Monitord Acces Change
This commit is contained in:
@@ -4,6 +4,7 @@ import (
|
||||
"errors"
|
||||
"io"
|
||||
|
||||
wfv1 "github.com/argoproj/argo-workflows/v3/pkg/apis/workflow/v1alpha1"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/watch"
|
||||
)
|
||||
@@ -11,7 +12,12 @@ import (
|
||||
type Tool interface {
|
||||
CreateArgoWorkflow(path string, ns string) (string, error)
|
||||
CreateAccessSecret(user string, password string, storageId string, namespace string) (string, error)
|
||||
// CreateSourceSecret creates an ephemeral K8s Secret holding a pre-signed URL
|
||||
// for a private source resource. The secret is labelled with the execution ID
|
||||
// so it can be bulk-cleaned up after workflow completion.
|
||||
CreateSourceSecret(secretName, presignedURL, executionID, namespace string) error
|
||||
GetArgoWatch(executionId string, wfName string) (watch.Interface, error)
|
||||
GetArgoWorkflow(ns string, wfName string) (*wfv1.Workflow, error)
|
||||
GetPodLogger(ns string, wfName string, podName string) (io.ReadCloser, error)
|
||||
GetS3Secret(storageId string, namespace string) *v1.Secret
|
||||
}
|
||||
|
||||
+29
-1
@@ -75,7 +75,6 @@ func (k *KubernetesTools) CreateArgoWorkflow(path string, ns string) (string, er
|
||||
if !ok {
|
||||
return "", errors.New("decoded object is not a Workflow")
|
||||
}
|
||||
fmt.Println("NAMESPACE", ns)
|
||||
// Create the workflow in the "argo" namespace
|
||||
createdWf, err := k.VersionedSet.ArgoprojV1alpha1().Workflows(ns).Create(context.TODO(), workflow, metav1.CreateOptions{})
|
||||
if err != nil {
|
||||
@@ -113,6 +112,32 @@ func (k *KubernetesTools) CreateAccessSecret(access string, password string, sto
|
||||
return name, nil
|
||||
}
|
||||
|
||||
// CreateSourceSecret creates an ephemeral Opaque Secret containing a pre-signed URL
|
||||
// for a private source resource. The secret is labelled with the execution ID so
|
||||
// it can be bulk-cleaned up after workflow completion.
|
||||
func (k *KubernetesTools) CreateSourceSecret(secretName, presignedURL, executionID, namespace string) error {
|
||||
secret := &v1.Secret{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: secretName,
|
||||
Namespace: namespace,
|
||||
Labels: map[string]string{
|
||||
"oc-execution-id": executionID,
|
||||
"oc-managed-by": "oc-monitord",
|
||||
"oc-secret-type": "source-presigned",
|
||||
},
|
||||
},
|
||||
Type: v1.SecretTypeOpaque,
|
||||
Data: map[string][]byte{
|
||||
"presigned-url": []byte(presignedURL),
|
||||
},
|
||||
}
|
||||
_, err := k.Set.CoreV1().Secrets(namespace).Create(context.TODO(), secret, metav1.CreateOptions{})
|
||||
if err != nil && !k8serrors.IsAlreadyExists(err) {
|
||||
return fmt.Errorf("error creating source secret %s: %w", secretName, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (k *KubernetesTools) GetS3Secret(storageId string, namespace string) *v1.Secret {
|
||||
|
||||
secret, err := k.Set.CoreV1().Secrets(namespace).Get(context.TODO(), storageId+"-secret-s3", metav1.GetOptions{})
|
||||
@@ -139,7 +164,10 @@ func (k *KubernetesTools) GetArgoWatch(executionId string, wfName string) (watch
|
||||
}
|
||||
|
||||
return watcher, nil
|
||||
}
|
||||
|
||||
func (k *KubernetesTools) GetArgoWorkflow(ns string, wfName string) (*wfv1.Workflow, error) {
|
||||
return k.VersionedSet.ArgoprojV1alpha1().Workflows(ns).Get(context.TODO(), wfName, metav1.GetOptions{})
|
||||
}
|
||||
|
||||
func (k *KubernetesTools) GetPodLogger(ns string, wfName string, nodeName string) (io.ReadCloser, error) {
|
||||
|
||||
Reference in New Issue
Block a user