diff options
4 files changed, 161 insertions, 0 deletions
diff --git a/app/models/clusters/concerns/application_data.rb b/app/models/clusters/concerns/application_data.rb index 52498f123ff..a48ee340fac 100644 --- a/app/models/clusters/concerns/application_data.rb +++ b/app/models/clusters/concerns/application_data.rb @@ -6,6 +6,14 @@ module Clusters extend ActiveSupport::Concern included do + def uninstall_command + Gitlab::Kubernetes::Helm::DeleteCommand.new( + name: name, + rbac: cluster.platform_kubernetes_rbac?, + files: files + ) + end + def repository nil end diff --git a/lib/gitlab/kubernetes/helm/delete_command.rb b/lib/gitlab/kubernetes/helm/delete_command.rb new file mode 100644 index 00000000000..876994d2678 --- /dev/null +++ b/lib/gitlab/kubernetes/helm/delete_command.rb @@ -0,0 +1,55 @@ +# frozen_string_literal: true + +module Gitlab + module Kubernetes + module Helm + class DeleteCommand + include BaseCommand + include ClientCommand + + attr_accessor :name, :files + + def initialize(name:, rbac:, files:) + @name = name + @files = files + @rbac = rbac + end + + def generate_script + super + [ + init_command, + wait_for_tiller_command, + delete_command + ].compact.join("\n") + end + + def pod_name + "uninstall-#{name}" + end + + def rbac? + @rbac + end + + private + + def delete_command + command = ['helm', 'delete', '--purge', name] + optional_tls_flags + + command.shelljoin + end + + def optional_tls_flags + return [] unless files.key?(:'ca.pem') + + [ + '--tls', + '--tls-ca-cert', "#{files_dir}/ca.pem", + '--tls-cert', "#{files_dir}/cert.pem", + '--tls-key', "#{files_dir}/key.pem" + ] + end + end + end + end +end diff --git a/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb b/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb new file mode 100644 index 00000000000..cae92305b19 --- /dev/null +++ b/spec/lib/gitlab/kubernetes/helm/delete_command_spec.rb @@ -0,0 +1,72 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe Gitlab::Kubernetes::Helm::DeleteCommand do + let(:app_name) { 'app-name' } + let(:rbac) { true } + let(:files) { {} } + let(:delete_command) { described_class.new(name: app_name, rbac: rbac, files: files) } + + subject { delete_command } + + it_behaves_like 'helm commands' do + let(:commands) do + <<~EOS + helm init --upgrade + for i in $(seq 1 30); do helm version && break; sleep 1s; echo "Retrying ($i)..."; done + helm delete --purge app-name + EOS + end + end + + context 'when there is a ca.pem file' do + let(:files) { { 'ca.pem': 'some file content' } } + + it_behaves_like 'helm commands' do + let(:commands) do + <<~EOS + helm init --upgrade + for i in $(seq 1 30); do helm version && break; sleep 1s; echo "Retrying ($i)..."; done + #{helm_delete_command} + EOS + end + + let(:helm_delete_command) do + <<~EOS.squish + helm delete --purge app-name + --tls + --tls-ca-cert /data/helm/app-name/config/ca.pem + --tls-cert /data/helm/app-name/config/cert.pem + --tls-key /data/helm/app-name/config/key.pem + EOS + end + end + end + + describe '#pod_resource' do + subject { delete_command.pod_resource } + + context 'rbac is enabled' do + let(:rbac) { true } + + it 'generates a pod that uses the tiller serviceAccountName' do + expect(subject.spec.serviceAccountName).to eq('tiller') + end + end + + context 'rbac is not enabled' do + let(:rbac) { false } + + it 'generates a pod that uses the default serviceAccountName' do + expect(subject.spec.serviceAcccountName).to be_nil + end + end + end + + describe '#pod_name' do + subject { delete_command.pod_name } + + it { is_expected.to eq('uninstall-app-name') } + end +end diff --git a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb index 033b65bdc84..bd3661471f8 100644 --- a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb +++ b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb @@ -1,6 +1,32 @@ shared_examples 'cluster application helm specs' do |application_name| let(:application) { create(application_name) } + describe '#uninstall_command' do + subject { application.uninstall_command } + + it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::DeleteCommand) } + + it 'has the application name' do + expect(subject.name).to eq(application.name) + end + + it 'has files' do + expect(subject.files).to eq(application.files) + end + + it 'is rbac' do + expect(subject).to be_rbac + end + + context 'on a non rbac enabled cluster' do + before do + application.cluster.platform_kubernetes.abac! + end + + it { is_expected.not_to be_rbac } + end + end + describe '#files' do subject { application.files } |