diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/projects/clusters/gcp_controller.rb | 45 | ||||
-rw-r--r-- | app/controllers/projects/clusters/user_controller.rb | 41 | ||||
-rw-r--r-- | app/controllers/projects/clusters_controller.rb | 113 |
3 files changed, 109 insertions, 90 deletions
diff --git a/app/controllers/projects/clusters/gcp_controller.rb b/app/controllers/projects/clusters/gcp_controller.rb deleted file mode 100644 index 9741164377b..00000000000 --- a/app/controllers/projects/clusters/gcp_controller.rb +++ /dev/null @@ -1,45 +0,0 @@ -class Projects::Clusters::GcpController < Projects::ApplicationController - include ClustersHelper - before_action :authorize_read_cluster! - before_action :authorize_create_cluster!, only: [:create] - helper_method :gcp_authorize_url - helper_method :token_in_session - helper_method :valid_gcp_token - - def create - if valid_gcp_token - @cluster = ::Clusters::CreateService - .new(project, current_user, create_params) - .execute(token_in_session) - - if @cluster.persisted? - redirect_to project_cluster_path(project, @cluster) - else - @gcp_cluster = @cluster - user_cluster - - render 'projects/clusters/new', locals: { active_tab: 'gcp' } - end - else - redirect_to new_project_cluster_path(@project) - end - end - - private - - def create_params - params.require(:cluster).permit( - :enabled, - :name, - :environment_scope, - provider_gcp_attributes: [ - :gcp_project_id, - :zone, - :num_nodes, - :machine_type - ]).merge( - provider_type: :gcp, - platform_type: :kubernetes - ) - end -end diff --git a/app/controllers/projects/clusters/user_controller.rb b/app/controllers/projects/clusters/user_controller.rb deleted file mode 100644 index 40bc3dc6f08..00000000000 --- a/app/controllers/projects/clusters/user_controller.rb +++ /dev/null @@ -1,41 +0,0 @@ -class Projects::Clusters::UserController < Projects::ApplicationController - include ClustersHelper - before_action :authorize_read_cluster! - before_action :authorize_create_cluster!, only: [:create] - helper_method :gcp_authorize_url - helper_method :token_in_session - helper_method :valid_gcp_token - - def create - @cluster = ::Clusters::CreateService - .new(project, current_user, create_params) - .execute - - if @cluster.persisted? - redirect_to project_cluster_path(project, @cluster) - else - @user_cluster = @cluster - gcp_cluster - - render 'projects/clusters/new', locals: { active_tab: 'user' } - end - end - - private - - def create_params - params.require(:cluster).permit( - :enabled, - :name, - :environment_scope, - platform_kubernetes_attributes: [ - :namespace, - :api_url, - :token, - :ca_cert - ]).merge( - provider_type: :user, - platform_type: :kubernetes - ) - end -end diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb index 38140fe9f27..62193257940 100644 --- a/app/controllers/projects/clusters_controller.rb +++ b/app/controllers/projects/clusters_controller.rb @@ -1,16 +1,15 @@ class Projects::ClustersController < Projects::ApplicationController - include ClustersHelper - before_action :cluster, except: [:index, :new] + before_action :cluster, except: [:index, :new, :create_gcp, :create_user] before_action :authorize_read_cluster! + before_action :generate_gcp_authorize_url, only: [:new] + before_action :validate_gcp_token, only: [:new] before_action :gcp_cluster, only: [:new] before_action :user_cluster, only: [:new] before_action :authorize_create_cluster!, only: [:new] before_action :authorize_update_cluster!, only: [:update] before_action :authorize_admin_cluster!, only: [:destroy] before_action :update_applications_status, only: [:status] - helper_method :gcp_authorize_url helper_method :token_in_session - helper_method :valid_gcp_token STATUS_POLLING_INTERVAL = 10_000 @@ -70,6 +69,38 @@ class Projects::ClustersController < Projects::ApplicationController end end + def create_gcp + @gcp_cluster = ::Clusters::CreateService + .new(project, current_user, create_gcp_cluster_params) + .execute(token_in_session) + + if @gcp_cluster.persisted? + redirect_to project_cluster_path(project, @gcp_cluster) + else + generate_gcp_authorize_url + validate_gcp_token + user_cluster + + render :new, locals: { active_tab: 'gcp' } + end + end + + def create_user + @user_cluster = ::Clusters::CreateService + .new(project, current_user, create_user_cluster_params) + .execute(token_in_session) + + if @user_cluster.persisted? + redirect_to project_cluster_path(project, @user_cluster) + else + generate_gcp_authorize_url + validate_gcp_token + gcp_cluster + + render :new, locals: { active_tab: 'user' } + end + end + private def cluster @@ -101,6 +132,80 @@ class Projects::ClustersController < Projects::ApplicationController end end + def create_gcp_cluster_params + params.require(:cluster).permit( + :enabled, + :name, + :environment_scope, + provider_gcp_attributes: [ + :gcp_project_id, + :zone, + :num_nodes, + :machine_type + ]).merge( + provider_type: :gcp, + platform_type: :kubernetes + ) + end + + def create_user_cluster_params + params.require(:cluster).permit( + :enabled, + :name, + :environment_scope, + platform_kubernetes_attributes: [ + :namespace, + :api_url, + :token, + :ca_cert + ]).merge( + provider_type: :user, + platform_type: :kubernetes + ) + end + + def generate_gcp_authorize_url + state = generate_session_key_redirect(new_project_cluster_path(@project).to_s) + + @authorize_url = GoogleApi::CloudPlatform::Client.new( + nil, callback_google_api_auth_url, + state: state).authorize_url + rescue GoogleApi::Auth::ConfigMissingError + # no-op + end + + def gcp_cluster + @gcp_cluster = ::Clusters::Cluster.new.tap do |cluster| + cluster.build_provider_gcp + end + end + + def user_cluster + @user_cluster = ::Clusters::Cluster.new.tap do |cluster| + cluster.build_platform_kubernetes + end + end + + def validate_gcp_token + @valid_gcp_token = GoogleApi::CloudPlatform::Client.new(token_in_session, nil) + .validate_token(expires_at_in_session) + end + + def token_in_session + session[GoogleApi::CloudPlatform::Client.session_key_for_token] + end + + def expires_at_in_session + @expires_at_in_session ||= + session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] + end + + def generate_session_key_redirect(uri) + GoogleApi::CloudPlatform::Client.new_session_key_for_redirect_uri do |key| + session[key] = uri + end + end + def authorize_update_cluster! access_denied! unless can?(current_user, :update_cluster, cluster) end |