zuul
/
nodepool
Code Issues Proposed changes

Merge "openshiftpods: define ca_crt parameter if available"

This commit is contained in:
Zuul 2020-05-18 12:14:53 +00:00 committed by Gerrit Code Review
parent 2456820f89 48524da2ca
commit fa2a850cb9
3 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nodepool/driver/openshiftpods/handler.py
View File

@ -40,6 +40,7 @@ class OpenshiftPodLauncher(OpenshiftLauncher):
'pod': pod_name, 'pod': pod_name,
'namespace': project, 'namespace': project,
'host': k8s.api_client.configuration.host, 'host': k8s.api_client.configuration.host,
'ca_crt': self.handler.manager.ca_crt,
'skiptls': not k8s.api_client.configuration.verify_ssl, 'skiptls': not k8s.api_client.configuration.verify_ssl,
'token': self.handler.manager.token, 'token': self.handler.manager.token,
'user': 'zuul-worker', 'user': 'zuul-worker',

11
nodepool/driver/openshiftpods/provider.py
View File

@ -12,6 +12,7 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import base64
import logging import logging
import urllib3 import urllib3
import time import time
@ -34,7 +35,7 @@ class OpenshiftPodsProvider(OpenshiftProvider):
self.provider = provider self.provider = provider
self.ready = False self.ready = False
try: try:
self.token, self.k8s_client = self._get_client( self.token, self.ca_crt, self.k8s_client = self._get_client(
provider.context) provider.context)
except kce.ConfigException: except kce.ConfigException:
self.log.exception("Couldn't load client from config") self.log.exception("Couldn't load client from config")
@ -44,6 +45,7 @@ class OpenshiftPodsProvider(OpenshiftProvider):
"config.list_kube_config_contexts()[0]]))\"") "config.list_kube_config_contexts()[0]]))\"")
self.token = None self.token = None
self.k8s_client = None self.k8s_client = None
self.ca_crt = None
self.pod_names = set() self.pod_names = set()
for pool in provider.pools.values(): for pool in provider.pools.values():
self.pod_names.update(pool.labels.keys()) self.pod_names.update(pool.labels.keys())
@ -51,7 +53,12 @@ class OpenshiftPodsProvider(OpenshiftProvider):
def _get_client(self, context): def _get_client(self, context):
conf = config.new_client_from_config(context=context) conf = config.new_client_from_config(context=context)
token = conf.configuration.api_key.get('authorization', '').split()[-1] token = conf.configuration.api_key.get('authorization', '').split()[-1]
return (token, k8s_client.CoreV1Api(conf)) ca = None
if conf.configuration.ssl_ca_cert:
with open(conf.configuration.ssl_ca_cert) as ca_file:
ca = ca_file.read()
ca = base64.b64encode(ca.encode('utf-8')).decode('utf-8')
return (token, ca, k8s_client.CoreV1Api(conf))
def start(self, zk_conn): def start(self, zk_conn):
self.log.debug("Starting") self.log.debug("Starting")

3
nodepool/tests/unit/test_driver_openshiftpods.py
View File

@ -76,7 +76,7 @@ class TestDriverOpenshiftPods(tests.DBTestCase):
self.fake_k8s_client = FakeCoreClient() self.fake_k8s_client = FakeCoreClient()
def fake_get_client(*args): def fake_get_client(*args):
return "fake-token", self.fake_k8s_client return "fake-token", None, self.fake_k8s_client
self.useFixture(fixtures.MockPatchObject( self.useFixture(fixtures.MockPatchObject(
provider.OpenshiftPodsProvider, '_get_client', provider.OpenshiftPodsProvider, '_get_client',
@ -103,6 +103,7 @@ class TestDriverOpenshiftPods(tests.DBTestCase):
self.assertIsNotNone(node.launcher) self.assertIsNotNone(node.launcher)
self.assertEqual(node.connection_type, 'kubectl') self.assertEqual(node.connection_type, 'kubectl')
self.assertEqual(node.connection_port.get('token'), 'fake-token') self.assertEqual(node.connection_port.get('token'), 'fake-token')
self.assertIn('ca_crt', node.connection_port)
self.assertEqual(node.attributes, self.assertEqual(node.attributes,
{'key1': 'value1', 'key2': 'value2'}) {'key1': 'value1', 'key2': 'value2'})