debian-mirror-gitlab/lib/gitlab/ci/build/prerequisite/kubernetes_namespace.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

84 lines
2.4 KiB
Ruby
Raw Normal View History

2019-07-07 11:18:12 +05:30
# frozen_string_literal: true
module Gitlab
module Ci
module Build
module Prerequisite
class KubernetesNamespace < Base
def unmet?
deployment_cluster.present? &&
2019-07-31 22:56:46 +05:30
deployment_cluster.managed? &&
2020-01-12 00:16:45 +05:30
missing_namespace?
2019-07-07 11:18:12 +05:30
end
def complete!
return unless unmet?
2019-10-12 21:52:04 +05:30
create_namespace
2019-07-07 11:18:12 +05:30
end
private
2019-10-12 21:52:04 +05:30
def missing_namespace?
kubernetes_namespace.nil? || kubernetes_namespace.service_account_token.blank?
end
2019-07-07 11:18:12 +05:30
def deployment_cluster
build.deployment&.cluster
end
2019-10-12 21:52:04 +05:30
def environment
build.deployment.environment
end
2019-07-07 11:18:12 +05:30
def kubernetes_namespace
strong_memoize(:kubernetes_namespace) do
2020-11-24 15:15:51 +05:30
::Clusters::KubernetesNamespaceFinder.new(
2019-10-12 21:52:04 +05:30
deployment_cluster,
project: environment.project,
2019-12-21 20:55:43 +05:30
environment_name: environment.name,
2019-10-12 21:52:04 +05:30
allow_blank_token: true
).execute
2019-07-07 11:18:12 +05:30
end
end
2019-10-12 21:52:04 +05:30
def create_namespace
2020-01-01 13:55:28 +05:30
namespace = kubernetes_namespace || build_namespace_record
return if conflicting_ci_namespace_requested?(namespace)
2020-11-24 15:15:51 +05:30
::Clusters::Kubernetes::CreateOrUpdateNamespaceService.new(
2019-07-07 11:18:12 +05:30
cluster: deployment_cluster,
2020-01-01 13:55:28 +05:30
kubernetes_namespace: namespace
2019-10-12 21:52:04 +05:30
).execute
end
2020-01-01 13:55:28 +05:30
##
# A namespace can only be specified via gitlab-ci.yml
# for unmanaged clusters, as we currently have no way
# of preventing a job requesting a namespace it
# shouldn't have access to.
#
# To make this clear, we fail the build instead of
# silently using a namespace other than the one
# explicitly specified.
#
# Support for managed clusters will be added in
# https://gitlab.com/gitlab-org/gitlab/issues/38054
def conflicting_ci_namespace_requested?(namespace_record)
build.expanded_kubernetes_namespace.present? &&
namespace_record.namespace != build.expanded_kubernetes_namespace
end
2019-10-12 21:52:04 +05:30
def build_namespace_record
2020-11-24 15:15:51 +05:30
::Clusters::BuildKubernetesNamespaceService.new(
2019-10-12 21:52:04 +05:30
deployment_cluster,
environment: environment
2019-07-07 11:18:12 +05:30
).execute
end
end
end
end
end
end