k8s-client 0.3.4 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/k8s-client.gemspec +1 -0
- data/lib/k8s/client.rb +8 -2
- data/lib/k8s/client/version.rb +1 -1
- data/lib/k8s/resource.rb +29 -1
- data/lib/k8s/resource_client.rb +22 -3
- data/lib/k8s/stack.rb +29 -32
- data/lib/k8s/transport.rb +8 -1
- data/lib/k8s/util.rb +42 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ac23332f18be9e1b95502a9526eab9ed5e4f31a379540387c452802be09b61dc
|
|
4
|
+
data.tar.gz: 673e7eb930084bb9dd49353d87de7dc54631e8b4a8a85f3bb707c28573ca8441
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f19573347f0f74af1e6eb9da2d8aa61d469aa6de69b2deef3938a39f74758191e5edc0f931d33e3953c3f3a96accb0463cfda704dec16d731b700a10e6f8fe7c
|
|
7
|
+
data.tar.gz: 426356558b0772b51324624ad06ee4ed3b6bef519fd78d845df5f020cf515f81ae1a4bc11febcae3609b425d46ca804645b17e53d891c52e26f9215d4586b4a4
|
data/k8s-client.gemspec
CHANGED
|
@@ -27,6 +27,7 @@ Gem::Specification.new do |spec|
|
|
|
27
27
|
spec.add_runtime_dependency "dry-struct", "~> 0.5.0"
|
|
28
28
|
spec.add_runtime_dependency "deep_merge", "~> 1.2.1"
|
|
29
29
|
spec.add_runtime_dependency "recursive-open-struct", "~> 1.1.0"
|
|
30
|
+
spec.add_runtime_dependency 'hashdiff', '~> 0.3.7'
|
|
30
31
|
|
|
31
32
|
spec.add_development_dependency "bundler", "~> 1.16"
|
|
32
33
|
spec.add_development_dependency "rake", "~> 10.0"
|
data/lib/k8s/client.rb
CHANGED
|
@@ -165,9 +165,15 @@ module K8s
|
|
|
165
165
|
end
|
|
166
166
|
|
|
167
167
|
# @param resource [K8s::Resource]
|
|
168
|
+
# @param options [Hash]
|
|
169
|
+
# @see ResourceClient#delete for options
|
|
168
170
|
# @return [K8s::Resource]
|
|
169
|
-
def delete_resource(resource)
|
|
170
|
-
client_for_resource(resource).delete_resource(resource)
|
|
171
|
+
def delete_resource(resource, **options)
|
|
172
|
+
client_for_resource(resource).delete_resource(resource, **options)
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
def patch_resource(resource, attrs)
|
|
176
|
+
client_for_resource(resource).json_patch(resource.metadata.name, attrs)
|
|
171
177
|
end
|
|
172
178
|
end
|
|
173
179
|
end
|
data/lib/k8s/client/version.rb
CHANGED
data/lib/k8s/resource.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require 'deep_merge'
|
|
2
2
|
require 'recursive-open-struct'
|
|
3
|
+
require 'hashdiff'
|
|
3
4
|
|
|
4
5
|
module K8s
|
|
5
6
|
# generic untyped resource
|
|
@@ -60,9 +61,36 @@ module K8s
|
|
|
60
61
|
h = to_hash
|
|
61
62
|
|
|
62
63
|
# merge in-place
|
|
63
|
-
h.deep_merge!(attrs.to_hash, overwrite_arrays: true)
|
|
64
|
+
h.deep_merge!(attrs.to_hash, overwrite_arrays: true, merge_nil_values: true)
|
|
64
65
|
|
|
65
66
|
self.class.new(h)
|
|
66
67
|
end
|
|
68
|
+
|
|
69
|
+
def checksum
|
|
70
|
+
@checksum ||= Digest::MD5.hexdigest(Marshal::dump(to_hash))
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def merge_patch_ops(attrs, config_annotation)
|
|
74
|
+
Util.json_patch(current_config(config_annotation), stringify_hash(attrs))
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
# Gets the existing resources (on kube api) configuration, an empty hash if not present
|
|
78
|
+
#
|
|
79
|
+
# @return [Hash]
|
|
80
|
+
def current_config(config_annotation)
|
|
81
|
+
current_cfg = self.metadata.annotations&.dig(config_annotation)
|
|
82
|
+
|
|
83
|
+
return JSON.parse(current_cfg) if current_cfg
|
|
84
|
+
|
|
85
|
+
{}
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def can_patch?(config_annotation)
|
|
89
|
+
!!self.metadata.annotations&.dig(config_annotation)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
def stringify_hash(hash)
|
|
93
|
+
JSON.load(JSON.dump(hash))
|
|
94
|
+
end
|
|
67
95
|
end
|
|
68
96
|
end
|
data/lib/k8s/resource_client.rb
CHANGED
|
@@ -44,8 +44,9 @@ module K8s
|
|
|
44
44
|
# @param namespace [String, nil]
|
|
45
45
|
# @param labelSelector [nil, String, Hash{String => String}]
|
|
46
46
|
# @param fieldSelector [nil, String, Hash{String => String}]
|
|
47
|
+
# @param skip_forbidden [Boolean] skip resources that return HTTP 403 errors
|
|
47
48
|
# @return [Array<K8s::Resource>]
|
|
48
|
-
def self.list(resources, transport, namespace: nil, labelSelector: nil, fieldSelector: nil)
|
|
49
|
+
def self.list(resources, transport, namespace: nil, labelSelector: nil, fieldSelector: nil, skip_forbidden: false)
|
|
49
50
|
api_paths = resources.map{|resource| resource.path(namespace: namespace) }
|
|
50
51
|
api_lists = transport.gets(*api_paths,
|
|
51
52
|
response_class: K8s::API::MetaV1::List,
|
|
@@ -53,9 +54,10 @@ module K8s
|
|
|
53
54
|
'labelSelector' => selector_query(labelSelector),
|
|
54
55
|
'fieldSelector' => selector_query(fieldSelector),
|
|
55
56
|
),
|
|
57
|
+
skip_forbidden: skip_forbidden,
|
|
56
58
|
)
|
|
57
59
|
|
|
58
|
-
resources.zip(api_lists).map {|resource, api_list| resource.process_list(api_list) }.flatten
|
|
60
|
+
resources.zip(api_lists).map {|resource, api_list| api_list ? resource.process_list(api_list) : [] }.flatten
|
|
59
61
|
end
|
|
60
62
|
|
|
61
63
|
# @param transport [K8s::Transport]
|
|
@@ -243,6 +245,20 @@ module K8s
|
|
|
243
245
|
)
|
|
244
246
|
end
|
|
245
247
|
|
|
248
|
+
# @param name [String]
|
|
249
|
+
# @param ops [Hash] json-patch operations
|
|
250
|
+
# @param namespace [String]
|
|
251
|
+
# @return [resource_class]
|
|
252
|
+
def json_patch(name, ops, namespace: @namespace)
|
|
253
|
+
@transport.request(
|
|
254
|
+
method: 'PATCH',
|
|
255
|
+
path: self.path(name, namespace: namespace),
|
|
256
|
+
content_type: 'application/json-patch+json',
|
|
257
|
+
request_object: ops,
|
|
258
|
+
response_class: @resource_class,
|
|
259
|
+
)
|
|
260
|
+
end
|
|
261
|
+
|
|
246
262
|
# @return [Bool]
|
|
247
263
|
def delete?
|
|
248
264
|
@api_resource.verbs.include? 'delete'
|
|
@@ -250,13 +266,14 @@ module K8s
|
|
|
250
266
|
|
|
251
267
|
# @param name [String]
|
|
252
268
|
# @param namespace [String]
|
|
269
|
+
# @param propagationPolicy [String] The propagationPolicy to use for the API call. Possible values include “Orphan”, “Foreground”, or “Background”
|
|
253
270
|
# @return [K8s::API::MetaV1::Status]
|
|
254
271
|
def delete(name, namespace: @namespace, propagationPolicy: nil)
|
|
255
272
|
@transport.request(
|
|
256
273
|
method: 'DELETE',
|
|
257
274
|
path: self.path(name, namespace: namespace),
|
|
258
275
|
query: make_query(
|
|
259
|
-
'propagationPolicy' => propagationPolicy
|
|
276
|
+
'propagationPolicy' => propagationPolicy
|
|
260
277
|
),
|
|
261
278
|
response_class: @resource_class, # XXX: documented as returning Status
|
|
262
279
|
)
|
|
@@ -281,6 +298,8 @@ module K8s
|
|
|
281
298
|
end
|
|
282
299
|
|
|
283
300
|
# @param resource [resource_class] with metadata
|
|
301
|
+
# @param options [Hash]
|
|
302
|
+
# @see #delete for possible options
|
|
284
303
|
# @return [K8s::API::MetaV1::Status]
|
|
285
304
|
def delete_resource(resource, **options)
|
|
286
305
|
delete(resource.metadata.name, namespace: resource.metadata.namespace, **options)
|
data/lib/k8s/stack.rb
CHANGED
|
@@ -11,6 +11,9 @@ module K8s
|
|
|
11
11
|
# Annotation used to identify resource versions
|
|
12
12
|
CHECKSUM_ANNOTATION = 'k8s.kontena.io/stack-checksum'
|
|
13
13
|
|
|
14
|
+
# Annotation used to identify last applied configuration
|
|
15
|
+
LAST_CONFIG_ANNOTATION = 'kubectl.kubernetes.io/last-applied-configuration'
|
|
16
|
+
|
|
14
17
|
# List of apiVersion:kind combinations to skip for stack prune
|
|
15
18
|
# These would lead to stack prune misbehaving if not skipped.
|
|
16
19
|
PRUNE_IGNORE = [
|
|
@@ -44,37 +47,33 @@ module K8s
|
|
|
44
47
|
|
|
45
48
|
attr_reader :name, :resources
|
|
46
49
|
|
|
47
|
-
def initialize(name, resources = [], debug: false, label: self.class::LABEL, checksum_annotation: self.class::CHECKSUM_ANNOTATION)
|
|
50
|
+
def initialize(name, resources = [], debug: false, label: self.class::LABEL, checksum_annotation: self.class::CHECKSUM_ANNOTATION, last_configuration_annotation: self.class::LAST_CONFIG_ANNOTATION)
|
|
48
51
|
@name = name
|
|
49
52
|
@resources = resources
|
|
50
53
|
@keep_resources = {}
|
|
51
54
|
@label = label
|
|
52
55
|
@checksum_annotation = checksum_annotation
|
|
56
|
+
@last_config_annotation = last_configuration_annotation
|
|
53
57
|
|
|
54
58
|
logger! progname: name, debug: debug
|
|
55
59
|
end
|
|
56
60
|
|
|
57
|
-
# Random "checksum" used to identify different stack resource versions using an annotation.
|
|
58
|
-
#
|
|
59
|
-
# NOTE: This is not actually a checksum.
|
|
60
|
-
#
|
|
61
|
-
# @return [String]
|
|
62
|
-
def checksum
|
|
63
|
-
@checksum ||= SecureRandom.hex(16)
|
|
64
|
-
end
|
|
65
|
-
|
|
66
61
|
# @param resource [K8s::Resource] to apply
|
|
67
62
|
# @param base_resource [K8s::Resource] preserve existing attributes from base resource
|
|
68
63
|
# @return [K8s::Resource]
|
|
69
64
|
def prepare_resource(resource, base_resource: nil)
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
65
|
+
# XXX: base_resource is not really used anymore, kept for backwards compatibility for a while
|
|
66
|
+
|
|
67
|
+
# calculate checksum only from the "local" source
|
|
68
|
+
checksum = resource.checksum
|
|
73
69
|
|
|
74
70
|
# add stack metadata
|
|
75
71
|
resource.merge(metadata: {
|
|
76
72
|
labels: { @label => name },
|
|
77
|
-
annotations: {
|
|
73
|
+
annotations: {
|
|
74
|
+
@checksum_annotation => checksum,
|
|
75
|
+
@last_config_annotation => resource.to_json
|
|
76
|
+
},
|
|
78
77
|
})
|
|
79
78
|
end
|
|
80
79
|
|
|
@@ -83,24 +82,21 @@ module K8s
|
|
|
83
82
|
server_resources = client.get_resources(resources)
|
|
84
83
|
|
|
85
84
|
resources.zip(server_resources).map do |resource, server_resource|
|
|
86
|
-
if server_resource
|
|
87
|
-
# keep server checksum for comparison
|
|
88
|
-
# NOTE: this will not compare equal for resources with arrays containing hashes with default values applied by the server
|
|
89
|
-
# however, that will just cause extra PUTs, so it doesn't have any functional effects
|
|
90
|
-
compare_resource = server_resource.merge(resource).merge(metadata: {
|
|
91
|
-
labels: { @label => name },
|
|
92
|
-
})
|
|
93
|
-
end
|
|
94
|
-
|
|
95
85
|
if !server_resource
|
|
96
|
-
logger.info "Create resource #{resource.apiVersion}:#{resource.kind}/#{resource.metadata.name} in namespace #{resource.metadata.namespace} with checksum=#{checksum}"
|
|
86
|
+
logger.info "Create resource #{resource.apiVersion}:#{resource.kind}/#{resource.metadata.name} in namespace #{resource.metadata.namespace} with checksum=#{resource.checksum}"
|
|
97
87
|
keep_resource! client.create_resource(prepare_resource(resource))
|
|
98
|
-
elsif server_resource !=
|
|
99
|
-
logger.info "Update resource #{resource.apiVersion}:#{resource.kind}/#{resource.metadata.name} in namespace #{resource.metadata.namespace} with checksum=#{checksum}"
|
|
100
|
-
|
|
88
|
+
elsif server_resource.metadata.annotations[@checksum_annotation] != resource.checksum
|
|
89
|
+
logger.info "Update resource #{resource.apiVersion}:#{resource.kind}/#{resource.metadata.name} in namespace #{resource.metadata.namespace} with checksum=#{resource.checksum}"
|
|
90
|
+
r = prepare_resource(resource)
|
|
91
|
+
if server_resource.can_patch?(@last_config_annotation)
|
|
92
|
+
keep_resource! client.patch_resource(server_resource, server_resource.merge_patch_ops(r.to_hash, @last_config_annotation))
|
|
93
|
+
else
|
|
94
|
+
# try to update with PUT
|
|
95
|
+
keep_resource! client.update_resource(server_resource.merge(prepare_resource(resource)))
|
|
96
|
+
end
|
|
101
97
|
else
|
|
102
|
-
logger.info "Keep resource #{
|
|
103
|
-
keep_resource!
|
|
98
|
+
logger.info "Keep resource #{server_resource.apiVersion}:#{server_resource.kind}/#{server_resource.metadata.name} in namespace #{server_resource.metadata.namespace} with checksum=#{server_resource.metadata.annotations[@checksum_annotation]}"
|
|
99
|
+
keep_resource! server_resource
|
|
104
100
|
end
|
|
105
101
|
end
|
|
106
102
|
|
|
@@ -116,8 +112,9 @@ module K8s
|
|
|
116
112
|
end
|
|
117
113
|
|
|
118
114
|
# Delete all stack resources that were not applied
|
|
119
|
-
def prune(client, keep_resources: )
|
|
120
|
-
|
|
115
|
+
def prune(client, keep_resources: , skip_forbidden: true)
|
|
116
|
+
# using skip_forbidden: assume we can't create resource types that we are forbidden to list, so we don't need to prune them either
|
|
117
|
+
client.list_resources(labelSelector: {@label => name}, skip_forbidden: skip_forbidden).each do |resource|
|
|
121
118
|
next if PRUNE_IGNORE.include? "#{resource.apiVersion}:#{resource.kind}"
|
|
122
119
|
|
|
123
120
|
resource_label = resource.metadata.labels ? resource.metadata.labels[@label] : nil
|
|
@@ -132,7 +129,7 @@ module K8s
|
|
|
132
129
|
else
|
|
133
130
|
logger.info "Delete resource #{resource.apiVersion}:#{resource.kind}/#{resource.metadata.name} in namespace #{resource.metadata.namespace}"
|
|
134
131
|
begin
|
|
135
|
-
client.delete_resource(resource)
|
|
132
|
+
client.delete_resource(resource, propagationPolicy: 'Background')
|
|
136
133
|
rescue K8s::Error::NotFound
|
|
137
134
|
# assume aliased objects in multiple API groups, like for Deployments
|
|
138
135
|
# alternatively, a custom resource whose definition was already deleted earlier
|
data/lib/k8s/transport.rb
CHANGED
|
@@ -224,10 +224,11 @@ module K8s
|
|
|
224
224
|
|
|
225
225
|
# @param options [Array<Hash>] @see #request
|
|
226
226
|
# @param skip_missing [Boolean] return nil for HTTP 404 responses
|
|
227
|
+
# @param skip_forbidden [Boolean] return nil for HTTP 403 responses
|
|
227
228
|
# @param retry_errors [Boolean] retry with non-pipelined request for HTTP 503 responses
|
|
228
229
|
# @param common_options [Hash] @see #request, merged with the per-request options
|
|
229
230
|
# @return [Array<response_class, Hash, nil>]
|
|
230
|
-
def requests(*options, skip_missing: false, retry_errors: true, **common_options)
|
|
231
|
+
def requests(*options, skip_missing: false, skip_forbidden: false, retry_errors: true, **common_options)
|
|
231
232
|
return [] if options.empty? # excon chokes
|
|
232
233
|
|
|
233
234
|
start = Time.now
|
|
@@ -249,6 +250,12 @@ module K8s
|
|
|
249
250
|
else
|
|
250
251
|
raise
|
|
251
252
|
end
|
|
253
|
+
rescue K8s::Error::Forbidden
|
|
254
|
+
if skip_forbidden
|
|
255
|
+
nil
|
|
256
|
+
else
|
|
257
|
+
raise
|
|
258
|
+
end
|
|
252
259
|
rescue K8s::Error::ServiceUnavailable => exc
|
|
253
260
|
if retry_errors
|
|
254
261
|
logger.warn { "Retry #{format_request(request_options)} => HTTP #{exc.code} #{exc.reason} in #{'%.3f' % t}s" }
|
data/lib/k8s/util.rb
CHANGED
|
@@ -19,5 +19,47 @@ module K8s
|
|
|
19
19
|
|
|
20
20
|
args.map{|arg| value_map[arg] }
|
|
21
21
|
end
|
|
22
|
+
|
|
23
|
+
# Produces a set of json-patch operations so that applying
|
|
24
|
+
# the operations on a, gives you the results of b
|
|
25
|
+
# Used in correctly patching the Kube resources on stack updates
|
|
26
|
+
#
|
|
27
|
+
# @param a [Hash] Hash to compute patches against
|
|
28
|
+
# @param a [Hash] New Hash to compute patches "from"
|
|
29
|
+
def self.json_patch(a, b)
|
|
30
|
+
diffs = HashDiff.diff(a, b, array_path: true)
|
|
31
|
+
ops = []
|
|
32
|
+
# Each diff is like ["+", "spec.selector.aziz", "kebab"]
|
|
33
|
+
# or ["-", "spec.selector.aziz", "kebab"]
|
|
34
|
+
diffs.each do |diff|
|
|
35
|
+
operator = diff[0]
|
|
36
|
+
# substitute '/' with '~1' and '~' with '~0'
|
|
37
|
+
# according to RFC 6901
|
|
38
|
+
path = diff[1].map {|p| p.to_s.gsub('/', '~1')}.map {|p| p.to_s.gsub('~', '~0')}
|
|
39
|
+
if operator == '-'
|
|
40
|
+
ops << {
|
|
41
|
+
op: "remove",
|
|
42
|
+
path: "/" + path.join('/')
|
|
43
|
+
}
|
|
44
|
+
elsif operator == '+'
|
|
45
|
+
ops << {
|
|
46
|
+
op: "add",
|
|
47
|
+
path: "/" + path.join('/'),
|
|
48
|
+
value: diff[2]
|
|
49
|
+
}
|
|
50
|
+
elsif operator == '~'
|
|
51
|
+
ops << {
|
|
52
|
+
op: "replace",
|
|
53
|
+
path: "/" + path.join('/'),
|
|
54
|
+
value: diff[3]
|
|
55
|
+
}
|
|
56
|
+
else
|
|
57
|
+
raise "Unknown diff operator: #{operator}!"
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
ops
|
|
63
|
+
end
|
|
22
64
|
end
|
|
23
65
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: k8s-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kontena, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-09-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: excon
|
|
@@ -66,6 +66,20 @@ dependencies:
|
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: 1.1.0
|
|
69
|
+
- !ruby/object:Gem::Dependency
|
|
70
|
+
name: hashdiff
|
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
|
72
|
+
requirements:
|
|
73
|
+
- - "~>"
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: 0.3.7
|
|
76
|
+
type: :runtime
|
|
77
|
+
prerelease: false
|
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - "~>"
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: 0.3.7
|
|
69
83
|
- !ruby/object:Gem::Dependency
|
|
70
84
|
name: bundler
|
|
71
85
|
requirement: !ruby/object:Gem::Requirement
|