1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# frozen_string_literal: true
module Clusters
module Providers
class Aws < ApplicationRecord
include Gitlab::Utils::StrongMemoize
include Clusters::Concerns::ProviderStatus
include IgnorableColumns
ignore_column :created_by_user_id, remove_with: '13.4', remove_after: '2020-08-22'
self.table_name = 'cluster_providers_aws'
DEFAULT_REGION = 'us-east-1'
belongs_to :cluster, inverse_of: :provider_aws, class_name: 'Clusters::Cluster'
default_value_for :region, DEFAULT_REGION
default_value_for :num_nodes, 3
default_value_for :instance_type, 'm5.large'
attr_encrypted :secret_access_key,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-gcm'
validates :role_arn,
length: 1..2048,
format: {
with: Gitlab::Regex.aws_arn_regex,
message: Gitlab::Regex.aws_arn_regex_message
}
validates :num_nodes,
numericality: {
only_integer: true,
greater_than: 0
}
validates :key_name, :region, :instance_type, :security_group_id, length: { in: 1..255 }
validates :subnet_ids, presence: true
def nullify_credentials
assign_attributes(
access_key_id: nil,
secret_access_key: nil,
session_token: nil
)
end
def api_client
strong_memoize(:api_client) do
::Aws::CloudFormation::Client.new(credentials: credentials, region: region)
end
end
def credentials
strong_memoize(:credentials) do
::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
end
end
def has_rbac_enabled?
true
end
def knative_pre_installed?
false
end
def created_by_user
cluster.user
end
end
end
end
|