Skip to content

Commit 50dfe17

Browse files
dfateyevdfateyev
committed
K8S-539 gitlab addon fix
1 parent cbab4ee commit 50dfe17

File tree

2 files changed

+220
-1
lines changed

2 files changed

+220
-1
lines changed

manifest.jps

Lines changed: 219 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -785,6 +785,225 @@ addons:
785785
java.lang.Thread.sleep(3000);
786786
return { type: "info", message: "Kubernetes Cluster " + current + " upgrade to " + version + " has been started.\n\nThe update process may take several minutes depending on number of nodes and deployed services." };
787787

788+
- id: gitlab-k8s-addon
789+
type: update
790+
permanent: true
791+
baseUrl: https://raw.githubusercontent.com/jelastic-jps/kubernetes/v1.20.6
792+
name: GitLab Integration
793+
description: Add Kubernetes GitLab integrations
794+
logo: /images/k8s-gitlab.png
795+
settings:
796+
fields:
797+
- type: displayfield
798+
hideLabel: true
799+
markup: This addon provides Kubernetes and GitLab integration. Please select the Gitlab environment from the list.
800+
- type: displayfield
801+
hideLabel: true
802+
- type: envlist
803+
name: envlist
804+
valueField: shortdomain
805+
caption: GitLab environment
806+
807+
buttons:
808+
- caption: Configure
809+
settings: gitlab
810+
action: addon-gitlab-config
811+
loadingText: Configuration...
812+
confirmText: Are you sure?
813+
successText: GitLab integration successfully configured!
814+
- caption: Remove Integration
815+
action: addon-gitlab-remove
816+
confirmText: Any existing Kubernetes and GitLab integration will be removed. Continue?
817+
successText: GitLab integration successfully removed!
818+
819+
actions:
820+
addon-gitlab-config:
821+
- log: '${settings.envlist}'
822+
- cmd[${nodes.k8sm.master.id}]: kubectl get configmaps -n gitlab-managed-apps gitlab-configuration &>/dev/null && echo "true" || echo "false"
823+
- set:
824+
gitlab_installed: ${response.out}
825+
- if ('${this.gitlab_installed}' == 'true'):
826+
return:
827+
type: info
828+
message: This cluster already has GitLab integration!
829+
- env.control.GetEnvInfo:
830+
envName: ${settings.envlist}
831+
- set:
832+
gitlab_domain: ${response.env.domain}
833+
- env.control.ExecCmdByGroup [cp]:
834+
envName: ${settings.envlist}
835+
commandList:
836+
- command: echo ${ROOT_PASSWORD}
837+
- set:
838+
gitlab_pass: ${response.out}
839+
- env.control.ExecCmdByGroup [cp]:
840+
envName: ${settings.envlist}
841+
commandList:
842+
- command: echo ${HTTPS_PORT}
843+
- set:
844+
gitlab_port: ${response.out}
845+
gitlab_http_endpoint: "https://${this.gitlab_domain}:${this.gitlab_port}"
846+
- env.control.ExecCmdByGroup [cp]:
847+
envName: ${settings.envlist}
848+
commandList:
849+
- command: echo ${REGISTRY_PORT}
850+
- set:
851+
gitlab_reg_port: ${response.out}
852+
- env.control.ExecCmdByGroup [cp]:
853+
envName: ${settings.envlist}
854+
commandList:
855+
- command: cat /srv/docker/gitlab/certs/ca.crt | base64 -w 0
856+
- set:
857+
gitlab_ca_instance: ${response.out}
858+
- if ('${this.gitlab_pass}' == '' || '${this.gitlab_port}' == ''):
859+
return:
860+
type: warning
861+
message: Cannot determine GitLab credentials!
862+
- cmd[${nodes.k8sm.master.id}]: kubectl apply -f ${baseUrl}/addons/gitlab/gitlab-service-account.yaml
863+
- cmd[${nodes.k8sm.master.id}]: kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep gitlab-admin | awk '{print $1}') | grep '^token:' | awk '{print $2}'
864+
- set:
865+
gitlab_token: ${response.out}
866+
- cmd[${nodes.k8sm.master.id}]: kubectl cluster-info | sed -r "s/\x1B\[([0-9]{1,3}((;[0-9]{1,3})*)?)?[m|K]//g" | grep 'Kubernetes master' | awk '/http/ {print $NF}'
867+
- set:
868+
gitlab_api_url: ${response.out}
869+
- cmd[${nodes.k8sm.master.id}]: kubectl get secret $(kubectl get secrets | grep default-token | cut -d " " -f 1) -o jsonpath="{['data']['ca\.crt']}" | base64 --decode
870+
- set:
871+
gitlab_ca_cert: ${response.out}
872+
- cmd[${nodes.k8sm.master.id}]: |-
873+
# Login
874+
page_content=$(curl -sk -c gitlab-jar.txt '${this.gitlab_http_endpoint}/users/sign_in')
875+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /new_user.*?authenticity_token"[[:blank:]]value="(.+?)"/' | sed -n 1p)
876+
echo "Sign-in CSRF token: ${csrf_token}"
877+
[ -n "${csrf_token}" ] || exit 1
878+
curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -f -d "user[login]=root&user[password]=${this.gitlab_pass}" --data-urlencode "authenticity_token=${csrf_token}" '${this.gitlab_http_endpoint}/users/sign_in'
879+
- cmd[${nodes.k8sm.master.id}]: |-
880+
# Cluster
881+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt '${this.gitlab_http_endpoint}/admin/clusters')
882+
echo ${page_content} | perl -ne 'print "$1\n" if /data-qa-cluster-name="Kubernetes"[[:blank:]]href="\/admin\/clusters\/(.+?)"/' | sed -n 1p
883+
- if ('${response.out}'):
884+
return:
885+
type: warning
886+
message: GitLab instance already has active integration!
887+
- cmd[${nodes.k8sm.master.id}]: |-
888+
# Settings
889+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt '${this.gitlab_http_endpoint}/admin/application_settings/network')
890+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /meta[[:blank:]]name="csrf-token"[[:blank:]]content="(.+?)"/' | sed -n 1p)
891+
echo "Application settings CSRF token: ${csrf_token}"
892+
[ -n "${csrf_token}" ] || exit 2
893+
curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -f -d "_method=patch&application_setting[allow_local_requests_from_web_hooks_and_services]=1&application_setting[allow_local_requests_from_system_hooks]=1&application_setting[dns_rebinding_protection_enabled]=1" --data-urlencode "authenticity_token=${csrf_token}" '${this.gitlab_http_endpoint}/admin/application_settings/network' || exit 2
894+
curl -sk -b gitlab-jar.txt -c gitlab-jar.txt -f '${this.gitlab_http_endpoint}/admin/application_settings/network' &>/dev/null
895+
- cmd[${nodes.k8sm.master.id}]: |-
896+
# Cluster
897+
for i in {1..5}; do
898+
sleep 10
899+
echo "Attempt ${i} of GitLab Kubernetes cluster creation"
900+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt '${this.gitlab_http_endpoint}/admin/clusters/new')
901+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /new_cluster.*?authenticity_token"[[:blank:]]value="(.+?)"/' | sed -n 1p)
902+
echo "Add cluster CSRF token: ${csrf_token}"
903+
[ -n "${csrf_token}" ] || continue
904+
page_content=$(curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -d "cluster[name]=Kubernetes&cluster[platform_kubernetes_attributes][authorization_type]=rbac&cluster[managed]=1" --data-urlencode "cluster[platform_kubernetes_attributes][api_url]=${this.gitlab_api_url}" --data-urlencode "cluster[platform_kubernetes_attributes][ca_cert]=${this.gitlab_ca_cert}" --data-urlencode "cluster[platform_kubernetes_attributes][token]=${this.gitlab_token}" --data-urlencode "authenticity_token=${csrf_token}" '${this.gitlab_http_endpoint}/admin/clusters/create_user')
905+
cluster_url=$(echo ${page_content} | perl -ne 'print "$1\n" if /You[[:blank:]]are[[:blank:]]being[[:blank:]]\<a[[:blank:]]href="(.+?)"\>redirected/' | sed -n 1p)
906+
echo "Kubernetes GitLab cluster: ${cluster_url}"
907+
[ -n "${cluster_url}" ] && break || continue
908+
done
909+
echo "${page_content}"
910+
[ -n "${cluster_url}" ] || exit 4
911+
cluster_id=$(echo ${cluster_url} | perl -ne 'print "$1\n" if /\/admin\/clusters\/(\d+)$/')
912+
[ -n "${cluster_id}" ] || exit 4
913+
kubectl create ns gitlab-managed-apps
914+
kubectl create configmap gitlab-configuration --from-literal cluster_url="${cluster_url}" --from-literal cluster_id="${cluster_id}" --from-literal cluster_env="${settings.envlist}" -n gitlab-managed-apps
915+
- cmd[${nodes.k8sm.master.id}]: kubectl get configmaps -n gitlab-managed-apps gitlab-configuration -o jsonpath='{.data.cluster_url}'
916+
- set:
917+
gitlab_cluster_url: ${response.out}
918+
- cmd[${nodes.k8sm.master.id}]: |-
919+
# Runner
920+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt "${this.gitlab_cluster_url}")
921+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /csrf-param.*?csrf-token"[[:blank:]]content="(.+?)"/' | sed -n 1p)
922+
echo "Runner CSRF token: ${csrf_token}"
923+
[ -n "${csrf_token}" ] || exit 5
924+
curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -f -H "X-CSRF-Token: ${csrf_token}" "${this.gitlab_cluster_url}/applications/runner" || exit 5
925+
wait-deployment.sh runner-gitlab-runner gitlab-managed-apps 1 720
926+
- cmd[${nodes.k8sm.master.id}]: |-
927+
# Integration
928+
echo '${this.gitlab_ca_instance}' | base64 -d > /var/lib/kubelet/worker-data/gitlab-cacert.crt
929+
echo 'GITLAB_REGISTRY="${this.gitlab_domain}:${this.gitlab_reg_port}"' > /var/lib/kubelet/worker-data/gitlab-integration.conf
930+
wget -nv ${baseUrl}/addons/gitlab/gitlab-integration.sh -O /var/lib/kubelet/worker-data/gitlab-integration.sh
931+
chmod +x /var/lib/kubelet/worker-data/gitlab-integration.sh
932+
- prepare-worker-integration
933+
- init-globals-workers
934+
- apply-worker-integration: ${globals.workers}
935+
936+
addon-gitlab-remove:
937+
- cmd[${nodes.k8sm.master.id}]: kubectl get ns gitlab-managed-apps &>/dev/null && echo "true" || echo "false"
938+
- set:
939+
gitlab_installed: ${response.out}
940+
- if ('${this.gitlab_installed}' == 'false'):
941+
return:
942+
type: info
943+
message: This cluster has no active GitLab integration!
944+
- cmd[${nodes.k8sm.master.id}]: kubectl get configmaps -n gitlab-managed-apps gitlab-configuration -o jsonpath='{.data.cluster_env}'
945+
- set:
946+
gitlab_cluster_env: ${response.out}
947+
- cmd[${nodes.k8sm.master.id}]: kubectl get configmaps -n gitlab-managed-apps gitlab-configuration -o jsonpath='{.data.cluster_id}'
948+
- set:
949+
gitlab_cluster_id: ${response.out}
950+
- env.control.GetEnvInfo:
951+
envName: ${this.gitlab_cluster_env}
952+
- set:
953+
gitlab_domain: ${response.env.domain}
954+
- env.control.ExecCmdByGroup [cp]:
955+
envName: ${this.gitlab_cluster_env}
956+
commandList:
957+
- command: echo ${ROOT_PASSWORD}
958+
- set:
959+
gitlab_pass: ${response.out}
960+
- env.control.ExecCmdByGroup [cp]:
961+
envName: ${this.gitlab_cluster_env}
962+
commandList:
963+
- command: echo ${HTTPS_PORT}
964+
- set:
965+
gitlab_port: ${response.out}
966+
gitlab_http_endpoint: "https://${this.gitlab_domain}:${this.gitlab_port}"
967+
- if ('${this.gitlab_pass}' == '' || '${this.gitlab_port}' == ''):
968+
return:
969+
type: warning
970+
message: Cannot determine GitLab credentials!
971+
- cmd[${nodes.k8sm.master.id}]: |-
972+
# Login
973+
page_content=$(curl -sk -c gitlab-jar.txt '${this.gitlab_http_endpoint}/users/sign_in')
974+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /new_user.*?authenticity_token"[[:blank:]]value="(.+?)"/' | sed -n 1p)
975+
echo "Sign-in CSRF token: ${csrf_token}"
976+
[ -n "${csrf_token}" ] || exit 1
977+
curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -f -d "user[login]=root&user[password]=${this.gitlab_pass}" --data-urlencode "authenticity_token=${csrf_token}" '${this.gitlab_http_endpoint}/users/sign_in'
978+
- cmd[${nodes.k8sm.master.id}]: |-
979+
# Runner
980+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt '${this.gitlab_http_endpoint}/admin/clusters/${this.gitlab_cluster_id}')
981+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /csrf-param.*?csrf-token"[[:blank:]]content="(.+?)"/' | sed -n 1p)
982+
echo "Remove runner CSRF token: ${csrf_token}"
983+
[ -n "${csrf_token}" ] || exit 5
984+
curl -X DELETE -sk -b gitlab-jar.txt -c gitlab-jar.txt -H "X-CSRF-Token: ${csrf_token}" '${this.gitlab_http_endpoint}/admin/clusters/${this.gitlab_cluster_id}/applications/runner'
985+
- cmd[${nodes.k8sm.master.id}]: |-
986+
while true; do kubectl -n gitlab-managed-apps get deploy runner-gitlab-runner --no-headers && sleep 5 || break; done
987+
- cmd[${nodes.k8sm.master.id}]: |-
988+
# Cluster
989+
sleep 10
990+
page_content=$(curl -sk -b gitlab-jar.txt -c gitlab-jar.txt '${this.gitlab_http_endpoint}/admin/clusters/${this.gitlab_cluster_id}')
991+
csrf_token=$(echo ${page_content} | perl -ne 'print "$1\n" if /csrf-param.*?csrf-token"[[:blank:]]content="(.+?)"/' | sed -n 1p)
992+
echo "Remove cluster CSRF token: ${csrf_token}"
993+
[ -n "${csrf_token}" ] || exit 5
994+
curl -X POST -sk -b gitlab-jar.txt -c gitlab-jar.txt -d "_method=delete&no_cleanup=true&confirm_cluster_name_input=Kubernetes" --data-urlencode "authenticity_token=${csrf_token}" '${this.gitlab_http_endpoint}/admin/clusters/${this.gitlab_cluster_id}'
995+
- cmd[${nodes.k8sm.master.id}]: |-
996+
sleep 10
997+
rm -f /var/lib/kubelet/worker-data/gitlab-*
998+
kubectl delete ns gitlab-managed-apps
999+
kubectl delete -f ${baseUrl}/addons/gitlab/gitlab-service-account.yaml
1000+
- init-globals-workers
1001+
- cmd[${globals.workers}]: |-
1002+
wget -nv ${baseUrl}/addons/gitlab/gitlab-integration-remove.sh -O /var/lib/worker/gitlab-integration-remove.sh
1003+
chmod +x /var/lib/worker/gitlab-integration-remove.sh
1004+
/var/lib/worker/gitlab-integration-remove.sh | tee -a /var/log/kubernetes/k8s-worker-integration.log
1005+
rm -f /var/lib/worker/gitlab-*
1006+
7881007
- id: certman-k8s-addon
7891008
type: update
7901009
permanent: true

scripts/beforeinstall.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ var resp = {
1313
scalingMode: "stateless",
1414
nodeGroup: "k8sm",
1515
isRedeploySupport: false,
16-
addons: ["conf-k8s-addon", "upgrade-k8s-addon", "monitor-k8s-addon", "certman-k8s-addon", "rancher-k8s-addon", "regcreds-k8s-addon"],
16+
addons: ["conf-k8s-addon", "upgrade-k8s-addon", "monitor-k8s-addon", "gitlab-k8s-addon", "certman-k8s-addon", "rancher-k8s-addon", "regcreds-k8s-addon"],
1717
displayName: "Control Plane",
1818
extip: false
1919
}, {

0 commit comments

Comments
 (0)