diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/ci/build.rb | 24 | ||||
| -rw-r--r-- | app/models/clusters/kubernetes_namespace.rb | 37 | ||||
| -rw-r--r-- | app/services/clusters/gcp/kubernetes/create_or_update_namespace_service.rb | 2 |
3 files changed, 35 insertions, 28 deletions
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index 889f8ce27a6..9a28e245ebd 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -464,7 +464,9 @@ module Ci end def repo_url - auth = "gitlab-ci-token:#{ensure_token!}@" + return unless token + + auth = "gitlab-ci-token:#{token}@" project.http_url_to_repo.sub(%r{^https?://}) do |prefix| prefix + auth end @@ -725,7 +727,7 @@ module Ci trace = trace.dup Gitlab::Ci::MaskSecret.mask!(trace, project.runners_token) if project - Gitlab::Ci::MaskSecret.mask!(trace, token) + Gitlab::Ci::MaskSecret.mask!(trace, token) if token trace end @@ -814,12 +816,12 @@ module Ci .concat(pipeline.persisted_variables) .append(key: 'CI_JOB_ID', value: id.to_s) .append(key: 'CI_JOB_URL', value: Gitlab::Routing.url_helpers.project_job_url(project, self)) - .append(key: 'CI_JOB_TOKEN', value: token, public: false) + .append(key: 'CI_JOB_TOKEN', value: token.to_s, public: false) .append(key: 'CI_BUILD_ID', value: id.to_s) - .append(key: 'CI_BUILD_TOKEN', value: token, public: false) + .append(key: 'CI_BUILD_TOKEN', value: token.to_s, public: false) .append(key: 'CI_REGISTRY_USER', value: CI_REGISTRY_USER) - .append(key: 'CI_REGISTRY_PASSWORD', value: token, public: false) - .append(key: 'CI_REPOSITORY_URL', value: repo_url, public: false) + .append(key: 'CI_REGISTRY_PASSWORD', value: token.to_s, public: false) + .append(key: 'CI_REPOSITORY_URL', value: repo_url.to_s, public: false) .concat(deploy_token_variables) end end @@ -831,9 +833,9 @@ module Ci variables.append(key: 'GITLAB_FEATURES', value: project.licensed_features.join(',')) variables.append(key: 'CI_SERVER_NAME', value: 'GitLab') variables.append(key: 'CI_SERVER_VERSION', value: Gitlab::VERSION) - variables.append(key: 'CI_SERVER_VERSION_MAJOR', value: gitlab_version_info.major.to_s) - variables.append(key: 'CI_SERVER_VERSION_MINOR', value: gitlab_version_info.minor.to_s) - variables.append(key: 'CI_SERVER_VERSION_PATCH', value: gitlab_version_info.patch.to_s) + variables.append(key: 'CI_SERVER_VERSION_MAJOR', value: Gitlab.version_info.major.to_s) + variables.append(key: 'CI_SERVER_VERSION_MINOR', value: Gitlab.version_info.minor.to_s) + variables.append(key: 'CI_SERVER_VERSION_PATCH', value: Gitlab.version_info.patch.to_s) variables.append(key: 'CI_SERVER_REVISION', value: Gitlab.revision) variables.append(key: 'CI_JOB_NAME', value: name) variables.append(key: 'CI_JOB_STAGE', value: stage) @@ -850,10 +852,6 @@ module Ci end end - def gitlab_version_info - @gitlab_version_info ||= Gitlab::VersionInfo.parse(Gitlab::VERSION) - end - def legacy_variables Gitlab::Ci::Variables::Collection.new.tap do |variables| variables.append(key: 'CI_BUILD_REF', value: sha) diff --git a/app/models/clusters/kubernetes_namespace.rb b/app/models/clusters/kubernetes_namespace.rb index cbd52bfb48b..34f5e38ff79 100644 --- a/app/models/clusters/kubernetes_namespace.rb +++ b/app/models/clusters/kubernetes_namespace.rb @@ -11,9 +11,13 @@ module Clusters belongs_to :project, class_name: '::Project' has_one :platform_kubernetes, through: :cluster + before_validation :set_defaults + validates :namespace, presence: true validates :namespace, uniqueness: { scope: :cluster_id } + validates :service_account_name, presence: true + delegate :ca_pem, to: :platform_kubernetes, allow_nil: true delegate :api_url, to: :platform_kubernetes, allow_nil: true @@ -28,38 +32,43 @@ module Clusters "#{namespace}-token" end - def configure_predefined_credentials - self.namespace = kubernetes_or_project_namespace - self.service_account_name = default_service_account_name - end - def predefined_variables config = YAML.dump(kubeconfig) Gitlab::Ci::Variables::Collection.new.tap do |variables| variables - .append(key: 'KUBE_SERVICE_ACCOUNT', value: service_account_name) - .append(key: 'KUBE_NAMESPACE', value: namespace) - .append(key: 'KUBE_TOKEN', value: service_account_token, public: false) + .append(key: 'KUBE_SERVICE_ACCOUNT', value: service_account_name.to_s) + .append(key: 'KUBE_NAMESPACE', value: namespace.to_s) + .append(key: 'KUBE_TOKEN', value: service_account_token.to_s, public: false) .append(key: 'KUBECONFIG', value: config, public: false, file: true) end end - private - - def kubernetes_or_project_namespace - platform_kubernetes&.namespace.presence || project_namespace + def set_defaults + self.namespace ||= default_platform_kubernetes_namespace + self.namespace ||= default_project_namespace + self.service_account_name ||= default_service_account_name end + private + def default_service_account_name + return unless namespace + "#{namespace}-service-account" end - def project_namespace - Gitlab::NamespaceSanitizer.sanitize(project_slug) + def default_platform_kubernetes_namespace + platform_kubernetes&.namespace.presence + end + + def default_project_namespace + Gitlab::NamespaceSanitizer.sanitize(project_slug) if project_slug end def project_slug + return unless project + "#{project.path}-#{project.id}".downcase end diff --git a/app/services/clusters/gcp/kubernetes/create_or_update_namespace_service.rb b/app/services/clusters/gcp/kubernetes/create_or_update_namespace_service.rb index 2b607681082..b31426556f6 100644 --- a/app/services/clusters/gcp/kubernetes/create_or_update_namespace_service.rb +++ b/app/services/clusters/gcp/kubernetes/create_or_update_namespace_service.rb @@ -23,7 +23,7 @@ module Clusters attr_reader :cluster, :kubernetes_namespace, :platform def configure_kubernetes_namespace - kubernetes_namespace.configure_predefined_credentials + kubernetes_namespace.set_defaults end def create_project_service_account |