summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/clusters/clusters_controller.rb2
-rw-r--r--app/models/clusters/platforms/kubernetes.rb13
-rw-r--r--app/views/clusters/platforms/kubernetes/_form.html.haml2
-rw-r--r--changelogs/unreleased/60617-allow-switching-from-gitlab-managed-to-unmanaged-clusters.yml5
-rw-r--r--doc/user/group/clusters/index.md4
-rw-r--r--doc/user/project/clusters/index.md4
-rw-r--r--spec/controllers/admin/clusters_controller_spec.rb4
-rw-r--r--spec/controllers/groups/clusters_controller_spec.rb4
-rw-r--r--spec/controllers/projects/clusters_controller_spec.rb4
-rw-r--r--spec/models/clusters/platforms/kubernetes_spec.rb40
10 files changed, 71 insertions, 11 deletions
diff --git a/app/controllers/clusters/clusters_controller.rb b/app/controllers/clusters/clusters_controller.rb
index 80ee7c35906..ec8077d18e3 100644
--- a/app/controllers/clusters/clusters_controller.rb
+++ b/app/controllers/clusters/clusters_controller.rb
@@ -128,6 +128,7 @@ class Clusters::ClustersController < Clusters::BaseController
:enabled,
:name,
:environment_scope,
+ :managed,
:base_domain,
platform_kubernetes_attributes: [
:api_url,
@@ -140,6 +141,7 @@ class Clusters::ClustersController < Clusters::BaseController
params.require(:cluster).permit(
:enabled,
:environment_scope,
+ :managed,
:base_domain,
platform_kubernetes_attributes: [
:namespace
diff --git a/app/models/clusters/platforms/kubernetes.rb b/app/models/clusters/platforms/kubernetes.rb
index 8e06156c73d..272861cacf0 100644
--- a/app/models/clusters/platforms/kubernetes.rb
+++ b/app/models/clusters/platforms/kubernetes.rb
@@ -80,9 +80,18 @@ module Clusters
.append(key: 'KUBE_CA_PEM_FILE', value: ca_pem, file: true)
end
- if kubernetes_namespace = cluster.kubernetes_namespaces.has_service_account_token.find_by(project: project)
+ if !cluster.managed?
+ project_namespace = namespace.presence || "#{project.path}-#{project.id}".downcase
+
+ variables
+ .append(key: 'KUBE_URL', value: api_url)
+ .append(key: 'KUBE_TOKEN', value: token, public: false, masked: true)
+ .append(key: 'KUBE_NAMESPACE', value: project_namespace)
+ .append(key: 'KUBECONFIG', value: kubeconfig(project_namespace), public: false, file: true)
+
+ elsif kubernetes_namespace = cluster.kubernetes_namespaces.has_service_account_token.find_by(project: project)
variables.concat(kubernetes_namespace.predefined_variables)
- elsif cluster.project_type? || !cluster.managed?
+ elsif cluster.project_type?
# As of 11.11 a user can create a cluster that they manage themselves,
# which replicates the existing project-level cluster behaviour.
# Once we have marked all project-level clusters that make use of this
diff --git a/app/views/clusters/platforms/kubernetes/_form.html.haml b/app/views/clusters/platforms/kubernetes/_form.html.haml
index c1727cf9079..f2e44462226 100644
--- a/app/views/clusters/platforms/kubernetes/_form.html.haml
+++ b/app/views/clusters/platforms/kubernetes/_form.html.haml
@@ -48,7 +48,7 @@
= s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
.form-group
- = field.check_box :managed, { disabled: true, label: s_('ClusterIntegration|GitLab-managed cluster'),
+ = field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),
label_class: 'label-bold' }
.form-text.text-muted
= s_('ClusterIntegration|Allow GitLab to manage namespace and service accounts for this cluster.')
diff --git a/changelogs/unreleased/60617-allow-switching-from-gitlab-managed-to-unmanaged-clusters.yml b/changelogs/unreleased/60617-allow-switching-from-gitlab-managed-to-unmanaged-clusters.yml
new file mode 100644
index 00000000000..1127dde4fcf
--- /dev/null
+++ b/changelogs/unreleased/60617-allow-switching-from-gitlab-managed-to-unmanaged-clusters.yml
@@ -0,0 +1,5 @@
+---
+title: Allow switching clusters between managed and unmanaged
+merge_request: 29322
+author:
+type: added
diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md
index 3c5e820c1ca..26d764fa2cf 100644
--- a/doc/user/group/clusters/index.md
+++ b/doc/user/group/clusters/index.md
@@ -57,10 +57,6 @@ differentiate the new cluster from the rest.
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
-NOTE: **Note:**
-Only available when creating clusters. Existing clusters not managed by GitLab
-cannot become GitLab-managed later.
-
You can choose to allow GitLab to manage your cluster for you. If your cluster is
managed by GitLab, resources for your projects will be automatically created. See the
[Access controls](../../project/clusters/index.md#access-controls) section for details on which resources will
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index dc21db603d6..181b20dc710 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -225,10 +225,6 @@ applications running on the cluster.
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
> Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
-NOTE: **Note:**
-Only available when creating clusters. Existing clusters not managed by GitLab
-cannot become GitLab-managed later.
-
You can choose to allow GitLab to manage your cluster for you. If your cluster is
managed by GitLab, resources for your projects will be automatically created. See the
[Access controls](#access-controls) section for details on which resources will
diff --git a/spec/controllers/admin/clusters_controller_spec.rb b/spec/controllers/admin/clusters_controller_spec.rb
index 7b77cb186a4..7709f525119 100644
--- a/spec/controllers/admin/clusters_controller_spec.rb
+++ b/spec/controllers/admin/clusters_controller_spec.rb
@@ -396,6 +396,7 @@ describe Admin::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
base_domain: domain
}
}
@@ -409,6 +410,7 @@ describe Admin::ClustersController do
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
expect(cluster.domain).to eq('test-domain.com')
end
@@ -433,6 +435,7 @@ describe Admin::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
domain: domain
}
}
@@ -445,6 +448,7 @@ describe Admin::ClustersController do
expect(response).to have_http_status(:no_content)
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
end
end
diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb
index 7349cb7094c..2f64c7f3460 100644
--- a/spec/controllers/groups/clusters_controller_spec.rb
+++ b/spec/controllers/groups/clusters_controller_spec.rb
@@ -463,6 +463,7 @@ describe Groups::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
base_domain: domain
}
}
@@ -476,6 +477,7 @@ describe Groups::ClustersController do
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
expect(cluster.domain).to eq('test-domain.com')
end
@@ -500,6 +502,7 @@ describe Groups::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
domain: domain
}
}
@@ -512,6 +515,7 @@ describe Groups::ClustersController do
expect(response).to have_http_status(:no_content)
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
end
end
diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb
index 8d37bd82d21..fa49438287f 100644
--- a/spec/controllers/projects/clusters_controller_spec.rb
+++ b/spec/controllers/projects/clusters_controller_spec.rb
@@ -449,6 +449,7 @@ describe Projects::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
platform_kubernetes_attributes: {
namespace: 'my-namespace'
}
@@ -464,6 +465,7 @@ describe Projects::ClustersController do
expect(flash[:notice]).to eq('Kubernetes cluster was successfully updated.')
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
end
@@ -475,6 +477,7 @@ describe Projects::ClustersController do
cluster: {
enabled: false,
name: 'my-new-cluster-name',
+ managed: false,
platform_kubernetes_attributes: {
namespace: 'my-namespace'
}
@@ -489,6 +492,7 @@ describe Projects::ClustersController do
expect(response).to have_http_status(:no_content)
expect(cluster.enabled).to be_falsey
expect(cluster.name).to eq('my-new-cluster-name')
+ expect(cluster).not_to be_managed
expect(cluster.platform_kubernetes.namespace).to eq('my-namespace')
end
end
diff --git a/spec/models/clusters/platforms/kubernetes_spec.rb b/spec/models/clusters/platforms/kubernetes_spec.rb
index f4dd457c3d3..1fb3a8de808 100644
--- a/spec/models/clusters/platforms/kubernetes_spec.rb
+++ b/spec/models/clusters/platforms/kubernetes_spec.rb
@@ -298,6 +298,46 @@ describe Clusters::Platforms::Kubernetes, :use_clean_rails_memory_store_caching
{ key: 'KUBE_TOKEN', value: kubernetes_namespace.service_account_token, public: false, masked: true }
)
end
+
+ context 'the cluster has been set to unmanaged after the namespace was created' do
+ before do
+ cluster.update!(managed: false)
+ end
+
+ it_behaves_like 'setting variables'
+
+ it 'sets KUBE_TOKEN from the platform' do
+ expect(subject).to include(
+ { key: 'KUBE_TOKEN', value: kubernetes.token, public: false, masked: true }
+ )
+ end
+
+ context 'the platform has a custom namespace set' do
+ before do
+ kubernetes.update!(namespace: 'custom-namespace')
+ end
+
+ it 'sets KUBE_NAMESPACE from the platform' do
+ expect(subject).to include(
+ { key: 'KUBE_NAMESPACE', value: kubernetes.namespace, public: true, masked: false }
+ )
+ end
+ end
+
+ context 'there is no namespace specified on the platform' do
+ let(:project) { cluster.project }
+
+ before do
+ kubernetes.update!(namespace: nil)
+ end
+
+ it 'sets KUBE_NAMESPACE to a default for the project' do
+ expect(subject).to include(
+ { key: 'KUBE_NAMESPACE', value: "#{project.path}-#{project.id}", public: true, masked: false }
+ )
+ end
+ end
+ end
end
context 'namespace is provided' do