Add GitLab integration

This adds GitLab as possible SCM and enables authorisation for it
as well

Signed-off-by: Ivana Yovcheva <[email protected]>

README.md

@@ -101,12 +101,17 @@ Log into your Docker registry or the Docker Hub:
 * Open the Docker for Mac/Windows settings and uncheck "store my password securely" / "in a keychain"
 * Run `docker login` to populate `~/.docker/config.json` - this will be used to configure your Docker registry or Docker Hub account for functions.
 
-Setup the GitHub App and OAuth App
+Choose SCM between GitHub and GitLab, by setting `scm: github` or `scm: gitlab`
 
-* Create a GitHub App and download the private key file
+Setup the GitHub / GitLab App and OAuth App
+
+* For GitHub create a GitHub App and download the private key file
   * Read the docs for how to [configure your GitHub App](https://docs.openfaas.com/openfaas-cloud/self-hosted/github/)
-* Create your GitHub OAuth App which is used for logging in to the dashboard
-  * Update `init.yaml` where you see the `### User-input` section including your GitHub App's ID and the path to its private key
+  * Update `init.yaml` where you see the `### User-input` section including your GitHub App's ID, Webhook secret and the path to its private key
+* For GitLab create a System Hook
+  * Update the `### User-input` section including your System Hook's API Token and Webhook secret
+* Create your GitHub / GitLab OAuth App which is used for logging in to the dashboard
+* For GitLab update `init.yaml` with your `gitlab_instance`
 
 Create your own GitHub repo with a CUSTOMERS ACL file
 
@@ -122,7 +127,8 @@ It can be set up on a public cloud provider with a managed Kubernetes offering,
 
 If you'd like to restrict who can log in to just those who use a GitHub account then create a GitHub OAuth App.
 
-Enable `auth` and fill out the required fields such as `client_secret` and `client_id`
+Enable `auth` and fill out the OAuth App `client_id`. Configure `of-client-secret` with the OAuth App Client Secret.
+For GitLab set your `oauth_provider_base_url`.
 
 #### Use TLS (optional)
 
@@ -202,13 +208,20 @@ When ofc-bootstrap has completed and you know the IP of your LoadBalancer:
 * `auth.system.domain`
 * `*.domain`
 
-#### Configure the GitHub App webhook
+#### Configure the GitHub / GitLab App Webhook
 
-Now over on GitHub enter the URL for webhooks:
+Now over on GitHub / GitLab enter the URL for webhooks:
 
+GitHub:
 ```
 http://system.domain.com/github-event
 ```
+GitLab:
+```
+http://system.domain.com/gitlab-event
+```
+
+For more details see the [GitLab instructions](https://github.com/openfaas/openfaas-cloud/blob/master/docs/GITLAB.md) in OpenFaaS Cloud.
 
 Then you need to enter the Webhook secret that was generated during the bootstrap process. Run the following commands to extract and decode it:
 

example.init.yaml

@@ -75,6 +75,23 @@ secrets:
     filters:
       - "auth"
     namespace: "openfaas"
+
+  # Enter your GitLab Webhook secret and API token
+  - name: "gitlab-webhook-secret"
+    literals:
+      - name: "gitlab-webhook-secret"
+        value: "secret"
+    filters:
+      - "scm_gitlab"
+    namespace: "openfaas-fn"
+  - name: "gitlab-api-token"
+    literals:
+      - name: "gitlab-api-token"
+        value: "token"
+    filters:
+      - "scm_gitlab"
+    namespace: "openfaas-fn"
+
   # DNS Service Account secret
 
   ## Use DigitalOcean
@@ -136,13 +153,26 @@ root_domain: "myfaas.club"
 ## Keep active if using a cluster with a LoadBalancer available.
 ingress: loadbalancer
 
+scm: github
+# scm: gitlab
+
 ## Populate from GitHub App
 github:
   app_id: "24304"
 
+## GitLab
+gitlab:
+  gitlab_instance: "https://gitlab.o6s.io/"
+
 ## Populate from OAuth App
 oauth:
-  client_id: 08b72bd8e9e653084264
+  client_id: clientid
+
+  # Uncomment required option
+  oauth_provider_base_url: ""
+  ## For GitLab put yout OAuth provider base URL
+  # oauth_provider_base_url: "https://gitlab.o6s.io"
+
 ## Slack
 ### You can set your own url to get an audit trail in your Slack workspace
 slack:

main.go

@@ -586,14 +586,19 @@ func cloneCloudComponents() error {
 
 func deployCloudComponents(plan types.Plan) error {
 
-	env := ""
+	authEnv := ""
 	if plan.EnableOAuth {
-		env = "ENABLE_OAUTH=true"
+		authEnv = "ENABLE_OAUTH=true"
 	}
+	gitlabEnv := ""
+	if plan.SCM == "gitlab" {
+		gitlabEnv = "GITLAB=true"
+	}
+
 	task := execute.ExecTask{
 		Command: "./scripts/deploy-cloud-components.sh",
 		Shell:   true,
-		Env:     []string{env},
+		Env:     []string{authEnv, gitlabEnv},
 	}
 
 	res, err := task.Execute()

pkg/execute/exec_test.go

@@ -26,7 +26,7 @@ func TestExec_WithShell(t *testing.T) {
 }
 
 func TestExec_WithEnvVars(t *testing.T) {
-	task := ExecTask{Command: "env", Shell: false, Env: []string{"GOTEST=1"}}
+	task := ExecTask{Command: "env", Shell: false, Env: []string{"GOTEST=1", "GOTEST2=2"}}
 	res, err := task.Execute()
 	if err != nil {
 		t.Errorf(err.Error())
@@ -38,6 +38,11 @@ func TestExec_WithEnvVars(t *testing.T) {
 		t.Fail()
 	}
 
+	if !strings.Contains(res.Stdout, "GOTEST2") {
+		t.Errorf("want env to show GOTEST2=2 since we passed that variable")
+		t.Fail()
+	}
+
 }
 
 func TestExec_WithEnvVarsInheritedFromParent(t *testing.T) {

pkg/stack/stack.go

@@ -18,10 +18,12 @@ type gatewayConfig struct {
 }
 
 type authConfig struct {
-	RootDomain   string
-	ClientId     string
-	CustomersURL string
-	Scheme       string
+	RootDomain           string
+	ClientId             string
+	CustomersURL         string
+	Scheme               string
+	OAuthProvider        string
+	OAuthProviderBaseURL string
 }
 
 // Apply creates `templates/gateway_config.yml` to be referenced by stack.yml
@@ -56,6 +58,16 @@ func Apply(plan types.Plan) error {
 		return slackConfigErr
 	}
 
+	if plan.SCM == "gitlab" {
+		gitlabConfigErr := generateTemplate("gitlab", plan, types.Gitlab{
+			GitLabInstance: plan.Gitlab.GitLabInstance,
+		})
+		if gitlabConfigErr != nil {
+			return gitlabConfigErr
+		}
+
+	}
+
 	dashboardConfigErr := generateTemplate("dashboard_config", plan, gatewayConfig{
 		RootDomain: plan.RootDomain, Scheme: scheme,
 	})
@@ -65,10 +77,12 @@ func Apply(plan types.Plan) error {
 
 	if plan.EnableOAuth {
 		ofAuthDepErr := generateTemplate("of-auth-dep", plan, authConfig{
-			RootDomain:   plan.RootDomain,
-			ClientId:     plan.OAuth.ClientId,
-			CustomersURL: plan.CustomersURL,
-			Scheme:       scheme,
+			RootDomain:           plan.RootDomain,
+			ClientId:             plan.OAuth.ClientId,
+			CustomersURL:         plan.CustomersURL,
+			Scheme:               scheme,
+			OAuthProvider:        plan.SCM,
+			OAuthProviderBaseURL: plan.OAuth.OAuthProviderBaseURL,
 		})
 		if ofAuthDepErr != nil {
 			return ofAuthDepErr

pkg/stack/stack_test.go

@@ -3,6 +3,8 @@ package stack
 import (
 	"strings"
 	"testing"
+
+	"github.com/openfaas-incubator/ofc-bootstrap/pkg/types"
 )
 
 func Test_applyTemplateWithAuth(t *testing.T) {
@@ -34,3 +36,25 @@ func Test_applyTemplateWithAuth(t *testing.T) {
 		}
 	}
 }
+
+func Test_gitlabTemplates(t *testing.T) {
+	gitLabInstance := "https://gitlab.test.o6s.io/"
+
+	gitlabTemplateFileName := "../../templates/gitlab.yml"
+
+	generatedValue, err := applyTemplate(gitlabTemplateFileName, types.Gitlab{
+		GitLabInstance: gitLabInstance,
+	})
+
+	if err != nil {
+		t.Errorf("expected no error generating template, but got %s", err.Error())
+		t.Fail()
+		return
+	}
+
+	want := gitLabInstance
+	if strings.Contains(string(generatedValue), want) == false {
+		t.Errorf("want generated value to contain: %q, generated was: %q", want, string(generatedValue))
+		t.Fail()
+	}
+}

pkg/types/types.go

@@ -36,7 +36,9 @@ type Plan struct {
 	RootDomain    string                   `yaml:"root_domain"`
 	Registry      string                   `yaml:"registry"`
 	CustomersURL  string                   `yaml:"customers_url"`
+	SCM           string                   `yaml:"scm"`
 	Github        Github                   `yaml:"github"`
+	Gitlab        Gitlab                   `yaml:"gitlab"`
 	TLS           bool                     `yaml:"tls"`
 	OAuth         OAuth                    `yaml:"oauth"`
 	S3            S3                       `yaml:"s3"`
@@ -82,12 +84,17 @@ type Github struct {
 	PrivateKeyFile string `yaml:"private_key_filename"`
 }
 
+type Gitlab struct {
+	GitLabInstance string `yaml:"gitlab_instance"`
+}
+
 type Slack struct {
 	URL string `yaml:"url"`
 }
 
 type OAuth struct {
-	ClientId string `yaml:"client_id"`
+	ClientId             string `yaml:"client_id"`
+	OAuthProviderBaseURL string `yaml:"oauth_provider_base_url"`
 }
 
 type S3 struct {

scripts/deploy-cloud-components.sh

@@ -58,6 +58,12 @@ echo -n $ADMIN_PASSWORD | faas-cli login --username admin --password-stdin
 
 faas-cli deploy
 
+if [ "$GITLAB" = "true" ] ; then
+    cp ../generated-gitlab.yml ./gitlab.yml
+    echo "Deploying gitlab functions..."
+    faas deploy -f ./gitlab.yml
+fi
+
 cd ./dashboard
 faas-cli template pull https://github.com/openfaas-incubator/node8-express-template
 faas-cli deploy

templates/gitlab.yml

@@ -0,0 +1,78 @@
+provider:
+  name: faas
+  gateway: http://127.0.0.1:8080
+
+functions:
+  system-gitlab-event:
+    lang: go
+    handler: ./gitlab-event
+    image: functions/gitlab-event:0.1.1
+    labels:
+      openfaas-cloud: "1"
+      role: openfaas-system
+    environment:
+      content_type: text/plain
+      validate_customers: true
+      validate_token: false
+      write_debug: true
+      read_debug: true
+      installation_tag: "openfaas-cloud"
+      gitlab_instance: "{{.GitLabInstance}}"
+    environment_file:
+      - gateway_config.yml
+    secrets:
+      - gitlab-webhook-secret
+      - payload-secret
+      - gitlab-api-token 
+
+  gitlab-status:
+    lang: go
+    handler: ./gitlab-status
+    image: functions/gitlab-status:0.1.0
+    labels:
+      openfaas-cloud: "1"
+      role: openfaas-system
+    environment:
+      write_debug: true
+      read_debug: true
+    environment_file:
+      - gateway_config.yml
+    secrets:
+      - gitlab-api-token
+      - payload-secret 
+
+  gitlab-push:
+    lang: go
+    handler: ./gitlab-push
+    image: functions/gitlab-push:0.2.0
+    labels:
+      openfaas-cloud: "1"
+      role: openfaas-system
+    environment:
+      write_debug: true
+      read_debug: true
+    environment_file:
+      - gateway_config.yml
+    secrets:
+      - payload-secret
+
+  ## Post-deployed with gitlab with `gitlab-api-token` secret
+  git-tar:
+    lang: dockerfile
+    handler: ./git-tar
+    image: functions/of-git-tar:0.9.1
+    labels:
+      openfaas-cloud: "1"
+      role: openfaas-system
+    environment:
+      read_timeout: 15m
+      write_timeout: 15m
+      write_debug: true
+      read_debug: true
+    environment_file:
+      - gateway_config.yml
+      - github.yml
+    secrets:
+      - payload-secret
+      - private-key
+      - gitlab-api-token

templates/of-auth-dep.yml

@@ -48,9 +48,9 @@ spec:
           - name: client_id
             value: "{{.ClientId}}"
           - name: oauth_provider_base_url
-            value: "" # If you want to use GitLab, put here address of it. For example: https://gitlab.domain.com
+            value: "{{.OAuthProviderBaseURL}}"
           - name: oauth_provider
-            value: "github"
+            value: "{{.OAuthProvider}}"
 # Local test config
           # - name: external_redirect_domain
           #   value: "http://auth.system.gw.io:8081"