Make enabling Binary Authorization in GKE clusters easy
Problem to solve
We want to support Binary Authorization for GitLab users.
The first requirement is to enable the feature in the cluster. This can be done during cluster creation or later.
We should make it possible to manage Binary Authorization from the Operations > Kubernetes page for clusters that have been created using our GKE integration.
The GCP project where the cluster is created should have Binary Authorization API enabled. This can be checked before adding the ability to enable the feature.
Add an action in GKE cluster details page (Operations > Kubernetes) to enable Binary Authorization. If Binary Authorization API are not enabled, the option should be disabled and:
- a message should explain how to enable them
- OR a message should link to documentation
- OR an action should allow to enable them for the project
What does success look like, and how can we measure that?
Number of clusters that have Binary Authorization enabled.
Links / references
- Binary Authorization: https://cloud.google.com/binary-authorization/