(:expires_at) { 5.minutes.since.utc.strftime('%s') } + + it { is_expected.to be_falsy } + end + end + + describe '#projects_zones_clusters_get' do + subject { client.projects_zones_clusters_get(spy, spy, spy) } + let(:gke_cluster) { double } + + before do + allow_any_instance_of(Google::Apis::ContainerV1::ContainerService) + .to receive(:get_zone_cluster).and_return(gke_cluster) + end + + it { is_expected.to eq(gke_cluster) } + end + + describe '#projects_zones_clusters_create' do + subject do + client.projects_zones_clusters_create( + spy, spy, cluster_name, cluster_size, machine_type: machine_type) + end + + let(:cluster_name) { 'test-cluster' } + let(:cluster_size) { 1 } + let(:machine_type) { 'n1-standard-4' } + let(:operation) { double } + + before do + allow_any_instance_of(Google::Apis::ContainerV1::ContainerService) + .to receive(:create_cluster).and_return(operation) + end + + it { is_expected.to eq(operation) } + + it 'sets corresponded parameters' do + expect_any_instance_of(Google::Apis::ContainerV1::CreateClusterRequest) + .to receive(:initialize).with( + { + "cluster": { + "name": cluster_name, + "initial_node_count": cluster_size, + "node_config": { + "machine_type": machine_type + } + } + } ) + + subject + end + end + + describe '#projects_zones_operations' do + subject { client.projects_zones_operations(spy, spy, spy) } + let(:operation) { double } + + before do + allow_any_instance_of(Google::Apis::ContainerV1::ContainerService) + .to receive(:get_zone_operation).and_return(operation) + end + + it { is_expected.to eq(operation) } + end + + describe '#parse_operation_id' do + subject { client.parse_operation_id(self_link) } + + context 'when expected url' do + let(:self_link) do + 'projects/gcp-project-12345/zones/us-central1-a/operations/ope-123' + end + + it { is_expected.to eq('ope-123') } + end + + context 'when unexpected url' do + let(:self_link) { '???' } + + it { is_expected.to be_nil } + end + end +end diff --git a/spec/models/gcp/cluster_spec.rb b/spec/models/gcp/cluster_spec.rb new file mode 100644 index 00000000000..350fbc257d9 --- /dev/null +++ b/spec/models/gcp/cluster_spec.rb @@ -0,0 +1,240 @@ +require 'spec_helper' + +describe Gcp::Cluster do + it { is_expected.to belong_to(:project) } + it { is_expected.to belong_to(:user) } + it { is_expected.to belong_to(:service) } + + it { is_expected.to validate_presence_of(:gcp_cluster_zone) } + + describe '#default_value_for' do + let(:cluster) { described_class.new } + + it { expect(cluster.gcp_cluster_zone).to eq('us-central1-a') } + it { expect(cluster.gcp_cluster_size).to eq(3) } + it { expect(cluster.gcp_machine_type).to eq('n1-standard-4') } + end + + describe '#validates' do + subject { cluster.valid? } + + context 'when validates gcp_project_id' do + let(:cluster) { build(:gcp_cluster, gcp_project_id: gcp_project_id) } + + context 'when valid' do + let(:gcp_project_id) { 'gcp-project-12345' } + + it { is_expected.to be_truthy } + end + + context 'when empty' do + let(:gcp_project_id) { '' } + + it { is_expected.to be_falsey } + end + + context 'when too long' do + let(:gcp_project_id) { 'A' * 64 } + + it { is_expected.to be_falsey } + end + + context 'when includes abnormal character' do + let(:gcp_project_id) { '!!!!!!' } + + it { is_expected.to be_falsey } + end + end + + context 'when validates gcp_cluster_name' do + let(:cluster) { build(:gcp_cluster, gcp_cluster_name: gcp_cluster_name) } + + context 'when valid' do + let(:gcp_cluster_name) { 'test-cluster' } + + it { is_expected.to be_truthy } + end + + context 'when empty' do + let(:gcp_cluster_name) { '' } + + it { is_expected.to be_falsey } + end + + context 'when too long' do + let(:gcp_cluster_name) { 'A' * 64 } + + it { is_expected.to be_falsey } + end + + context 'when includes abnormal character' do + let(:gcp_cluster_name) { '!!!!!!' } + + it { is_expected.to be_falsey } + end + end + + context 'when validates gcp_cluster_size' do + let(:cluster) { build(:gcp_cluster, gcp_cluster_size: gcp_cluster_size) } + + context 'when valid' do + let(:gcp_cluster_size) { 1 } + + it { is_expected.to be_truthy } + end + + context 'when zero' do + let(:gcp_cluster_size) { 0 } + + it { is_expected.to be_falsey } + end + end + + context 'when validates project_namespace' do + let(:cluster) { build(:gcp_cluster, project_namespace: project_namespace) } + + context 'when valid' do + let(:project_namespace) { 'default-namespace' } + + it { is_expected.to be_truthy } + end + + context 'when empty' do + let(:project_namespace) { '' } + + it { is_expected.to be_truthy } + end + + context 'when too long' do + let(:project_namespace) { 'A' * 64 } + + it { is_expected.to be_falsey } + end + + context 'when includes abnormal character' do + let(:project_namespace) { '!!!!!!' } + + it { is_expected.to be_falsey } + end + end + + context 'when validates restrict_modification' do + let(:cluster) { create(:gcp_cluster) } + + before do + cluster.make_creating! + end + + context 'when created' do + before do + cluster.make_created! + end + + it { is_expected.to be_truthy } + end + + context 'when creating' do + it { is_expected.to be_falsey } + end + end + end + + describe '#state_machine' do + let(:cluster) { build(:gcp_cluster) } + + context 'when transits to created state' do + before do + cluster.gcp_token = 'tmp' + cluster.gcp_operation_id = 'tmp' + cluster.make_created! + end + + it 'nullify gcp_token and gcp_operation_id' do + expect(cluster.gcp_token).to be_nil + expect(cluster.gcp_operation_id).to be_nil + expect(cluster).to be_created + end + end + + context 'when transits to errored state' do + let(:reason) { 'something wrong' } + + before do + cluster.make_errored!(reason) + end + + it 'sets status_reason' do + expect(cluster.status_reason).to eq(reason) + expect(cluster).to be_errored + end + end + end + + describe '#project_namespace_placeholder' do + subject { cluster.project_namespace_placeholder } + + let(:cluster) { create(:gcp_cluster) } + + it 'returns a placeholder' do + is_expected.to eq("#{cluster.project.path}-#{cluster.project.id}") + end + end + + describe '#on_creation?' do + subject { cluster.on_creation? } + + let(:cluster) { create(:gcp_cluster) } + + context 'when status is creating' do + before do + cluster.make_creating! + end + + it { is_expected.to be_truthy } + end + + context 'when status is created' do + before do + cluster.make_created! + end + + it { is_expected.to be_falsey } + end + end + + describe '#api_url' do + subject { cluster.api_url } + + let(:cluster) { create(:gcp_cluster, :created_on_gke) } + let(:api_url) { 'https://' + cluster.endpoint } + + it { is_expected.to eq(api_url) } + end + + describe '#restrict_modification' do + subject { cluster.restrict_modification } + + let(:cluster) { create(:gcp_cluster) } + + context 'when status is created' do + before do + cluster.make_created! + end + + it { is_expected.to be_truthy } + end + + context 'when status is creating' do + before do + cluster.make_creating! + end + + it { is_expected.to be_falsey } + + it 'sets error' do + is_expected.to be_falsey + expect(cluster.errors).not_to be_empty + end + end + end +end diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index 3d6a79e0649..9b470e79a76 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -76,6 +76,7 @@ describe Project do it { is_expected.to have_many(:uploads).dependent(:destroy) } it { is_expected.to have_many(:pipeline_schedules) } it { is_expected.to have_many(:members_and_requesters) } + it { is_expected.to have_one(:cluster) } context 'after initialized' do it "has a project_feature" do diff --git a/spec/policies/gcp/cluster_policy_spec.rb b/spec/policies/gcp/cluster_policy_spec.rb new file mode 100644 index 00000000000..e213aa3d557 --- /dev/null +++ b/spec/policies/gcp/cluster_policy_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' + +describe Gcp::ClusterPolicy, :models do + set(:project) { create(:project) } + set(:cluster) { create(:gcp_cluster, project: project) } + let(:user) { create(:user) } + let(:policy) { described_class.new(user, cluster) } + + describe 'rules' do + context 'when developer' do + before do + project.add_developer(user) + end + + it { expect(policy).to be_disallowed :update_cluster } + it { expect(policy).to be_disallowed :admin_cluster } + end + + context 'when master' do + before do + project.add_master(user) + end + + it { expect(policy).to be_allowed :update_cluster } + it { expect(policy).to be_allowed :admin_cluster } + end + end +end diff --git a/spec/presenters/gcp/cluster_presenter_spec.rb b/spec/presenters/gcp/cluster_presenter_spec.rb new file mode 100644 index 00000000000..8d86dc31582 --- /dev/null +++ b/spec/presenters/gcp/cluster_presenter_spec.rb @@ -0,0 +1,35 @@ +require 'spec_helper' + +describe Gcp::ClusterPresenter do + let(:project) { create(:project) } + let(:cluster) { create(:gcp_cluster, project: project) } + + subject(:presenter) do + described_class.new(cluster) + end + + it 'inherits from Gitlab::View::Presenter::Delegated' do + expect(described_class.superclass).to eq(Gitlab::View::Presenter::Delegated) + end + + describe '#initialize' do + it 'takes a cluster and optional params' do + expect { presenter }.not_to raise_error + end + + it 'exposes cluster' do + expect(presenter.cluster).to eq(cluster) + end + + it 'forwards missing methods to cluster' do + expect(presenter.gcp_cluster_zone).to eq(cluster.gcp_cluster_zone) + end + end + + describe '#gke_cluster_url' do + subject { described_class.new(cluster).gke_cluster_url } + + it { is_expected.to include(cluster.gcp_cluster_zone) } + it { is_expected.to include(cluster.gcp_cluster_name) } + end +end diff --git a/spec/serializers/cluster_entity_spec.rb b/spec/serializers/cluster_entity_spec.rb new file mode 100644 index 00000000000..2c7f49974f1 --- /dev/null +++ b/spec/serializers/cluster_entity_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe ClusterEntity do + set(:cluster) { create(:gcp_cluster, :errored) } + let(:request) { double('request') } + + let(:entity) do + described_class.new(cluster) + end + + describe '#as_json' do + subject { entity.as_json } + + it 'contains status' do + expect(subject[:status]).to eq(:errored) + end + + it 'contains status reason' do + expect(subject[:status_reason]).to eq('general error') + end + end +end diff --git a/spec/serializers/cluster_serializer_spec.rb b/spec/serializers/cluster_serializer_spec.rb new file mode 100644 index 00000000000..1ac6784d28f --- /dev/null +++ b/spec/serializers/cluster_serializer_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe ClusterSerializer do + let(:serializer) do + described_class.new + end + + describe '#represent_status' do + subject { serializer.represent_status(resource) } + + context 'when represents only status' do + let(:resource) { create(:gcp_cluster, :errored) } + + it 'serializes only status' do + expect(subject.keys).to contain_exactly(:status, :status_reason) + end + end + end +end diff --git a/spec/services/ci/create_cluster_service_spec.rb b/spec/services/ci/create_cluster_service_spec.rb new file mode 100644 index 00000000000..6e7398fbffa --- /dev/null +++ b/spec/services/ci/create_cluster_service_spec.rb @@ -0,0 +1,47 @@ +require 'spec_helper' + +describe Ci::CreateClusterService do + describe '#execute' do + let(:access_token) { 'xxx' } + let(:project) { create(:project) } + let(:user) { create(:user) } + let(:result) { described_class.new(project, user, params).execute(access_token) } + + context 'when correct params' do + let(:params) do + { + gcp_project_id: 'gcp-project', + gcp_cluster_name: 'test-cluster', + gcp_cluster_zone: 'us-central1-a', + gcp_cluster_size: 1 + } + end + + it 'creates a cluster object' do + expect(ClusterProvisionWorker).to receive(:perform_async) + expect { result }.to change { Gcp::Cluster.count }.by(1) + expect(result.gcp_project_id).to eq('gcp-project') + expect(result.gcp_cluster_name).to eq('test-cluster') + expect(result.gcp_cluster_zone).to eq('us-central1-a') + expect(result.gcp_cluster_size).to eq(1) + expect(result.gcp_token).to eq(access_token) + end + end + + context 'when invalid params' do + let(:params) do + { + gcp_project_id: 'gcp-project', + gcp_cluster_name: 'test-cluster', + gcp_cluster_zone: 'us-central1-a', + gcp_cluster_size: 'ABC' + } + end + + it 'returns an error' do + expect(ClusterProvisionWorker).not_to receive(:perform_async) + expect { result }.to change { Gcp::Cluster.count }.by(0) + end + end + end +end diff --git a/spec/services/ci/fetch_gcp_operation_service_spec.rb b/spec/services/ci/fetch_gcp_operation_service_spec.rb new file mode 100644 index 00000000000..7792979c5cb --- /dev/null +++ b/spec/services/ci/fetch_gcp_operation_service_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper' +require 'google/apis' + +describe Ci::FetchGcpOperationService do + describe '#execute' do + let(:cluster) { create(:gcp_cluster) } + let(:operation) { double } + + context 'when suceeded' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_operations).and_return(operation) + end + + it 'fetch the gcp operaion' do + expect { |b| described_class.new.execute(cluster, &b) } + .to yield_with_args(operation) + end + end + + context 'when raises an error' do + let(:error) { Google::Apis::ServerError.new('a') } + + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_operations).and_raise(error) + end + + it 'sets an error to cluster object' do + expect { |b| described_class.new.execute(cluster, &b) } + .not_to yield_with_args + expect(cluster.reload).to be_errored + end + end + end +end diff --git a/spec/services/ci/fetch_kubernetes_token_service_spec.rb b/spec/services/ci/fetch_kubernetes_token_service_spec.rb new file mode 100644 index 00000000000..1d05c9671a9 --- /dev/null +++ b/spec/services/ci/fetch_kubernetes_token_service_spec.rb @@ -0,0 +1,64 @@ +require 'spec_helper' + +describe Ci::FetchKubernetesTokenService do + describe '#execute' do + subject { described_class.new(api_url, ca_pem, username, password).execute } + + let(:api_url) { 'http://111.111.111.111' } + let(:ca_pem) { '' } + let(:username) { 'admin' } + let(:password) { 'xxx' } + + context 'when params correct' do + let(:token) { 'xxx.token.xxx' } + + let(:secrets_json) do + [ + { + 'metadata': { + name: metadata_name + }, + 'data': { + 'token': Base64.encode64(token) + } + } + ] + end + + before do + allow_any_instance_of(Kubeclient::Client) + .to receive(:get_secrets).and_return(secrets_json) + end + + context 'when default-token exists' do + let(:metadata_name) { 'default-token-123' } + + it { is_expected.to eq(token) } + end + + context 'when default-token does not exist' do + let(:metadata_name) { 'another-token-123' } + + it { is_expected.to be_nil } + end + end + + context 'when api_url is nil' do + let(:api_url) { nil } + + it { expect { subject }.to raise_error("Incomplete settings") } + end + + context 'when username is nil' do + let(:username) { nil } + + it { expect { subject }.to raise_error("Incomplete settings") } + end + + context 'when password is nil' do + let(:password) { nil } + + it { expect { subject }.to raise_error("Incomplete settings") } + end + end +end diff --git a/spec/services/ci/finalize_cluster_creation_service_spec.rb b/spec/services/ci/finalize_cluster_creation_service_spec.rb new file mode 100644 index 00000000000..def3709fdb4 --- /dev/null +++ b/spec/services/ci/finalize_cluster_creation_service_spec.rb @@ -0,0 +1,61 @@ +require 'spec_helper' + +describe Ci::FinalizeClusterCreationService do + describe '#execute' do + let(:cluster) { create(:gcp_cluster) } + let(:result) { described_class.new.execute(cluster) } + + context 'when suceeded to get cluster from api' do + let(:gke_cluster) { double } + + before do + allow(gke_cluster).to receive(:endpoint).and_return('111.111.111.111') + allow(gke_cluster).to receive(:master_auth).and_return(spy) + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_clusters_get).and_return(gke_cluster) + end + + context 'when suceeded to get kubernetes token' do + let(:kubernetes_token) { 'abc' } + + before do + allow_any_instance_of(Ci::FetchKubernetesTokenService) + .to receive(:execute).and_return(kubernetes_token) + end + + it 'executes integration cluster' do + expect_any_instance_of(Ci::IntegrateClusterService).to receive(:execute) + described_class.new.execute(cluster) + end + end + + context 'when failed to get kubernetes token' do + before do + allow_any_instance_of(Ci::FetchKubernetesTokenService) + .to receive(:execute).and_return(nil) + end + + it 'sets an error to cluster object' do + described_class.new.execute(cluster) + + expect(cluster.reload).to be_errored + end + end + end + + context 'when failed to get cluster from api' do + let(:error) { Google::Apis::ServerError.new('a') } + + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_clusters_get).and_raise(error) + end + + it 'sets an error to cluster object' do + described_class.new.execute(cluster) + + expect(cluster.reload).to be_errored + end + end + end +end diff --git a/spec/services/ci/integrate_cluster_service_spec.rb b/spec/services/ci/integrate_cluster_service_spec.rb new file mode 100644 index 00000000000..3a79c205bd1 --- /dev/null +++ b/spec/services/ci/integrate_cluster_service_spec.rb @@ -0,0 +1,42 @@ +require 'spec_helper' + +describe Ci::IntegrateClusterService do + describe '#execute' do + let(:cluster) { create(:gcp_cluster, :custom_project_namespace) } + let(:endpoint) { '123.123.123.123' } + let(:ca_cert) { 'ca_cert_xxx' } + let(:token) { 'token_xxx' } + let(:username) { 'username_xxx' } + let(:password) { 'password_xxx' } + + before do + described_class + .new.execute(cluster, endpoint, ca_cert, token, username, password) + + cluster.reload + end + + context 'when correct params' do + it 'creates a cluster object' do + expect(cluster.endpoint).to eq(endpoint) + expect(cluster.ca_cert).to eq(ca_cert) + expect(cluster.kubernetes_token).to eq(token) + expect(cluster.username).to eq(username) + expect(cluster.password).to eq(password) + expect(cluster.service.active).to be_truthy + expect(cluster.service.api_url).to eq(cluster.api_url) + expect(cluster.service.ca_pem).to eq(ca_cert) + expect(cluster.service.namespace).to eq(cluster.project_namespace) + expect(cluster.service.token).to eq(token) + end + end + + context 'when invalid params' do + let(:endpoint) { nil } + + it 'sets an error to cluster object' do + expect(cluster).to be_errored + end + end + end +end diff --git a/spec/services/ci/provision_cluster_service_spec.rb b/spec/services/ci/provision_cluster_service_spec.rb new file mode 100644 index 00000000000..5ce5c788314 --- /dev/null +++ b/spec/services/ci/provision_cluster_service_spec.rb @@ -0,0 +1,85 @@ +require 'spec_helper' + +describe Ci::ProvisionClusterService do + describe '#execute' do + let(:cluster) { create(:gcp_cluster) } + let(:operation) { spy } + + shared_examples 'error' do + it 'sets an error to cluster object' do + described_class.new.execute(cluster) + + expect(cluster.reload).to be_errored + end + end + + context 'when suceeded to request provision' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_clusters_create).and_return(operation) + end + + context 'when operation status is RUNNING' do + before do + allow(operation).to receive(:status).and_return('RUNNING') + end + + context 'when suceeded to parse gcp operation id' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:parse_operation_id).and_return('operation-123') + end + + context 'when cluster status is scheduled' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:parse_operation_id).and_return('operation-123') + end + + it 'schedules a worker for status minitoring' do + expect(WaitForClusterCreationWorker).to receive(:perform_in) + + described_class.new.execute(cluster) + end + end + + context 'when cluster status is creating' do + before do + cluster.make_creating! + end + + it_behaves_like 'error' + end + end + + context 'when failed to parse gcp operation id' do + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:parse_operation_id).and_return(nil) + end + + it_behaves_like 'error' + end + end + + context 'when operation status is others' do + before do + allow(operation).to receive(:status).and_return('others') + end + + it_behaves_like 'error' + end + end + + context 'when failed to request provision' do + let(:error) { Google::Apis::ServerError.new('a') } + + before do + allow_any_instance_of(GoogleApi::CloudPlatform::Client) + .to receive(:projects_zones_clusters_create).and_raise(error) + end + + it_behaves_like 'error' + end + end +end diff --git a/spec/services/ci/update_cluster_service_spec.rb b/spec/services/ci/update_cluster_service_spec.rb new file mode 100644 index 00000000000..a289385b88f --- /dev/null +++ b/spec/services/ci/update_cluster_service_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' + +describe Ci::UpdateClusterService do + describe '#execute' do + let(:cluster) { create(:gcp_cluster, :created_on_gke, :with_kubernetes_service) } + + before do + described_class.new(cluster.project, cluster.user, params).execute(cluster) + + cluster.reload + end + + context 'when correct params' do + context 'when enabled is true' do + let(:params) { { 'enabled' => 'true' } } + + it 'enables cluster and overwrite kubernetes service' do + expect(cluster.enabled).to be_truthy + expect(cluster.service.active).to be_truthy + expect(cluster.service.api_url).to eq(cluster.api_url) + expect(cluster.service.ca_pem).to eq(cluster.ca_cert) + expect(cluster.service.namespace).to eq(cluster.project_namespace) + expect(cluster.service.token).to eq(cluster.kubernetes_token) + end + end + + context 'when enabled is false' do + let(:params) { { 'enabled' => 'false' } } + + it 'disables cluster and kubernetes service' do + expect(cluster.enabled).to be_falsy + expect(cluster.service.active).to be_falsy + end + end + end + end +end diff --git a/spec/workers/cluster_provision_worker_spec.rb b/spec/workers/cluster_provision_worker_spec.rb new file mode 100644 index 00000000000..11f208289db --- /dev/null +++ b/spec/workers/cluster_provision_worker_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper' + +describe ClusterProvisionWorker do + describe '#perform' do + context 'when cluster exists' do + let(:cluster) { create(:gcp_cluster) } + + it 'provision a cluster' do + expect_any_instance_of(Ci::ProvisionClusterService).to receive(:execute) + + described_class.new.perform(cluster.id) + end + end + + context 'when cluster does not exist' do + it 'does not provision a cluster' do + expect_any_instance_of(Ci::ProvisionClusterService).not_to receive(:execute) + + described_class.new.perform(123) + end + end + end +end diff --git a/spec/workers/concerns/cluster_queue_spec.rb b/spec/workers/concerns/cluster_queue_spec.rb new file mode 100644 index 00000000000..1050651fa51 --- /dev/null +++ b/spec/workers/concerns/cluster_queue_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe ClusterQueue do + let(:worker) do + Class.new do + include Sidekiq::Worker + include ClusterQueue + end + end + + it 'sets a default pipelines queue automatically' do + expect(worker.sidekiq_options['queue']) + .to eq :gcp_cluster + end +end diff --git a/spec/workers/wait_for_cluster_creation_worker_spec.rb b/spec/workers/wait_for_cluster_creation_worker_spec.rb new file mode 100644 index 00000000000..dcd4a3b9aec --- /dev/null +++ b/spec/workers/wait_for_cluster_creation_worker_spec.rb @@ -0,0 +1,67 @@ +require 'spec_helper' + +describe WaitForClusterCreationWorker do + describe '#perform' do + context 'when cluster exists' do + let(:cluster) { create(:gcp_cluster) } + let(:operation) { double } + + before do + allow(operation).to receive(:status).and_return(status) + allow(operation).to receive(:start_time).and_return(1.minute.ago) + allow(operation).to receive(:status_message).and_return('error') + allow_any_instance_of(Ci::FetchGcpOperationService).to receive(:execute).and_yield(operation) + end + + context 'when operation status is RUNNING' do + let(:status) { 'RUNNING' } + + it 'reschedules worker' do + expect(described_class).to receive(:perform_in) + + described_class.new.perform(cluster.id) + end + + context 'when operation timeout' do + before do + allow(operation).to receive(:start_time).and_return(30.minutes.ago.utc) + end + + it 'sets an error message on cluster' do + described_class.new.perform(cluster.id) + + expect(cluster.reload).to be_errored + end + end + end + + context 'when operation status is DONE' do + let(:status) { 'DONE' } + + it 'finalizes cluster creation' do + expect_any_instance_of(Ci::FinalizeClusterCreationService).to receive(:execute) + + described_class.new.perform(cluster.id) + end + end + + context 'when operation status is others' do + let(:status) { 'others' } + + it 'sets an error message on cluster' do + described_class.new.perform(cluster.id) + + expect(cluster.reload).to be_errored + end + end + end + + context 'when cluster does not exist' do + it 'does not provision a cluster' do + expect_any_instance_of(Ci::FetchGcpOperationService).not_to receive(:execute) + + described_class.new.perform(1234) + end + end + end +end |