Resolve "API support for group-level clusters" (!30213) · Merge Requests · GitLab.org / GitLab FOSS

Resolve "API support for group-level clusters"

EE MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14519

What does this MR do?

Does this MR meet the acceptance criteria?

Conformity

Performance and testing

Tested the APIs with the following curl commands. It all worked as expected including multiple clusters only working for licensed EE:

curl -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters.json"

curl -k --fail -i -H "Private-Token: $TOKEN" \
  -X POST \
  -H 'Content-Type: application/json' \
  -d '{"name":"cluster-1", "platform_kubernetes_attributes":{"api_url":"https://35.111.51.20","token":"12345","ca_cert":"-----BEGIN CERTIFICATE-----\nMIIDDDCCAfSgAwIBAgIRAPcn86yI0897/tZx4MpXSoowDQYJKoZIhvcNAQELBQAw\nLzEtMCsGA1UEAxMkNjYwNmFjNDYtZWY1Ny00Zjk1LTlkZjktNmU1MmQyZTA3Yzgw\nMB4XDTE5MDYyODAxMDkyMloXDTI0MDYyNjAyMDkyMlowLzEtMCsGA1UEAxMkNjYw\nNmFjNDYtZWY1Ny00Zjk1LTlkZjktNmU1MmQyZTA3YzgwMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAroHLi1+pAX0a1zd872RRzMhzN31MJWOlkBpSuO6C\nkelcY0kz7HHxUbIUVVCBzqdWCzGADmoH4gCSq2O+3w30qm7lk/2cKp5jwXf8OhI6\nzfelmGqufwM5z+YwBV4qj1kx3jwPWcHYoSKufHR86co98c0qOoyzxYrk1VL3+/m3\nbFAhGaLn3v9JFw/ka2dHuotAWEFRRqE7CgEku3l3/nISXnrklFNmkR4a2dHXOMAo\nQX8LkNt+QwN9GDuvBgcwjry17Riwj6e+wMo7L2wzuLydyPOt8ZLzK92/BgV7DHkT\n5/ki0STZ1MWqumuoK0p6Vg371AjX2ymAFQydygPri8SW8QIDAQABoyMwITAOBgNV\nHQ8BAf8EBAMCAgQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEA\nb/u/LGuLjAa0EJDNhO8okr/iz1TOjvZAgn8RO3FVos5wka7HFTD4f5vtBG3Izc2d\ncKPqllDU6lbIgidxQlc2nLiYx+iRIxfmvYu0RAnuzbz8MkDRtG+k7FpHAsbP3xc2\nHtTMUiKEQWmqNSwyk2wtM1p9Y/fcO+5HPvUQgKqnsdJ3LZovR8VugZJ1p4m1a5UU\nOUBEYp09/aBUo70tjIMiVN0LJ23Jv5lgl5VTt7xB4OV985dHtw1VzBJiYlFWobtY\nULaX6ZXVfFRfxdEf/9wcGZ2v1NRhl0qF1gZkAMT+aLC4IhKFzv1KPHWlk/wGCHrs\nI74LPHZWPlBfdJ++BsYuxw==\n-----END CERTIFICATE-----\n"}}' \
  "$HOST/api/v4/groups/clusters-group/clusters/user"

id=$(curl -k --fail -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters.json" | jq .[0].id)

curl -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters/$id.json"

curl -X DELETE -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters/$id.json"

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Closes #55623 (closed)

EE MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14519

## What does this MR do?

## Does this MR meet the acceptance criteria?

### Conformity

- [x] [Changelog entry](https://docs.gitlab.com/ee/development/changelog.html) 
- [x] [Documentation created/updated](https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html) or [follow-up review issue created](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review)
- [x] [Code review guidelines](https://docs.gitlab.com/ee/development/code_review.html)
- [x] [Merge request performance guidelines](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html)
- [x] [Style guides](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/doc/development/contributing/style_guides.md)
- [x] [Database guides](https://docs.gitlab.com/ee/development/README.html#databases-guides)
- [x] [Separation of EE specific content](https://docs.gitlab.com/ee/development/ee_features.html#separation-of-ee-code)

### Performance and testing

Tested the APIs with the following `curl` commands. It all worked as expected including multiple clusters only working for licensed EE:

```bash
curl -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters.json"

curl -k --fail -i -H "Private-Token: $TOKEN" \
  -X POST \
  -H 'Content-Type: application/json' \
  -d '{"name":"cluster-1", "platform_kubernetes_attributes":{"api_url":"https://35.111.51.20","token":"12345","ca_cert":"-----BEGIN CERTIFICATE-----\nMIIDDDCCAfSgAwIBAgIRAPcn86yI0897/tZx4MpXSoowDQYJKoZIhvcNAQELBQAw\nLzEtMCsGA1UEAxMkNjYwNmFjNDYtZWY1Ny00Zjk1LTlkZjktNmU1MmQyZTA3Yzgw\nMB4XDTE5MDYyODAxMDkyMloXDTI0MDYyNjAyMDkyMlowLzEtMCsGA1UEAxMkNjYw\nNmFjNDYtZWY1Ny00Zjk1LTlkZjktNmU1MmQyZTA3YzgwMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAroHLi1+pAX0a1zd872RRzMhzN31MJWOlkBpSuO6C\nkelcY0kz7HHxUbIUVVCBzqdWCzGADmoH4gCSq2O+3w30qm7lk/2cKp5jwXf8OhI6\nzfelmGqufwM5z+YwBV4qj1kx3jwPWcHYoSKufHR86co98c0qOoyzxYrk1VL3+/m3\nbFAhGaLn3v9JFw/ka2dHuotAWEFRRqE7CgEku3l3/nISXnrklFNmkR4a2dHXOMAo\nQX8LkNt+QwN9GDuvBgcwjry17Riwj6e+wMo7L2wzuLydyPOt8ZLzK92/BgV7DHkT\n5/ki0STZ1MWqumuoK0p6Vg371AjX2ymAFQydygPri8SW8QIDAQABoyMwITAOBgNV\nHQ8BAf8EBAMCAgQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEA\nb/u/LGuLjAa0EJDNhO8okr/iz1TOjvZAgn8RO3FVos5wka7HFTD4f5vtBG3Izc2d\ncKPqllDU6lbIgidxQlc2nLiYx+iRIxfmvYu0RAnuzbz8MkDRtG+k7FpHAsbP3xc2\nHtTMUiKEQWmqNSwyk2wtM1p9Y/fcO+5HPvUQgKqnsdJ3LZovR8VugZJ1p4m1a5UU\nOUBEYp09/aBUo70tjIMiVN0LJ23Jv5lgl5VTt7xB4OV985dHtw1VzBJiYlFWobtY\nULaX6ZXVfFRfxdEf/9wcGZ2v1NRhl0qF1gZkAMT+aLC4IhKFzv1KPHWlk/wGCHrs\nI74LPHZWPlBfdJ++BsYuxw==\n-----END CERTIFICATE-----\n"}}' \
  "$HOST/api/v4/groups/clusters-group/clusters/user"

id=$(curl -k --fail -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters.json" | jq .[0].id)

curl -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters/$id.json"

curl -X DELETE -k --fail -i -H "Private-Token: $TOKEN" \
  "$HOST/api/v4/groups/clusters-group/clusters/$id.json"
```

<!-- What risks does this change pose? How might it affect the quality/performance of the product?
What additional test coverage or changes to tests will be needed?
Will it require cross-browser testing?
See the test engineering process for further guidelines: https://about.gitlab.com/handbook/engineering/quality/guidelines/test-engineering/

If cross-browser testing is not required, please remove the relevant item, or mark it as not needed: [-] -->

- [ ] [Review and add/update tests for this feature/bug](https://docs.gitlab.com/ee/development/testing_guide/index.html). Consider [all test levels](https://docs.gitlab.com/ee/development/testing_guide/testing_levels.html). See the [Test Planning Process](https://about.gitlab.com/handbook/engineering/quality/guidelines/test-engineering/).
- [ ] [Tested in all supported browsers](https://docs.gitlab.com/ee/install/requirements.html#supported-web-browsers)

### Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in [the security review guidelines](https://about.gitlab.com/handbook/engineering/security/#when-to-request-a-security-review):

- [ ] Label as ~security and @ mention `@gitlab-com/gl-security/appsec`
- [ ] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [ ] Security reports checked/validated by a reviewer from the AppSec team

Closes #55623

Edited Jul 03, 2019 by Dylan Griffith