Create Kubernetes cluster on GKE from k8s service
What does this MR do?
This MR is the first iteration of GKE integration. Issue => https://gitlab.com/gitlab-org/gitlab-ce/issues/35954
Are there points in the code the reviewer needs to double check?
- Can we create a cluster on GKE?
- Is the created cluster automatically integrated with GitLab Project? (Like, Settting > Integration > kubernetes does)
- Has auth flow been implemented correctly?
- Are there no security issues? (e.g. Leaking a cluster's information to non-authenticated user)
TODO BE
-
GKE Authentication/Authorization -
Authorize users with OAuth to access GKE -
Store token in session -
OAuth Call Routing / Callback set up in GCP Project -
token expiration data validation, or Catch Auth exception -> nullify token in session -
Cluster creation on GKE -
Update `google-api-client to 0.13.6 -
Execute GKE API (creation/get/tracking status) -
Get k8s default token by k8s username/password. (The token will be used for k8s integration in GitLab) -
Threading creation of clusters ( reactive_cache
or Sidekiq) -
When creation running, Forbid update/soft-delete. -
Dry up app/models/ci/cluster.rb -
Machine type -
What if GitLab was restarted during the creation process? -
Cluster controller/model/views -
Routing -
Authentication in GitLab (e.g. before_action :authorize_admin_clusters!
) -
Associate Ci::Cluser with KubernetesService -
clusters#login -
Threading creation of clusters ( reactive_cache
or Sidekiq) -
PollingInterval for FE (status) -
Databse -
end_point -> endpoint -
attr_encrypted -
fk, index -
Transaction if neccesary -
Tests -
spec/controllers/google_api/authorizations_controller.rb -
spec/controllers/projects/clusters_controller.rb -
spec/models/project.rb -
spec/policies/gcp/cluster_policy.rb -
spec/models/gcp/cluster.rb -
spec/serializers/cluster_entity.rb -
spec/serializers/cluster_serializer.rb -
spec/services/ci/create_cluster_service.rb -
spec/services/ci/fetch_gcp_operation_service.rb -
spec/services/ci/fetch_kubernetes_token_service.rb -
spec/services/ci/finalize_cluster_creation_service.rb -
spec/services/ci/integrate_cluster_service.rb -
spec/services/ci/provision_cluster_service.rb -
spec/services/ci/update_cluster_service.rb -
spec/workers/cluster_provision_worker.rb -
spec/workers/concerns/cluster_queue.rb -
spec/workers/wait_for_cluster_creation_worker.rb -
spec/lib/google_api/auth.rb -
spec/lib/google_api/cloud_platform/client.rb [ ] Document-
[ ]New callback for OAuth2 (http://localhost:3000/google_api/authorizations/callback) (Used for authorizing user in GKE): In https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14712
TODO FE
- Add HTML & CSS
-
sidebar -
header -
creation form -
edit view
- Tests
-
Write spec
- JavaScript
-
Handle toggle button based on enabled
status -
Hide Google container engine
title if no polling is done -
Only poll if .scheduled? || .creating?
-
Toggle status visibility based on polling result -
Stop polling if tab is not visible -
Handle toggle click -
Handle update changes -
Handle error while updating changes
- Links
-
Documentation links are missing
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14470#note_42502412)
TODO UX (- General
-
Navigation element says Clusters, but we only have one cluster, so it should be Cluster -
Breadcrumbs Element should be Cluster. It seems to be showing the project path:
- Sign in page
-
Google Sign In button looks blurry on Retina screen. Not a big priority
- Creation page
-
Once sign is successful, we are still showing To create a new cluster on Google Container Engine, please sign in with your Google account:. This text should change to: Please make sure that your Google account meets the following requirements: -
The help page line says Use our help page on cluster integration. It should say Read instead of Use. Also, it's a single sentence, so there should be no period at the end. I realize I put the period in the mockup, sorry about that. -
There don't seem to be any placeholders for the text fields, except the last one -
The Machine type help link should be See machine types
- View page
-
The Enable cluster integration element is h4, which makes it bigger than other titles in the page -
Can we change the Save changes button to just Save? -
Google container engine title should be capitalized -
Success banner message has a period at the end: Cluster was successfully created on Google Container Engine. -
Not sure about this, but what do you think about making the success banner green? Only if it's a one-line change and you think it's a good idea. -
There's an inner shadow at the top of the Remove panel. It's okay if it comes from reusing an existing component. -
The confirmation message for removing the cluster says Cluster was successfully removed. Since we're not removing an actual cluster, I think it should be Cluster integration was... -
Is it possible to space the elements like this? It's okay to use 10px instead of 8px and 20px instead of 16px if it makes things simpler.
login | login | new | edit |
---|---|---|---|
Why was this MR needed?
Issued at https://gitlab.com/gitlab-org/gitlab-ce/issues/35954
Screenshots (if relevant)
TBD
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
[ ] Documentation created/updatedin https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14712 [ ] API support added-
Tests added for this feature/bug - Review
-
Has been reviewed by UX -
Has been reviewed by Frontend -
Has been reviewed by Backend -
Has been reviewed by Database
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Squashed related commits together
What are the relevant issue numbers?
Close https://gitlab.com/gitlab-org/gitlab-ce/issues/35954 Related
Edited by Kamil Trzciński (Back 2025-01-01)