configgin 0.18.8 → 0.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/Gemfile.lock +1 -1
- data/lib/configgin.rb +35 -14
- data/lib/configgin/version.rb +1 -1
- data/lib/kube_link_generator.rb +36 -13
- data/update-stemcell.sh +5 -4
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 7afff002f44ef79e750661a23265886a989243c3
|
4
|
+
data.tar.gz: 9b9c28a4869c3d35b9ff0bb029a11f2f40aac885
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8883388252e21304d58e981bd14119b1f6944ab111ed5ed43b1bf1d8733c05199fc7eb3ea31faaeff590362cf64e1fe3ee03584aa294c71b0256b0e98727662d
|
7
|
+
data.tar.gz: 8f5fc2c019b7c4d1429c41cc95e2d2dac09b688b24803538b4d8c4cb09e5e87c732f2e6ecfcad98c71db3a67412d72178bb354c0a8aa4722855cecc89e2ea4dc
|
data/Gemfile.lock
CHANGED
data/lib/configgin.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
require 'base64'
|
1
2
|
require 'json'
|
2
3
|
|
3
4
|
require_relative 'cli'
|
@@ -59,23 +60,43 @@ class Configgin
|
|
59
60
|
|
60
61
|
# Set the exported properties and their digests, and return the digests.
|
61
62
|
def patch_job_metadata(jobs)
|
63
|
+
pod = kube_client.get_pod(@self_name, kube_namespace)
|
64
|
+
|
65
|
+
secret = Kubeclient::Resource.new
|
66
|
+
secret.metadata = {}
|
67
|
+
# Prefixing with pod.metadata.name is purely for human convenience/debugging.
|
68
|
+
secret.metadata.name = "#{pod.metadata.name}-#{pod.metadata.uid}"
|
69
|
+
secret.metadata.namespace = kube_namespace
|
70
|
+
|
71
|
+
# Make sure the secret gets removed when the pod is deleted.
|
72
|
+
secret.metadata.ownerReferences = [
|
73
|
+
{
|
74
|
+
apiVersion: pod.apiVersion,
|
75
|
+
blockOwnerDeletion: false,
|
76
|
+
controller: false,
|
77
|
+
kind: pod.kind,
|
78
|
+
name: pod.metadata.name,
|
79
|
+
uid: pod.metadata.uid,
|
80
|
+
}
|
81
|
+
]
|
82
|
+
|
83
|
+
secret.data = {}
|
62
84
|
digests = {}
|
63
85
|
jobs.each do |name, job|
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
{
|
68
|
-
metadata: {
|
69
|
-
annotations: {
|
70
|
-
:"skiff-exported-properties-#{name}" => job.exported_properties.to_json,
|
71
|
-
:"skiff-exported-digest-#{name}" => digest
|
72
|
-
}
|
73
|
-
}
|
74
|
-
},
|
75
|
-
kube_namespace
|
76
|
-
)
|
77
|
-
digests[name] = digest
|
86
|
+
digests[name] = property_digest(job.exported_properties)
|
87
|
+
secret.data["skiff-exported-properties-#{name}"] = Base64.encode64(job.exported_properties.to_json)
|
88
|
+
secret.data["skiff-exported-digest-#{name}"] = Base64.encode64(digests[name])
|
78
89
|
end
|
90
|
+
|
91
|
+
# Only the main container gets to export properties; colocated sidecars don't.
|
92
|
+
if instance_group == ENV["KUBERNETES_CONTAINER_NAME"]
|
93
|
+
begin
|
94
|
+
kube_client.delete_secret(secret.metadata.name, kube_namespace)
|
95
|
+
rescue
|
96
|
+
end
|
97
|
+
kube_client.create_secret(secret)
|
98
|
+
end
|
99
|
+
|
79
100
|
digests
|
80
101
|
end
|
81
102
|
|
data/lib/configgin/version.rb
CHANGED
data/lib/kube_link_generator.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
require 'base64'
|
1
2
|
require 'digest/sha1'
|
2
3
|
require 'kubeclient'
|
3
4
|
require 'uri'
|
@@ -63,10 +64,13 @@ class KubeLinkSpecs
|
|
63
64
|
pods = _get_pods_for_role(role_name, sts_image)
|
64
65
|
good_pods = pods.select do |pod|
|
65
66
|
next false unless pod.status.podIP
|
66
|
-
|
67
|
+
begin
|
68
|
+
secret = client.get_secret("#{pod.metadata.name}-#{pod.metadata.uid}", namespace)
|
69
|
+
next true if secret.data["skiff-exported-properties-#{job}"]
|
67
70
|
|
68
|
-
|
69
|
-
|
71
|
+
rescue
|
72
|
+
pod.metadata.annotations["skiff-exported-properties-#{job}"]
|
73
|
+
end
|
70
74
|
end
|
71
75
|
|
72
76
|
if options[:wait_for_all]
|
@@ -82,21 +86,40 @@ class KubeLinkSpecs
|
|
82
86
|
end
|
83
87
|
end
|
84
88
|
|
89
|
+
def patch_pod_with_imported_properties(role_name, job_name, digest)
|
90
|
+
client.patch_pod(
|
91
|
+
ENV['HOSTNAME'],
|
92
|
+
{ metadata: { annotations: { :"skiff-in-props-#{role_name}-#{job_name}" => digest } } },
|
93
|
+
namespace
|
94
|
+
)
|
95
|
+
end
|
96
|
+
|
85
97
|
def get_exported_properties(role_name, pod, job_name)
|
86
|
-
|
98
|
+
# Exported properties are stored in a secret linked to the pod by naming convention.
|
99
|
+
begin
|
100
|
+
secret = client.get_secret("#{pod.metadata.name}-#{pod.metadata.uid}", namespace)
|
101
|
+
rescue
|
102
|
+
end
|
103
|
+
|
104
|
+
if !secret.nil?
|
105
|
+
digest = secret.data["skiff-exported-digest-#{job_name}"]
|
106
|
+
# digest not being set only happens during the spec tests???
|
107
|
+
if digest
|
108
|
+
# Copy the digest over, so that if the source role changes we can be restarted.
|
109
|
+
patch_pod_with_imported_properties(role_name, job_name, Base64.decode64(digest))
|
110
|
+
end
|
111
|
+
JSON.parse(Base64.decode64(secret.data["skiff-exported-properties-#{job_name}"]))
|
112
|
+
|
113
|
+
# Older implementation stored exported properties in annotations (one per job).
|
114
|
+
elsif pod.metadata.annotations["skiff-exported-properties-#{job_name}"]
|
115
|
+
# digest not being set only happens during the spec tests???
|
87
116
|
if pod.metadata.annotations["skiff-exported-digest-#{job_name}"]
|
88
|
-
# Copy the digest over, so that if the source role changes we can be
|
89
|
-
# restarted.
|
117
|
+
# Copy the digest over, so that if the source role changes we can be restarted.
|
90
118
|
digest = pod.metadata.annotations["skiff-exported-digest-#{job_name}"]
|
91
|
-
|
92
|
-
ENV['HOSTNAME'],
|
93
|
-
{ metadata: { annotations: { :"skiff-in-props-#{role_name}-#{job_name}" => digest } } },
|
94
|
-
namespace
|
95
|
-
)
|
119
|
+
patch_pod_with_imported_properties(role_name, job_name, digest)
|
96
120
|
end
|
97
121
|
JSON.parse(pod.metadata.annotations["skiff-exported-properties-#{job_name}"])
|
98
|
-
|
99
|
-
JSON.parse(pod.metadata.annotations['skiff-exported-properties'])[job_name]
|
122
|
+
|
100
123
|
else
|
101
124
|
{}
|
102
125
|
end
|
data/update-stemcell.sh
CHANGED
@@ -11,7 +11,8 @@
|
|
11
11
|
|
12
12
|
set -o errexit -o nounset
|
13
13
|
|
14
|
-
|
14
|
+
: "${HELM:=helm}"
|
15
|
+
: "${REPO:=../scf}"
|
15
16
|
|
16
17
|
REPO="$( cd "${REPO}" && echo "${PWD}" )"
|
17
18
|
IMAGE="$( cd "${REPO}" && source .envrc && echo "${FISSILE_STEMCELL}" )"
|
@@ -42,9 +43,9 @@ vagrant_ready=""
|
|
42
43
|
if test -z "${NO_RUN:-}" ; then
|
43
44
|
if ( cd "${REPO}" && (vagrant status 2>/dev/null | grep --quiet running) ) ; then
|
44
45
|
vagrant_ready="true"
|
45
|
-
releases=$(
|
46
|
+
releases=$("${HELM}" list --short)
|
46
47
|
if test -n "${releases}" ; then
|
47
|
-
|
48
|
+
"${HELM}" delete --purge ${releases}
|
48
49
|
fi
|
49
50
|
kubectl delete ns cf ||:
|
50
51
|
kubectl delete ns uaa ||:
|
@@ -100,7 +101,7 @@ vagrant ssh -- -tt <<EOF
|
|
100
101
|
sleep 1
|
101
102
|
done
|
102
103
|
docker images --format={{.Repository}}:{{.Tag}} | \
|
103
|
-
grep -E '/scf-|role-packages' | \
|
104
|
+
grep -E '/scf-|uaa-|role-packages' | \
|
104
105
|
xargs --no-run-if-empty docker rmi -f
|
105
106
|
docker images | \
|
106
107
|
awk '/<none>/ { print \$3 }' | \
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: configgin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- SUSE
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-10-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -182,7 +182,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
182
182
|
version: '0'
|
183
183
|
requirements: []
|
184
184
|
rubyforge_project:
|
185
|
-
rubygems_version: 2.
|
185
|
+
rubygems_version: 2.6.13
|
186
186
|
signing_key:
|
187
187
|
specification_version: 4
|
188
188
|
summary: A simple cli app in Ruby to generate configurations using BOSH ERB templates
|