debian-mirror-gitlab/app/models/clusters/cluster.rb

# frozen_string_literal: true

module Clusters
  class Cluster < ApplicationRecord
    include Presentable
    include Gitlab::Utils::StrongMemoize
    include FromUnion
    include ReactiveCaching

    self.table_name = 'clusters'

    PROJECT_ONLY_APPLICATIONS = {
      Applications::Jupyter.application_name => Applications::Jupyter,
      Applications::Knative.application_name => Applications::Knative
    }.freeze
    APPLICATIONS = {
      Applications::Helm.application_name => Applications::Helm,
      Applications::Ingress.application_name => Applications::Ingress,
      Applications::CertManager.application_name => Applications::CertManager,
      Applications::Runner.application_name => Applications::Runner,
      Applications::Prometheus.application_name => Applications::Prometheus
    }.merge(PROJECT_ONLY_APPLICATIONS).freeze
    DEFAULT_ENVIRONMENT = '*'.freeze
    KUBE_INGRESS_BASE_DOMAIN = 'KUBE_INGRESS_BASE_DOMAIN'.freeze

    belongs_to :user

    has_many :cluster_projects, class_name: 'Clusters::Project'
    has_many :projects, through: :cluster_projects, class_name: '::Project'
    has_one :cluster_project, -> { order(id: :desc) }, class_name: 'Clusters::Project'

    has_many :cluster_groups, class_name: 'Clusters::Group'
    has_many :groups, through: :cluster_groups, class_name: '::Group'

    # we force autosave to happen when we save `Cluster` model
    has_one :provider_gcp, class_name: 'Clusters::Providers::Gcp', autosave: true

    has_one :platform_kubernetes, class_name: 'Clusters::Platforms::Kubernetes', inverse_of: :cluster, autosave: true

    has_one :application_helm, class_name: 'Clusters::Applications::Helm'
    has_one :application_ingress, class_name: 'Clusters::Applications::Ingress'
    has_one :application_cert_manager, class_name: 'Clusters::Applications::CertManager'
    has_one :application_prometheus, class_name: 'Clusters::Applications::Prometheus'
    has_one :application_runner, class_name: 'Clusters::Applications::Runner'
    has_one :application_jupyter, class_name: 'Clusters::Applications::Jupyter'
    has_one :application_knative, class_name: 'Clusters::Applications::Knative'

    has_many :kubernetes_namespaces

    accepts_nested_attributes_for :provider_gcp, update_only: true
    accepts_nested_attributes_for :platform_kubernetes, update_only: true

    validates :name, cluster_name: true
    validates :cluster_type, presence: true
    validates :domain, allow_blank: true, hostname: { allow_numeric_hostname: true }

    validate :restrict_modification, on: :update
    validate :no_groups, unless: :group_type?
    validate :no_projects, unless: :project_type?

    after_save :clear_reactive_cache!

    delegate :status, to: :provider, allow_nil: true
    delegate :status_reason, to: :provider, allow_nil: true
    delegate :on_creation?, to: :provider, allow_nil: true

    delegate :active?, to: :platform_kubernetes, prefix: true, allow_nil: true
    delegate :rbac?, to: :platform_kubernetes, prefix: true, allow_nil: true
    delegate :available?, to: :application_helm, prefix: true, allow_nil: true
    delegate :available?, to: :application_ingress, prefix: true, allow_nil: true
    delegate :available?, to: :application_prometheus, prefix: true, allow_nil: true
    delegate :available?, to: :application_knative, prefix: true, allow_nil: true
    delegate :external_ip, to: :application_ingress, prefix: true, allow_nil: true
    delegate :external_hostname, to: :application_ingress, prefix: true, allow_nil: true

    alias_attribute :base_domain, :domain
    alias_attribute :provided_by_user?, :user?

    enum cluster_type: {
      instance_type: 1,
      group_type: 2,
      project_type: 3
    }

    enum platform_type: {
      kubernetes: 1
    }

    enum provider_type: {
      user: 0,
      gcp: 1
    }

    scope :enabled, -> { where(enabled: true) }
    scope :disabled, -> { where(enabled: false) }
    scope :user_provided, -> { where(provider_type: ::Clusters::Cluster.provider_types[:user]) }
    scope :gcp_provided, -> { where(provider_type: ::Clusters::Cluster.provider_types[:gcp]) }
    scope :gcp_installed, -> { gcp_provided.includes(:provider_gcp).where(cluster_providers_gcp: { status: ::Clusters::Providers::Gcp.state_machines[:status].states[:created].value }) }
    scope :managed, -> { where(managed: true) }

    scope :default_environment, -> { where(environment_scope: DEFAULT_ENVIRONMENT) }

    scope :missing_kubernetes_namespace, -> (kubernetes_namespaces) do
      subquery = kubernetes_namespaces.select('1').where('clusters_kubernetes_namespaces.cluster_id = clusters.id')

      where('NOT EXISTS (?)', subquery)
    end

    scope :with_knative_installed, -> { joins(:application_knative).merge(Clusters::Applications::Knative.available) }

    scope :preload_knative, -> {
      preload(
        :kubernetes_namespaces,
        :platform_kubernetes,
        :application_knative
      )
    }

    def self.ancestor_clusters_for_clusterable(clusterable, hierarchy_order: :asc)
      return [] if clusterable.is_a?(Instance)

      hierarchy_groups = clusterable.ancestors_upto(hierarchy_order: hierarchy_order).eager_load(:clusters)
      hierarchy_groups = hierarchy_groups.merge(current_scope) if current_scope

      hierarchy_groups.flat_map(&:clusters) + Instance.new.clusters
    end

    def status_name
      provider&.status_name || connection_status.presence || :created
    end

    def connection_status
      with_reactive_cache do |data|
        data[:connection_status]
      end
    end

    def calculate_reactive_cache
      return unless enabled?

      { connection_status: retrieve_connection_status }
    end

    def applications
      [
        application_helm || build_application_helm,
        application_ingress || build_application_ingress,
        application_cert_manager || build_application_cert_manager,
        application_prometheus || build_application_prometheus,
        application_runner || build_application_runner,
        application_jupyter || build_application_jupyter,
        application_knative || build_application_knative
      ]
    end

    def provider
      return provider_gcp if gcp?
    end

    def platform
      return platform_kubernetes if kubernetes?
    end

    def all_projects
      if project_type?
        projects
      elsif group_type?
        first_group.all_projects
      else
        Project.none
      end
    end

    def first_project
      strong_memoize(:first_project) do
        projects.first
      end
    end
    alias_method :project, :first_project

    def first_group
      strong_memoize(:first_group) do
        groups.first
      end
    end
    alias_method :group, :first_group

    def instance
      Instance.new if instance_type?
    end

    def kubeclient
      platform_kubernetes.kubeclient if kubernetes?
    end

    ##
    # This is subtly different to #find_or_initialize_kubernetes_namespace_for_project
    # below because it will ignore any namespaces that have not got a service account
    # token. This provides a guarantee that any namespace selected here can be used
    # for cluster operations - a namespace needs to have a service account configured
    # before it it can be used.
    #
    # This is used for selecting a namespace to use when querying a cluster, or
    # generating variables to pass to CI.
    def kubernetes_namespace_for(project)
      find_or_initialize_kubernetes_namespace_for_project(
        project, scope: kubernetes_namespaces.has_service_account_token
      ).namespace
    end

    ##
    # This is subtly different to #kubernetes_namespace_for because it will include
    # namespaces that have yet to receive a service account token. This allows
    # the namespace configuration process to be repeatable - if a namespace has
    # already been created without a token we don't need to create another
    # record entirely, just set the token on the pre-existing namespace.
    #
    # This is used for configuring cluster namespaces.
    def find_or_initialize_kubernetes_namespace_for_project(project, scope: kubernetes_namespaces)
      attributes = { project: project }
      attributes[:cluster_project] = cluster_project if project_type?

      scope.find_or_initialize_by(attributes).tap do |namespace|
        namespace.set_defaults
      end
    end

    def allow_user_defined_namespace?
      project_type? || !managed?
    end

    def kube_ingress_domain
      @kube_ingress_domain ||= domain.presence || instance_domain
    end

    def predefined_variables
      Gitlab::Ci::Variables::Collection.new.tap do |variables|
        break variables unless kube_ingress_domain

        variables.append(key: KUBE_INGRESS_BASE_DOMAIN, value: kube_ingress_domain)
      end
    end

    def knative_services_finder(project)
      @knative_services_finder ||= KnativeServicesFinder.new(self, project)
    end

    private

    def instance_domain
      @instance_domain ||= Gitlab::CurrentSettings.auto_devops_domain
    end

    def retrieve_connection_status
      kubeclient.core_client.discover
    rescue *Gitlab::Kubernetes::Errors::CONNECTION
      :unreachable
    rescue *Gitlab::Kubernetes::Errors::AUTHENTICATION
      :authentication_failure
    rescue Kubeclient::HttpError => e
      kubeclient_error_status(e.message)
    rescue => e
      Gitlab::Sentry.track_acceptable_exception(e, extra: { cluster_id: id })

      :unknown_failure
    else
      :connected
    end

    # KubeClient uses the same error class
    # For connection errors (eg. timeout) and
    # for Kubernetes errors.
    def kubeclient_error_status(message)
      if message&.match?(/timed out|timeout/i)
        :unreachable
      else
        :authentication_failure
      end
    end

    # To keep backward compatibility with AUTO_DEVOPS_DOMAIN
    # environment variable, we need to ensure KUBE_INGRESS_BASE_DOMAIN
    # is set if AUTO_DEVOPS_DOMAIN is set on any of the following options:
    # ProjectAutoDevops#Domain, project variables or group variables,
    # as the AUTO_DEVOPS_DOMAIN is needed for CI_ENVIRONMENT_URL
    #
    # This method should is scheduled to be removed on
    # https://gitlab.com/gitlab-org/gitlab-ce/issues/56959
    def legacy_auto_devops_domain
      if project_type?
        project&.auto_devops&.domain.presence ||
          project.variables.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence ||
          project.group&.variables&.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence
      elsif group_type?
        group.variables.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence
      end
    end

    def restrict_modification
      if provider&.on_creation?
        errors.add(:base, "cannot modify during creation")
        return false
      end

      true
    end

    def no_groups
      if groups.any?
        errors.add(:cluster, 'cannot have groups assigned')
      end
    end

    def no_projects
      if projects.any?
        errors.add(:cluster, 'cannot have projects assigned')
      end
    end
  end
end
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`# frozen_string_literal: true`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`module Clusters`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`class Cluster < ApplicationRecord`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`include Presentable`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`include Gitlab::Utils::StrongMemoize`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`include FromUnion`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`include ReactiveCaching`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`self.table_name = 'clusters'`

New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`PROJECT_ONLY_APPLICATIONS = {`
			`Applications::Jupyter.application_name => Applications::Jupyter,`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`Applications::Knative.application_name => Applications::Knative`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`}.freeze`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`APPLICATIONS = {`
			`Applications::Helm.application_name => Applications::Helm,`
			`Applications::Ingress.application_name => Applications::Ingress,`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`Applications::CertManager.application_name => Applications::CertManager,`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`Applications::Runner.application_name => Applications::Runner,`
			`Applications::Prometheus.application_name => Applications::Prometheus`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`}.merge(PROJECT_ONLY_APPLICATIONS).freeze`
New upstream version 10.6.5+dfsg 2018-05-01 15:08:00 +05:30			`DEFAULT_ENVIRONMENT = '*'.freeze`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`KUBE_INGRESS_BASE_DOMAIN = 'KUBE_INGRESS_BASE_DOMAIN'.freeze`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`belongs_to :user`

			`has_many :cluster_projects, class_name: 'Clusters::Project'`
			`has_many :projects, through: :cluster_projects, class_name: '::Project'`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`has_one :cluster_project, -> { order(id: :desc) }, class_name: 'Clusters::Project'`

			`has_many :cluster_groups, class_name: 'Clusters::Group'`
			`has_many :groups, through: :cluster_groups, class_name: '::Group'`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			# we force autosave to happen when we save `Cluster` model
			`has_one :provider_gcp, class_name: 'Clusters::Providers::Gcp', autosave: true`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`has_one :platform_kubernetes, class_name: 'Clusters::Platforms::Kubernetes', inverse_of: :cluster, autosave: true`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`has_one :application_helm, class_name: 'Clusters::Applications::Helm'`
			`has_one :application_ingress, class_name: 'Clusters::Applications::Ingress'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`has_one :application_cert_manager, class_name: 'Clusters::Applications::CertManager'`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`has_one :application_prometheus, class_name: 'Clusters::Applications::Prometheus'`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`has_one :application_runner, class_name: 'Clusters::Applications::Runner'`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`has_one :application_jupyter, class_name: 'Clusters::Applications::Jupyter'`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`has_one :application_knative, class_name: 'Clusters::Applications::Knative'`

			`has_many :kubernetes_namespaces`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`accepts_nested_attributes_for :provider_gcp, update_only: true`
			`accepts_nested_attributes_for :platform_kubernetes, update_only: true`

			`validates :name, cluster_name: true`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`validates :cluster_type, presence: true`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`validates :domain, allow_blank: true, hostname: { allow_numeric_hostname: true }`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`validate :restrict_modification, on: :update`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`validate :no_groups, unless: :group_type?`
			`validate :no_projects, unless: :project_type?`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`after_save :clear_reactive_cache!`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`delegate :status, to: :provider, allow_nil: true`
			`delegate :status_reason, to: :provider, allow_nil: true`
			`delegate :on_creation?, to: :provider, allow_nil: true`

			`delegate :active?, to: :platform_kubernetes, prefix: true, allow_nil: true`
New upstream version 11.3.10+dfsg 2018-11-20 20:47:30 +05:30			`delegate :rbac?, to: :platform_kubernetes, prefix: true, allow_nil: true`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`delegate :available?, to: :application_helm, prefix: true, allow_nil: true`
			`delegate :available?, to: :application_ingress, prefix: true, allow_nil: true`
			`delegate :available?, to: :application_prometheus, prefix: true, allow_nil: true`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`delegate :available?, to: :application_knative, prefix: true, allow_nil: true`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`delegate :external_ip, to: :application_ingress, prefix: true, allow_nil: true`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`delegate :external_hostname, to: :application_ingress, prefix: true, allow_nil: true`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30
			`alias_attribute :base_domain, :domain`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`alias_attribute :provided_by_user?, :user?`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30
			`enum cluster_type: {`
			`instance_type: 1,`
			`group_type: 2,`
			`project_type: 3`
			`}`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`enum platform_type: {`
			`kubernetes: 1`
			`}`

			`enum provider_type: {`
			`user: 0,`
			`gcp: 1`
			`}`

			`scope :enabled, -> { where(enabled: true) }`
			`scope :disabled, -> { where(enabled: false) }`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`scope :user_provided, -> { where(provider_type: ::Clusters::Cluster.provider_types[:user]) }`
			`scope :gcp_provided, -> { where(provider_type: ::Clusters::Cluster.provider_types[:gcp]) }`
			`scope :gcp_installed, -> { gcp_provided.includes(:provider_gcp).where(cluster_providers_gcp: { status: ::Clusters::Providers::Gcp.state_machines[:status].states[:created].value }) }`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`scope :managed, -> { where(managed: true) }`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30
New upstream version 10.6.5+dfsg 2018-05-01 15:08:00 +05:30			`scope :default_environment, -> { where(environment_scope: DEFAULT_ENVIRONMENT) }`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`scope :missing_kubernetes_namespace, -> (kubernetes_namespaces) do`
			`subquery = kubernetes_namespaces.select('1').where('clusters_kubernetes_namespaces.cluster_id = clusters.id')`

			`where('NOT EXISTS (?)', subquery)`
			`end`

New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`scope :with_knative_installed, -> { joins(:application_knative).merge(Clusters::Applications::Knative.available) }`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30
			`scope :preload_knative, -> {`
			`preload(`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`:kubernetes_namespaces,`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`:platform_kubernetes,`
			`:application_knative`
			`)`
			`}`

			`def self.ancestor_clusters_for_clusterable(clusterable, hierarchy_order: :asc)`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`return [] if clusterable.is_a?(Instance)`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`hierarchy_groups = clusterable.ancestors_upto(hierarchy_order: hierarchy_order).eager_load(:clusters)`
			`hierarchy_groups = hierarchy_groups.merge(current_scope) if current_scope`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`hierarchy_groups.flat_map(&:clusters) + Instance.new.clusters`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`def status_name`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`provider&.status_name \|\| connection_status.presence \|\| :created`
			`end`

			`def connection_status`
			`with_reactive_cache do \|data\|`
			`data[:connection_status]`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`def calculate_reactive_cache`
			`return unless enabled?`

			`{ connection_status: retrieve_connection_status }`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`

			`def applications`
			`[`
			`application_helm \|\| build_application_helm,`
			`application_ingress \|\| build_application_ingress,`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`application_cert_manager \|\| build_application_cert_manager,`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`application_prometheus \|\| build_application_prometheus,`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`application_runner \|\| build_application_runner,`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`application_jupyter \|\| build_application_jupyter,`
			`application_knative \|\| build_application_knative`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`]`
			`end`

			`def provider`
			`return provider_gcp if gcp?`
			`end`

			`def platform`
			`return platform_kubernetes if kubernetes?`
			`end`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`def all_projects`
			`if project_type?`
			`projects`
			`elsif group_type?`
			`first_group.all_projects`
			`else`
			`Project.none`
			`end`
			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`def first_project`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`strong_memoize(:first_project) do`
			`projects.first`
			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`
			`alias_method :project, :first_project`

New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`def first_group`
			`strong_memoize(:first_group) do`
			`groups.first`
			`end`
			`end`
			`alias_method :group, :first_group`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`def instance`
			`Instance.new if instance_type?`
			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`def kubeclient`
			`platform_kubernetes.kubeclient if kubernetes?`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`##`
			`# This is subtly different to #find_or_initialize_kubernetes_namespace_for_project`
			`# below because it will ignore any namespaces that have not got a service account`
			`# token. This provides a guarantee that any namespace selected here can be used`
			`# for cluster operations - a namespace needs to have a service account configured`
			`# before it it can be used.`
			`#`
			`# This is used for selecting a namespace to use when querying a cluster, or`
			`# generating variables to pass to CI.`
			`def kubernetes_namespace_for(project)`
			`find_or_initialize_kubernetes_namespace_for_project(`
			`project, scope: kubernetes_namespaces.has_service_account_token`
			`).namespace`
			`end`

			`##`
			`# This is subtly different to #kubernetes_namespace_for because it will include`
			`# namespaces that have yet to receive a service account token. This allows`
			`# the namespace configuration process to be repeatable - if a namespace has`
			`# already been created without a token we don't need to create another`
			`# record entirely, just set the token on the pre-existing namespace.`
			`#`
			`# This is used for configuring cluster namespaces.`
			`def find_or_initialize_kubernetes_namespace_for_project(project, scope: kubernetes_namespaces)`
			`attributes = { project: project }`
			`attributes[:cluster_project] = cluster_project if project_type?`

			`scope.find_or_initialize_by(attributes).tap do \|namespace\|`
			`namespace.set_defaults`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
			`end`

			`def allow_user_defined_namespace?`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`project_type? \|\| !managed?`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30			`end`

New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`def kube_ingress_domain`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`@kube_ingress_domain \|\|= domain.presence \|\| instance_domain`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`end`

			`def predefined_variables`
			`Gitlab::Ci::Variables::Collection.new.tap do \|variables\|`
			`break variables unless kube_ingress_domain`

			`variables.append(key: KUBE_INGRESS_BASE_DOMAIN, value: kube_ingress_domain)`
			`end`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`def knative_services_finder(project)`
			`@knative_services_finder \|\|= KnativeServicesFinder.new(self, project)`
			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`private`

New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`def instance_domain`
			`@instance_domain \|\|= Gitlab::CurrentSettings.auto_devops_domain`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`def retrieve_connection_status`
			`kubeclient.core_client.discover`
			`rescue *Gitlab::Kubernetes::Errors::CONNECTION`
			`:unreachable`
			`rescue *Gitlab::Kubernetes::Errors::AUTHENTICATION`
			`:authentication_failure`
			`rescue Kubeclient::HttpError => e`
			`kubeclient_error_status(e.message)`
			`rescue => e`
			`Gitlab::Sentry.track_acceptable_exception(e, extra: { cluster_id: id })`

			`:unknown_failure`
			`else`
			`:connected`
			`end`

			`# KubeClient uses the same error class`
			`# For connection errors (eg. timeout) and`
			`# for Kubernetes errors.`
			`def kubeclient_error_status(message)`
			`if message&.match?(/timed out\|timeout/i)`
			`:unreachable`
			`else`
			`:authentication_failure`
			`end`
			`end`

New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`# To keep backward compatibility with AUTO_DEVOPS_DOMAIN`
			`# environment variable, we need to ensure KUBE_INGRESS_BASE_DOMAIN`
			`# is set if AUTO_DEVOPS_DOMAIN is set on any of the following options:`
			`# ProjectAutoDevops#Domain, project variables or group variables,`
			`# as the AUTO_DEVOPS_DOMAIN is needed for CI_ENVIRONMENT_URL`
			`#`
			`# This method should is scheduled to be removed on`
			`# https://gitlab.com/gitlab-org/gitlab-ce/issues/56959`
			`def legacy_auto_devops_domain`
			`if project_type?`
			`project&.auto_devops&.domain.presence \|\|`
			`project.variables.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence \|\|`
			`project.group&.variables&.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence`
			`elsif group_type?`
			`group.variables.find_by(key: 'AUTO_DEVOPS_DOMAIN')&.value.presence`
			`end`
			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`def restrict_modification`
			`if provider&.on_creation?`
			`errors.add(:base, "cannot modify during creation")`
			`return false`
			`end`

			`true`
			`end`
New upstream version 11.5.3+dfsg 2018-12-13 13:39:08 +05:30
			`def no_groups`
			`if groups.any?`
			`errors.add(:cluster, 'cannot have groups assigned')`
			`end`
			`end`

			`def no_projects`
			`if projects.any?`
			`errors.add(:cluster, 'cannot have projects assigned')`
			`end`
			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`
			`end`