root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
112,370 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

184 Commits

Author SHA1 Message Date
Thong Kuah f234aef994 Use http_max_redirects opt to replace monkeypatch 
http_max_redirects was introduced in 4.2.2, so upgrade kubeclient.

The monkey-patch was global so we will have to check that all instances
of Kubeclient::Client are handled.

Spec all methods of KubeClient

This should provide better confidence that we are indeed disallowing
redirection in all cases
 2019-01-25 16:48:37 +13:00
Takuya Noguchi db237d8431 Update Helm to 2.12.2 to address Helm client vulnerability 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
 2019-01-18 09:21:47 +09:00
Thong Kuah dc18272091 Modify service so that it can be re-run 
If the service fails mid-point, then we should be able to re-run this
service. So, detect presence of any previously created Kubernetes
resource and update or create accordingly.

Fix specs accordingly. In the case of finalize_creation_service_spec.rb,
I decided to stub out the async worker rather than maintaining
individual stubs for various kubeclient calls for that worker.

Also add test cases for group clusters
 2018-12-04 15:46:46 +13:00
Stan Hu 681d7139a9 Merge branch 'json-logging-for-k8s' into 'master' 
Json logging for k8s Integration

See merge request gitlab-org/gitlab-ce!23328
 2018-11-27 16:51:34 +00:00
Dylan Griffith 7e7fb6deba Use JSON logging for helm install services 2018-11-27 15:23:02 +01:00
Dylan Griffith 6a66e4a1f1 Don't remove failed install pods 
We want to keep failed install pods around so that it is easier to debug
why a failure occured. With this change we also need to ensure that we
remove a previous pod with the same name before installing so that
re-install does not fail.

Another change here is that we no longer need to catch errors from
delete_pod! in CheckInstallationProgressService as we now catch the
ResourceNotFoundError in Helm::Api. The catch statement in
CheckInstallationProgressService was also probably too broad before and
should have been narrowed down simply to ResourceNotFoundError.
 2018-11-27 12:54:32 +01:00
Amit Rathi c3bad68d1c Merge branch 'master' into certmanager-temp 2018-11-20 17:58:10 +05:30
Amit Rathi 2bb7573380 Updated schema.rb and remove extra char from install_command 2018-11-20 00:02:07 +05:30
Amit Rathi 1c7372ad56 Merge branch 'master' into certmanager-temp 2018-11-19 23:12:52 +05:30
Amit Rathi feee33e0dc Remove application flags 2018-11-19 22:47:59 +05:30
gfyoung 7ec8af5017 Enable even more frozen string for lib/gitlab 
Enables frozen string for the following:

* lib/gitlab/hook_data/**/*.rb
* lib/gitlab/i18n/**/*.rb
* lib/gitlab/import/**/*.rb
* lib/gitlab/import_export/**/*.rb
* lib/gitlab/kubernetes/**/*.rb
* lib/gitlab/legacy_github_import/**/*.rb
* lib/gitlab/manifest_import/**/*.rb
* lib/gitlab/metrics/**/*.rb
* lib/gitlab/middleware/**/*.rb

Partially addresses gitlab-org/gitlab-ce#47424.
 2018-11-16 17:41:14 -08:00
Kamil Trzciński 5b75fcf6f2 Merge branch '49726-upgrade-helm-to-2-11' into 'master' 
Resolve "Upgrade Helm Tiller Version Used By GitLab Managed Apps"

Closes #49726

See merge request gitlab-org/gitlab-ce!22693
 2018-11-16 12:09:26 +00:00
Dylan Griffith 1244533b77 Remove unnecessary --tiller-namespace 2018-11-16 10:57:48 +00:00
Dylan Griffith 9b1a99b03d Use helm version loop instead of sleep in ClientCommand 2018-11-16 10:57:27 +00:00
Dylan Griffith a71b3f6a7c Extract Helm::ClientCommand for shared commands 2018-11-16 10:57:20 +00:00
Dylan Griffith fe1469e12f Upgrade helm to 2.11.0 and upgrade on every install 2018-11-16 10:22:40 +00:00
Kamil Trzciński 5059c15d06 Merge branch '53626-update-config-map-on-install-retry' into 'master' 
Update config map if already present on install

Closes #53626

See merge request gitlab-org/gitlab-ce!22969
 2018-11-15 12:33:40 +00:00
Amit Rathi 161e66890c Set appropriate RBAC flag for cluster applications 2018-11-15 17:52:41 +05:30
Chris Baumbauer 327892b23e Add knative client to kubeclient library 2018-11-15 11:39:43 +00:00
Thong Kuah 429d3e4952 Update config map if already present on install 
When an application install fails, and the user retries install, the
configmap for the application will already exists. If so, we simply
update instead of create.
 2018-11-15 22:39:42 +13:00
Amit Rathi 5c275490ec Merge branch 'master' into certmanager-temp 2018-11-14 10:14:50 +05:30
Amit Rathi 631ab89885 Use email on the account 2018-11-13 20:36:06 +05:30
Thong Kuah 14b3033a0d Show HTTP response code for Kubernetes errors 2018-11-13 12:46:01 +00:00
Amit Rathi 0e4ad53c92 Remove logging from pod.rb 2018-11-13 17:42:34 +05:30
Amit Rathi 7be10a7c21 Remove logging changes 2018-11-13 17:40:38 +05:30
Amit Rathi 6dda43d67e Cleanup 2018-11-13 17:38:04 +05:30
Amit Rathi 206f6747ec Updated logging 2018-11-13 16:57:49 +05:30
Amit Rathi c2407dab3e Merge branch 'master' into certmanager-temp 2018-11-12 12:06:59 +05:30
Dylan Griffith da7836956e Improve Debugging Capabilities For Helm Application Installs 2018-11-09 15:03:24 +00:00
Chris Baumbauer 26673cc827 Fix double-negation 2018-11-06 12:06:37 -08:00
Chris Baumbauer 008126a878 Refactor preinstall/postinstall methods in the helm installer 2018-11-06 12:00:16 -08:00
Chris Baumbauer 97441486ce Fix issue with missing knative cluster role binding, and cleanup tests 2018-11-05 23:55:18 -08:00
Chris Baumbauer c10452d285 Resolve issues raised by Kamil 2018-11-03 10:48:48 -07:00
Chris Baumbauer aa44393e8f Merge branch 'master' into triggermesh-phase1-knative 2018-11-03 10:13:35 -07:00
Amit Rathi 8837519445 Pushing WIP state for backup 2018-11-03 09:08:21 +05:30
Dylan Griffith d86f76320c Use our own docker image for helm install pods 
This will reduce dependencies and failure points during installation. It
will also reduce security risks from untrusted dependencies being able
to effect all our users
 2018-11-02 17:46:33 +00:00
Thong Kuah 5ede567d71 Incorporates Kubernetes Namespace into Cluster's flow 2018-11-02 15:46:15 +00:00
Chris Baumbauer dc078c2417 Merge branch 'master' into triggermesh-phase1-knative 2018-11-02 08:39:25 -07:00
Chris Baumbauer 0ddff09385 Revert Helm version bump 2018-10-29 10:56:46 -07:00
Kamil Trzciński 9e6098a6db Merge branch 'refactor_gitlab_kube_client' into 'master' 
Refactor Gitlab::KubeClient

Closes #52131

See merge request gitlab-org/gitlab-ce!22073
 2018-10-25 12:02:11 +00:00
Chris Baumbauer b5155b90ee Knative support 2018-10-24 22:38:44 -07:00
Chris Baumbauer 661fd213de Update helm version 1.7.2 -> 2.11.0 2018-10-24 15:13:33 -07:00
Thong Kuah a5419138fd Store version within SUPPORTED_API_GROUPS hash 
This removes the ability to pass in a different version. We can instead
create a new entry in the SUPPORTED_API_GROUPS hash for a different
version if need be.
 2018-10-23 23:52:34 +13:00
Thong Kuah 170071e365 DRY up *_clients methods 
Build using `define_method` directly from the constant, saves us writing
api_groups strings twice.
 2018-10-23 23:38:44 +13:00
Thong Kuah 27979aac0a Split hashed_clients into one per api_group 
Essentially make #build_kubeclient do less.

Should be much clearer now
 2018-10-23 23:36:44 +13:00
Thong Kuah 983c4a50d0 Remove api_groups from KubeClient constructor 
We should have access to #core_client, #rbac_client,
and #extensions_client without having to pass in an awkward array.

Also change api_version to default_api_version, which allows us to use a
different version for an individual client. Special case for
apis/extensions which only go up to v1beta1

Makes #hashed_client private

Removes the #clients and #discover! methods which are un-used
 2018-10-23 23:36:43 +13:00
Mayra Cabrera 1e4d615000 Add RoleBinding methods 
Includes RoleBinding methods to Kubeclient and introduce a new lib class
to generate RoleBinding resources.

This MR is part of
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011
 2018-10-22 17:16:14 -05:00
Thong Kuah f6ff32d9bd Port Helm::Api EE extensions to CE 
We will need these utility level code in the future to help upgrade all
helm applications.
 2018-10-01 11:16:07 +13:00
Thong Kuah e6fd3f1986 Port UpgradeCommand to CE 
This is a utility class that we will need in the future to update and
upgrade our managed helm applications, which we do plan to do in CE.
 2018-09-27 18:15:04 +12:00
Thong Kuah a02e35308b Always create `gitlab` service account and service account token regardless of ABAC/RBAC 
This also solves the async nature of the automatic creation of default
service tokens for service accounts. It also makes explicit which
service account token we always use.

create cluster role binding only if the provider has legacy_abac
disabled.
 2018-09-14 16:26:51 +12:00
Thong Kuah 8c8ccd3167 Teach GitLab how to create Secret of type ServiceAccountToken 
Add create_secret to KubeClient
 2018-09-14 16:26:51 +12:00
Thong Kuah 6f2ad2b604 Enable Kubernetes RBAC for GitLab Managed Apps for existing clusters 2018-09-06 10:03:38 +00:00
Mayra Cabrera fc13409637 Resolve "Mutual SSL Auth For Helm TIller" 2018-08-07 12:39:38 +00:00
Thong Kuah 05c7c7e0ef Update Helm Tiller used by gitlab-managed-apps to 2.7.2 2018-08-02 13:19:20 +12:00
Mayra Cabrera b21730116e Revert "Merge branch '48098-mutual-auth-cluster-applications' into 'master'" 
This reverts merge request !20801
 2018-07-31 13:15:18 +00:00
Dylan Griffith 8f41c85760 Minor style improvements for Helm code 2018-07-30 13:08:33 +00:00
Dylan Griffith c6e459d2b5 Use guard clause in Helm::InstallCommand 2018-07-30 13:08:33 +00:00
Dylan Griffith b169ec7fd3 Expand ca -> certificate_authority in Helm::Certificate 2018-07-30 13:08:32 +00:00
Dylan Griffith c7360d13be Combine attr_reader in InstallCommand to one line 2018-07-30 13:08:32 +00:00
Dylan Griffith ca35eb47b7 Minor refactoring of InitCommand and InstallCommand 2018-07-30 13:08:32 +00:00
Dylan Griffith f6ae53bbfc Reduce duplication in code in Gitlab::Kubernetes::Helm::Certificate 2018-07-30 13:08:31 +00:00
Dylan Griffith cb21560b91 Ensure CA + Tiller cert never expire and Helm client cert expires quickly 2018-07-30 13:08:31 +00:00
Dylan Griffith 11edbcccef Get mutual SSL working with helm tiller 2018-07-30 13:08:30 +00:00
Dylan Griffith ce897f11a0 Refactor Cluster Application classes to pass through a has of config files 
This is refactoring in the lead up to passing mutual TLS certs for helm applications. As such we expect all applications to need config files so we can remove the logic about which applications need and do not need this (ie `#config_map?`).
 2018-07-28 09:50:31 +00:00
Tiago Botelho f7abde937d Move kubeclient and namespace variables to the private interface 2018-07-25 09:39:39 +01:00
Tiago Botelho eb7c08c7a6 Backports relevant changes made in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5163 to CE 2018-07-25 09:39:39 +01:00
Mayra Cabrera 8cc2c08aa7 Include wget in apk add command 
Closes #48978
 2018-07-08 10:27:49 -05:00
Mayra Cabrera 5841e92390 Resolve "Unable to install Prometheus on Clusters: 'Error: Chart incompatible with Tiller v2.7.0'" 2018-06-20 12:10:14 +00:00
Alessio Caiazza ce5723c849
Add alpine mirrors while operating on k8s cluster 2018-04-30 15:12:26 +02:00
Pirate Praveen 53e2987ba6 Replace KubeException with Kubeclient::HttpError (kubeclient 3.0) 2018-03-15 08:14:13 +01:00
Mayra Cabrera c607008ee5 Extend Cluster Applications to install GitLab Runner to Kubernetes cluster 2018-03-01 23:46:02 +00:00
Joshua Lambert 1f912880db Enable Prometheus metrics for deployed Ingresses 2018-02-05 12:46:31 +00:00
Mayra Cabrera 1827f398ad Resolve "Managed Prometheus deployment installs a lot of extra stuff" 2018-01-15 16:27:58 +00:00
🙈 jacopo beschi 🙉 729f05f0e3 Adds Rubocop rule for line break around conditionals 2018-01-11 16:34:01 +00:00
Stan Hu b762430795 Fix namespace ambiguity with Kubernetes Pod definitions 
This was causing a spec failure between Gitlab::Kubernetes::Helm::Pod and
Gitlab::Kubernetes::Helm::Api::Pod if one spec loaded the former
definition first.

Closes #41458
 2017-12-24 13:43:46 -08:00
Mayra Cabrera 0d4548026f Extend Cluster Applications to allow installation of Prometheus 2017-12-22 17:23:43 +00:00
Rémy Coutable 97552d46fe
Ensure `Namespace`'s is namespaced in `Gitlab::Kubernetes::Helm#initialize` and fix a transient failing spec due to that 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-12-01 15:55:06 +01:00
Jacopo 181cd299f9 Adds Rubocop rule for line break after guard clause 
Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
 2017-11-16 17:58:29 +01:00
Alessio Caiazza 1471495e15 Review Gitlab::Kubernetes::Namespace 2017-11-07 17:51:30 +01:00
Alessio Caiazza 8ec618a6ed Add Helm InstallCommand 2017-11-07 17:12:41 +01:00
Alessio Caiazza 3f261a499e Add k8s namespace implementation and tests 2017-11-07 14:05:58 +01:00
Alessio Caiazza 44f885eff6
Fix typo 2017-11-03 12:23:08 +01:00
Alessio Caiazza 08752e5d74 Remove `Clusters::Applications::FetchInstallationStatusService` 2017-11-03 10:57:09 +01:00
Alessio Caiazza 31c256c154
General cleanup 2017-11-02 17:01:21 +01:00