app/models/clusters/applications/knative.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

# frozen_string_literal: true

module Clusters
  module Applications
    class Knative < ActiveRecord::Base
      VERSION = '0.1.3'.freeze
      REPOSITORY = 'https://storage.googleapis.com/triggermesh-charts'.freeze

      # This is required for helm version <= 2.10.x in order to support
      # Setting up CRDs
      ISTIO_CRDS = 'https://storage.googleapis.com/triggermesh-charts/istio-crds.yaml'.freeze

      self.table_name = 'clusters_applications_knative'

      include ::Clusters::Concerns::ApplicationCore
      include ::Clusters::Concerns::ApplicationStatus
      include ::Clusters::Concerns::ApplicationVersion
      include ::Clusters::Concerns::ApplicationData

      default_value_for :version, VERSION

      validates :hostname, presence: true

      def chart
        'knative/knative'
      end

      def values
        { "domain" => hostname }.to_yaml
      end

      def install_command
        Gitlab::Kubernetes::Helm::InstallCommand.new(
          name: name,
          version: VERSION,
          rbac: cluster.platform_kubernetes_rbac?,
          chart: chart,
          files: files,
          repository: REPOSITORY,
          preinstall: install_script,
          postinstall: setup_knative_role
        )
      end

      private

      def install_script
        ["/usr/bin/kubectl apply -f #{ISTIO_CRDS} >/dev/null"]
      end

      def setup_knative_role
        if !cluster.kubernetes_namespace.nil?
          [
            "echo \'#{create_rolebinding.to_yaml}\' > /tmp/rolebinding.yaml\n",
            "/usr/bin/kubectl apply -f /tmp/rolebinding.yaml > /dev/null"
          ]
        else
          nil
        end
      end

      def create_rolebinding
        {
          "apiVersion" => "rbac.authorization.k8s.io/v1",
          "kind" => "ClusterRoleBinding",
          "metadata" => {
            "name" => create_role_binding_name,
            "namespace" => namespace
          },
          "roleRef" => {
            "apiGroup" => "rbac.authorization.k8s.io",
            "kind" => "ClusterRole",
            "name" => "knative-serving-admin"
          },
          "subjects" => role_subject
        }
      end

      def create_role_binding_name
        "#{namespace}-knative-binding"
      end

      def service_account_name
        cluster.kubernetes_namespace.service_account_name
      end

      def role_subject
        [{ "kind" => 'ServiceAccount', "name" => service_account_name, "namespace" => namespace }]
      end

      def namespace
        cluster.kubernetes_namespace.namespace
      end
    end
  end
end