Add endpoint to deploy web terminal pod to agent's namespace

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Problem to solve

We need to set up a deployment of the container designed in #418261 (moved), as well as a namespace, service account, and RBAC rules allowing the pod to access the given k8s cluster.

Proposal

KAS will be responsible for deploying the web terminal to a K8s cluster. See Add KAS Endpoint to deploy a web terminal pod (gitlab-org/cluster-integration/gitlab-agent#479), which introduces a new gRPC endpoint. Rails will then call the KAS gRPC endpoint through the kas-grpc gem, which would be updated as part of the work in KAS.

Add a GraphQL mutation that will call the KAS endpoint that deploys the web terminal to a K8s cluster.

  1. Add a new table to keep a record of the deployed web terminals, ie: cluster_agent_web_terminals with fields:

    • agent_id
    • namespace
    • pod_name
    • timestamps

  2. Upgrade the kas-grpc gem

  3. Introduce a new service (e.g.: KAS::WebTerminal::Deploy) that will make use of the new "deploy web terminal" module in kas-grpc. The arguments to the kas-grpc module are:

    • web terminal image - The image tag should match GitLab's MAJOR and MINOR versions in the following pattern: vMAJOR.MINOR. Example argument: registry.gitlab.com/gitlab-org/cluster-integration/shell-image:v16.4.0
    • agent_id

    KAS optionally accepts a service_account argument. We can leave this blank for now.

  4. In KAS::WebTerminal::Deploy, make sure to record the deployed web terminal details in the cluster_agent_web_terminals table. This will be referenced later in the workflow to delete the web terminal pod.

  5. Add a GraphQL mutation (e.g.: Mutations::KAS::WebTerminal::Deploy) that will call the newly-introduced service

    The GraphQL mutation can be called like:

    mutation { 
  webTerminalDeploy(input: {agentId: "gid://gitlab/Clusters::Agent/1") {
    errors 
    webTerminal { 
      namespace // e.g.: agent-namespace
      podName // e.g.: web-terminal-abcde
    }
  } 
}

Note: The namespace and pod are recorded for a later iteration around clean-up/deletion.

Intended users

Unknown

Feature Usage Metrics

Edited by 🤖 GitLab Bot 🤖