added the methods to write the appropriate argo annotation when using a storage of type s3 as an artifact repository, with hardcoded credentials
This commit is contained in:
pb
@@ -2,7 +2,6 @@ package tools
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
@@ -13,8 +12,8 @@ import (
|
||||
|
||||
wfv1 "github.com/argoproj/argo-workflows/v3/pkg/apis/workflow/v1alpha1"
|
||||
"github.com/argoproj/argo-workflows/v3/pkg/client/clientset/versioned"
|
||||
"github.com/google/uuid"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
k8serrors "k8s.io/apimachinery/pkg/api/errors"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||
@@ -31,7 +30,7 @@ type KubernetesTools struct {
|
||||
func NewKubernetesTool() (Tool, error) {
|
||||
// Load Kubernetes config (from ~/.kube/config)
|
||||
config := &rest.Config{
|
||||
Host: conf.GetConfig().KubeHost + ":" + conf.GetConfig().KubePort,
|
||||
Host: "https://" + conf.GetConfig().KubeHost + ":" + conf.GetConfig().KubePort,
|
||||
TLSClientConfig: rest.TLSClientConfig{
|
||||
CAData: []byte(conf.GetConfig().KubeCA),
|
||||
CertData: []byte(conf.GetConfig().KubeCert),
|
||||
@@ -88,21 +87,20 @@ func (k *KubernetesTools) CreateArgoWorkflow(path string, ns string) (string, er
|
||||
return createdWf.Name, nil
|
||||
}
|
||||
|
||||
func (k *KubernetesTools) CreateAccessSecret(ns string, login string, password string) (string, error) {
|
||||
func (k *KubernetesTools) CreateAccessSecret(access string, password string, storageId string, namespace string) (string, error) {
|
||||
// Namespace where the secret will be created
|
||||
namespace := "default"
|
||||
// Encode the secret data (Kubernetes requires base64-encoded values)
|
||||
secretData := map[string][]byte{
|
||||
"access-key": []byte(base64.StdEncoding.EncodeToString([]byte(login))),
|
||||
"secret-key": []byte(base64.StdEncoding.EncodeToString([]byte(password))),
|
||||
"access-key": []byte(access),
|
||||
"secret-key": []byte(password),
|
||||
}
|
||||
|
||||
// Define the Secret object
|
||||
name := uuid.New().String()
|
||||
name := storageId+"-secret-s3"
|
||||
secret := &v1.Secret{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: ns,
|
||||
Namespace: namespace,
|
||||
},
|
||||
Type: v1.SecretTypeOpaque,
|
||||
Data: secretData,
|
||||
@@ -112,9 +110,28 @@ func (k *KubernetesTools) CreateAccessSecret(ns string, login string, password s
|
||||
if err != nil {
|
||||
return "", errors.New("Error creating secret: " + err.Error())
|
||||
}
|
||||
|
||||
return name, nil
|
||||
}
|
||||
|
||||
func (k *KubernetesTools) GetS3Secret(storageId string, namespace string) *v1.Secret {
|
||||
|
||||
secret, err := k.Set.CoreV1().Secrets(namespace).Get(context.TODO(), storageId + "-secret-s3", metav1.GetOptions{})
|
||||
// Get(context.TODO(),storageId + "-artifact-server", metav1.GetOptions{})
|
||||
|
||||
if err != nil && !k8serrors.IsNotFound(err) {
|
||||
l := utils.GetLogger()
|
||||
l.Fatal().Msg("An error happened when retrieving secret in " + namespace + " : " + err.Error())
|
||||
}
|
||||
if k8serrors.IsNotFound(err) {
|
||||
return nil
|
||||
}
|
||||
|
||||
return secret
|
||||
// return secret
|
||||
}
|
||||
|
||||
|
||||
func (k *KubernetesTools) GetArgoWatch(executionId string, wfName string) (watch.Interface, error){
|
||||
options := metav1.ListOptions{FieldSelector: "metadata.name=oc-monitor-"+wfName}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user