Provide ability to reuse project-level knative domains with SSL support

Problem Statement

As a DevOps Engineer, I want to be able to reuse a secure Knative domain across clusters so that I can [FILL IN].

Since #35591 (closed), we have an instance level domain set for Knative that supports SSL. This issue would add the ability to create reusable domains with SSL support at the project level.

Definition of Done

Prereq: Instance level checklist complete: #195961 (closed)

  • UI: Under Settings > Operations, there is a new Project-level settings panel section
  • UI: Within this new section, User can add a new domain
  • UI: Within this new section, User can add a new SSL cert
  • BE: Project level domains and SSL certs have own controller/actions/routes
  • BE: Project level domains and SSL certs reuse DB tables from Instance level
  • BE: GitLab Knative application logic selects all available domains (instance level + project level)

Solution

We'll create a new settings area under Project > Settings > Operations and provide the following fields:

Screen_Shot_2019-12-06_at_11.09.45_AM

All fields are required. We throw a validation if the field is not filled out.

Verifying a domain

Once the domain is added, we provide a CNAME record and verification key. We also show whether the domain is verified in a badge and allow the user to refresh the verification status.

Screen_Shot_2020-02-06_at_12.11.51_PM

Updating a certificate

We also show the certificate, and the user has the ability to update the certificate. If they do choose to update it, then the UI remains the same, but the certificate section show the Cert and Key fields instead (same as pages).

If the user updates the fields the certificate, the Save changes button becomes enabled. The user must add the new cert + key. If it remains blank and they try to save, we throw a validation. If a new cert is not added and they navigate away, then the old cert remains.

Selecting a domain at the cluster level

On the cluster page, we will provide an option to either select the existing domain or utilize a new one. This mimics the pattern we are using for protected branches.

Screen_Shot_2019-11-25_at_12.07.35_PM

Screen_Shot_2019-11-25_at_12.07.20_PM

Deleting domain

Deleting domain follows same pattern determined for instance level domains (#35591 (closed))

Reach

TODO: we need real users behind this issue.

Impact

TDB

Confidence

TODO: we need real users behind this issue.

Effort

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited by 🤖 GitLab Bot 🤖