diff options
author | Thong Kuah <tkuah@gitlab.com> | 2018-09-07 22:01:37 +1200 |
---|---|---|
committer | Thong Kuah <tkuah@gitlab.com> | 2018-09-14 16:26:51 +1200 |
commit | 9c5050b12226781d49d2ce25d47477eab6a4354b (patch) | |
tree | 2a7eb79693e19b3bc6d85ee1514fa795a4d19ffe | |
parent | 577c79bb58ae80f4d7aef55e76bfeff67a1cfc45 (diff) | |
download | gitlab-ce-9c5050b12226781d49d2ce25d47477eab6a4354b.tar.gz |
Drive creation of a rbac platform_kubernetes off provider#legacy_abac so that there is one single source of truth.
-rw-r--r-- | app/services/clusters/gcp/finalize_creation_service.rb | 10 | ||||
-rw-r--r-- | spec/services/clusters/gcp/finalize_creation_service_spec.rb | 16 |
2 files changed, 13 insertions, 13 deletions
diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb index 40103d8e213..8170e732d48 100644 --- a/app/services/clusters/gcp/finalize_creation_service.rb +++ b/app/services/clusters/gcp/finalize_creation_service.rb @@ -25,7 +25,7 @@ module Clusters private def create_gitlab_service_account! - if rbac_clusters_feature_enabled? + if create_rbac_cluster? Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(kube_client).execute end end @@ -47,17 +47,17 @@ module Clusters end def request_kubernetes_token - service_account_name = rbac_clusters_feature_enabled? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default' + service_account_name = create_rbac_cluster? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default' Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client, service_account_name).execute end def authorization_type - rbac_clusters_feature_enabled? ? 'rbac' : 'abac' + create_rbac_cluster? ? 'rbac' : 'abac' end - def rbac_clusters_feature_enabled? - Feature.enabled?(:rbac_clusters) + def create_rbac_cluster? + !provider.legacy_abac? end def kube_client diff --git a/spec/services/clusters/gcp/finalize_creation_service_spec.rb b/spec/services/clusters/gcp/finalize_creation_service_spec.rb index 278ba795042..1ea41b41771 100644 --- a/spec/services/clusters/gcp/finalize_creation_service_spec.rb +++ b/spec/services/clusters/gcp/finalize_creation_service_spec.rb @@ -28,10 +28,6 @@ describe Clusters::Gcp::FinalizeCreationService do end end - before do - stub_feature_flags(rbac_clusters: false) - end - context 'when suceeded to fetch gke cluster info' do let(:endpoint) { '111.111.111.111' } let(:api_url) { 'https://' + endpoint } @@ -85,7 +81,8 @@ describe Clusters::Gcp::FinalizeCreationService do let(:secret_name) { 'gitlab-token-Y1a' } before do - stub_feature_flags(rbac_clusters: true) + provider.legacy_abac = false + stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_cluster_role_binding(api_url) end @@ -118,7 +115,8 @@ describe Clusters::Gcp::FinalizeCreationService do context 'rbac_clusters feature enabled' do before do - stub_feature_flags(rbac_clusters: true) + provider.legacy_abac = false + stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_cluster_role_binding(api_url) end @@ -140,7 +138,8 @@ describe Clusters::Gcp::FinalizeCreationService do let(:secret_name) { 'gitlab-token-321' } before do - stub_feature_flags(rbac_clusters: true) + provider.legacy_abac = false + stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_cluster_role_binding(api_url) end @@ -158,7 +157,8 @@ describe Clusters::Gcp::FinalizeCreationService do context 'rbac_clusters feature enabled' do before do - stub_feature_flags(rbac_clusters: true) + provider.legacy_abac = false + stub_kubeclient_create_service_account(api_url) stub_kubeclient_create_cluster_role_binding(api_url) end |