kubernetes-deploy 0.26.4 → 0.26.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a537ded5641b9cb4b9813594e6da9d7ea06876721b26ce4785e48f0b933536cf
-  data.tar.gz: 8ee185bc26198298d5ed8c18aba4736a67bc46bd2526a72d71b74c988ac9e657
+  metadata.gz: c11bffff21178fb845d50aff17aa56f3044cb95b235ff6db2463c94def2d2589
+  data.tar.gz: 54ee8d3c14e3d7ca013d6e9a822aa0772dde1b4738bcce67efb3f96c490ddb08
 SHA512:
-  metadata.gz: 33f35406225136f90fa99219f5545d9052e2d323055f87d0d42c81640549cda6f18c0748d661ae4ba4c4ab7a1bcb0e7c717e6c8081ded664849befd2bf571d3c
-  data.tar.gz: 3d3e78256ad83ea456f9a92106c81b03c0212fc3d0940cdfbb990a45214f7250af1110c4f3231dde8b828ab4113b68c3ce5dfc28d675a001d19eea686b2bb9ca
+  metadata.gz: e79311a4c0c7af04db41ee384d5ed1da79afdb1f2676c02595ced432ddc6da38dc08179bc5791bbde34e6e0e8da01bd2ca102e0e4ed5af275ee0542b55a68ea8
+  data.tar.gz: b4db7e51c731bb1bac8d4eeea6bd0df469fe17cf82ee3fc171211d56fad146f3a60321f6a38d93ecb081e27ca723205fd59e5b475dec130ba695205cd5a31dbf

data/.buildkite/pipeline.nightly.yml

@@ -1,4 +1,11 @@
 steps:
+  - name: 'Run Test Suite (:kubernetes: 1.14-latest)'
+    command: bin/ci
+    agents:
+      queue: k8s-ci
+    env:
+      LOGGING_LEVEL: 4
+      KUBERNETES_VERSION: v1.14-latest
   - name: 'Run Test Suite (:kubernetes: 1.13-latest)'
     command: bin/ci
     agents:

data/.github/probots.yml

@@ -0,0 +1,2 @@
+enabled:
+  - cla

data/.shopify-build/VERSION

@@ -0,0 +1 @@
+v1

data/.shopify-build/kubernetes-deploy.yml

@@ -0,0 +1,46 @@
+containers:
+  default:
+    docker: circleci/ruby:2.5.1-node-browsers
+
+steps:
+  - label: Lint
+    timeout: 5m
+    run:
+      - bundle exec rubocop
+    dependencies:
+      - bundler
+  - label: 'Run Test Suite (:kubernetes: 1.14-latest)'
+    command: bin/ci
+    agents:
+      queue: k8s-ci
+    env:
+      LOGGING_LEVEL: "4"
+      KUBERNETES_VERSION: v1.14-latest
+  - label: 'Run Test Suite (:kubernetes: 1.13-latest)'
+    command: bin/ci
+    agents:
+      queue: k8s-ci
+    env:
+      LOGGING_LEVEL: "4"
+      KUBERNETES_VERSION: v1.13-latest
+  - label: 'Run Test Suite (:kubernetes: 1.12-latest)'
+    command: bin/ci
+    agents:
+      queue: k8s-ci
+    env:
+      LOGGING_LEVEL: "4"
+      KUBERNETES_VERSION: v1.12-latest
+  - label: 'Run Test Suite (:kubernetes: 1.11-latest)'
+    command: bin/ci
+    agents:
+      queue: k8s-ci
+    env:
+      LOGGING_LEVEL: "4"
+      KUBERNETES_VERSION: v1.11-latest
+  - label: 'Run Test Suite (:kubernetes: 1.10-latest)'
+    command: bin/ci
+    agents:
+      queue: minikube-ci
+    env:
+      LOGGING_LEVEL: "4"
+      KUBERNETES_VERSION: v1.10-latest

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 ## next
 
+## 0.26.5
+
+*Bug Fixes*
+- Support 'volumeBindingMode: WaitForFirstConsumer' condition in StorageClass. [#479](https://github.com/Shopify/kubernetes-deploy/pull/479)
+- Fix: Undefined method "merge" on LabelSelector. [#488](https://github.com/Shopify/kubernetes-deploy/pull/488)
+
+*Enhancements*
+- Officially support Kubernetes 1.14. [#461](https://github.com/Shopify/kubernetes-deploy/pull/461)
+- Allow customising which custom resources are deployed in the pre-deploy phase. [#505](https://github.com/Shopify/kubernetes-deploy/pull/505)
+
+*Other*
+- Removes special treatment of GCP authentication by upgrading to `kubeclient` 4.3. [#465](https://github.com/Shopify/kubernetes-deploy/pull/465)
+
 ## 0.26.4
 
 *Bug fixes*

data/CONTRIBUTING.md

@@ -13,6 +13,7 @@ The following is a set of guidelines for contributing to kubernetes-deploy. Plea
   * [High-level design decisions](#high-level-design-decisions)
   * [Feature acceptance policies](#feature-acceptance-policies)
   * [Adding a new resource type](#contributing-a-new-resource-type)
+  * [Contributor License Agreement](#contributor-license-agreement)
 
 [Development](#development)
   * [Setup](#setup)
@@ -105,6 +106,11 @@ This gem uses subclasses of `KubernetesResource` to implement custom success/fai
 6. Add a basic example of the type to the hello-cloud [fixture set](https://github.com/Shopify/kubernetes-deploy/tree/master/test/fixtures/hello-cloud) and appropriate assertions to `#assert_all_up` in [`hello_cloud.rb`](https://github.com/Shopify/kubernetes-deploy/blob/master/test/helpers/fixture_sets/hello_cloud.rb). This will get you coverage in several existing tests, such as `test_full_hello_cloud_set_deploy_succeeds`.
 7. Add tests for any edge cases you foresee.
 
+### Contributor License Agreement
+
+ New contributors will be required to sign [Shopify's Contributor License Agreement (CLA)](https://cla.shopify.com/).
+ There are two versions of the CLA: one for individuals and one for organizations.
+
 # Development
 
 ## Setup
@@ -157,6 +163,6 @@ Please make sure you run the tests locally before submitting your PR (see [Runni
 
 #### Employees: Triggering CI for a contributed PR
 
-Go to the [kubernetes-deploy-gem pipeline](https://buildkite.com/shopify/kubernetes-deploy-gem) and click "New Build". Use branch `external_contrib_ci` and the specific sha of the commit you want to build. Add `BUILDKITE_REFSPEC="refs/pull/${PR_NUM}/head"` in the Environment Variables section. Since CI is only visible to Shopify employees, you will need to provide any failing tests and output to the the contributor.
+Go to the [kubernetes-deploy pipeline](https://buildkite.com/shopify/kubernetes-deploy) and click "New Build". Use branch `external_contrib_ci` and the specific sha of the commit you want to build. Add `BUILDKITE_REFSPEC="refs/pull/${PR_NUM}/head"` in the Environment Variables section. Since CI is only visible to Shopify employees, you will need to provide any failing tests and output to the the contributor.
 
 <img width="350" alt="build external contrib PR" src="https://screenshot.click/2017-11-07--163728_7ovek-wrpwq.png">

data/README.md

@@ -1,4 +1,4 @@
-# kubernetes-deploy [![Build status](https://badge.buildkite.com/d1aab6d17b010f418e43f740063fe5343c5d65df654e635a8b.svg?branch=master)](https://buildkite.com/shopify/kubernetes-deploy-gem) [![codecov](https://codecov.io/gh/Shopify/kubernetes-deploy/branch/master/graph/badge.svg)](https://codecov.io/gh/Shopify/kubernetes-deploy)
+# kubernetes-deploy [![Build status](https://badge.buildkite.com/61937e40a1fc69754d9d198be120543d6de310de2ba8d3cb0e.svg?branch=master)](https://buildkite.com/shopify/kubernetes-deploy) [![codecov](https://codecov.io/gh/Shopify/kubernetes-deploy/branch/master/graph/badge.svg)](https://codecov.io/gh/Shopify/kubernetes-deploy)
 
 `kubernetes-deploy` is a command line tool that helps you ship changes to a Kubernetes namespace and understand the result. At Shopify, we use it within our much-beloved, open-source [Shipit](https://github.com/Shopify/shipit-engine#kubernetes) deployment app.
 
@@ -72,7 +72,7 @@ This repo also includes related tools for [running tasks](#kubernetes-run) and [
 * Each app must have a deploy directory containing its Kubernetes templates (see [Templates](#using-templates-and-variables))
 
 <sup>1</sup> We run integration tests against these Kubernetes versions. You can find our
-offical compatibility chart below.
+official compatibility chart below.
 
 | Kubernetes version | Last officially supported in gem version |
 | :----------------: | :-------------------: |
@@ -80,6 +80,7 @@ offical compatibility chart below.
 |        1.6         |        0.15.2         |
 |        1.7         |        0.20.6         |
 |        1.8         |        0.21.1         |
+|        1.9         |        0.24.0         |
 
 ## Installation
 
@@ -244,6 +245,11 @@ before the deployment is considered successful.
   - _Compatibility_: Custom Resource Definition
   - `true`: The custom resource will be pruned if the resource is not in the deploy directory.
   - All other values: The custom resource will not be pruned.
+- `kubernetes-deploy.shopify.io/predeployed`: Causes a Custom Resource to be deployed in the pre-deploy phase.
+  - _Compatibility_: Custom Resource Definition
+  - _Default_: `true`
+  - `true`: The custom resource will be deployed in the pre-deploy phase.
+  - All other values: The custom resource will be deployed in the main deployment phase.
 
 ### Running tasks at the beginning of a deploy
 
@@ -500,6 +506,12 @@ To render some templates in a template dir, run kubernetes-render with the names
 kubernetes-render --template-dir=./path/to/template/dir this-template.yaml.erb that-template.yaml.erb
 ```
 
+To render a template in a template dir and output it to a file, run kubernetes-render with the name of the template and redirect the output to a file:
+
+```
+kubernetes-render --template-dir=./path/to/template/dir template.yaml.erb > template.yaml
+```
+
 *Options:*
 
 - `--template-dir=DIR`: Used to set the directory to interpret template names relative to. This is often the same directory passed as `--template-dir` when running `kubernetes-deploy` to actually deploy templates. Set `$ENVIRONMENT` instead to use `config/deploy/$ENVIRONMENT`. This flag also supports reading from STDIN. You can do this by using `--template-dir=-`.

data/kubernetes-deploy.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.3.0'
   spec.add_dependency("activesupport", ">= 5.0")
-  spec.add_dependency("kubeclient", "~> 4.0")
+  spec.add_dependency("kubeclient", "~> 4.3")
   spec.add_dependency("googleauth", "~> 0.6.6") # https://github.com/google/google-auth-library-ruby/issues/153
   spec.add_dependency("ejson", "~> 1.0")
   spec.add_dependency("colorize", "~> 0.8")

data/lib/kubernetes-deploy.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'active_support/core_ext/object/blank'
+require 'active_support/core_ext/hash/reverse_merge'
 require 'active_support/core_ext/hash/slice'
 require 'active_support/core_ext/numeric/time'
 require 'active_support/core_ext/string/inflections'

data/lib/kubernetes-deploy/bindings_parser.rb

@@ -41,7 +41,7 @@ module KubernetesDeploy
         when '.json'
           bindings = parse_json(File.read(file_path))
         when '.yaml', '.yml'
-          bindings = YAML.load(File.read(file_path))
+          bindings = YAML.safe_load(File.read(file_path))
         else
           raise ArgumentError, "Supplied file does not appear to be JSON or YAML"
         end

data/lib/kubernetes-deploy/deploy_task.rb

@@ -75,7 +75,7 @@ module KubernetesDeploy
         Pod
       )
 
-      before_crs + cluster_resource_discoverer.crds.map(&:kind) + after_crs
+      before_crs + cluster_resource_discoverer.crds.select(&:predeployed?).map(&:kind) + after_crs
     end
 
     def prune_whitelist
@@ -552,15 +552,20 @@ module KubernetesDeploy
     end
 
     def confirm_namespace_exists
-      st, err = nil
-      with_retries(2) do
-        _, err, st = kubectl.run("get", "namespace", @namespace, use_namespace: false, log_failure: true)
-        st.success? || err.include?(KubernetesDeploy::Kubectl::NOT_FOUND_ERROR_TEXT)
-      end
-      raise FatalDeploymentError, "Failed to find namespace. #{err}" unless st.success?
+      raise FatalDeploymentError, "Namespace #{@namespace} not found" unless namespace_definition.present?
       @logger.info("Namespace #{@namespace} found")
     end
 
+    def namespace_definition
+      @namespace_definition ||= begin
+        definition, _err, st = kubectl.run("get", "namespace", @namespace, use_namespace: false,
+          log_failure: true, raise_if_not_found: true, attempts: 3, output: 'json')
+        st.success? ? JSON.parse(definition, symbolize_names: true) : nil
+      end
+    rescue Kubectl::ResourceNotFoundError
+      nil
+    end
+
     # make sure to never prune the ejson-keys secret
     def confirm_ejson_keys_not_prunable
       secret = ejson_provisioner.ejson_keys_secret
@@ -574,14 +579,8 @@ module KubernetesDeploy
     end
 
     def tags_from_namespace_labels
-      namespace_info = nil
-      with_retries(2) do
-        namespace_info, _, st = kubectl.run("get", "namespace", @namespace, "-o", "json", use_namespace: false,
-          log_failure: true)
-        st.success?
-      end
-      return [] if namespace_info.blank?
-      namespace_labels = JSON.parse(namespace_info, symbolize_names: true).fetch(:metadata, {}).fetch(:labels, {})
+      return [] if namespace_definition.blank?
+      namespace_labels = namespace_definition.fetch(:metadata, {}).fetch(:labels, {})
       namespace_labels.map { |key, value| "#{key}:#{value}" }
     end
 

data/lib/kubernetes-deploy/ejson_secret_provisioner.rb

@@ -63,7 +63,8 @@ module KubernetesDeploy
         secrets.map do |secret_name, secret_spec|
           validate_secret_spec(secret_name, secret_spec)
           resource = generate_secret_resource(secret_name, secret_spec["_type"], secret_spec["data"])
-          unless resource.validate_definition(@kubectl)
+          resource.validate_definition(@kubectl)
+          if resource.validation_failed?
             raise EjsonSecretError, "Resulting resource Secret/#{secret_name} failed validation"
           end
           resource
@@ -105,7 +106,7 @@ module KubernetesDeploy
       end
 
       labels = { "name" => secret_name }
-      labels.reverse_merge!(@selector) if @selector
+      labels.reverse_merge!(@selector.to_h) if @selector
 
       secret = {
         'kind' => 'Secret',

data/lib/kubernetes-deploy/kubeclient_builder.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 require 'kubeclient'
-require 'kubernetes-deploy/kubeclient_builder/kube_config'
 
 module KubernetesDeploy
   class KubeclientBuilder
@@ -96,6 +95,14 @@ module KubernetesDeploy
       )
     end
 
+    def build_storage_v1_kubeclient(context)
+      build_kubeclient(
+        api_version: "v1",
+        context: context,
+        endpoint_path: "/apis/storage.k8s.io"
+      )
+    end
+
     def validate_config_files
       errors = []
       if @kubeconfig_files.empty?
@@ -118,7 +125,7 @@ module KubernetesDeploy
 
     def build_kubeclient(api_version:, context:, endpoint_path: nil)
       validate_config_files!
-      @kubeclient_configs ||= @kubeconfig_files.map { |f| KubeConfig.read(f) }
+      @kubeclient_configs ||= @kubeconfig_files.map { |f| Kubeclient::Config.read(f) }
       # Find a context defined in kube conf files that matches the input context by name
       config = @kubeclient_configs.find { |c| c.contexts.include?(context) }
       raise ContextMissingError.new(context, @kubeconfig_files) unless config

data/lib/kubernetes-deploy/kubectl.rb

@@ -2,8 +2,12 @@
 
 module KubernetesDeploy
   class Kubectl
+    ERROR_MATCHERS = {
+      not_found: /NotFound/,
+      client_timeout: /Client\.Timeout exceeded while awaiting headers/,
+    }
     DEFAULT_TIMEOUT = 15
-    NOT_FOUND_ERROR_TEXT = 'NotFound'
+    MAX_RETRY_DELAY = 16
 
     class ResourceNotFoundError < StandardError; end
 
@@ -21,43 +25,45 @@ module KubernetesDeploy
     end
 
     def run(*args, log_failure: nil, use_context: true, use_namespace: true, output: nil,
-      raise_if_not_found: false, attempts: 1, output_is_sensitive: nil)
+      raise_if_not_found: false, attempts: 1, output_is_sensitive: nil, retry_whitelist: nil)
       log_failure = @log_failure_by_default if log_failure.nil?
       output_is_sensitive = @output_is_sensitive_default if output_is_sensitive.nil?
-
-      args = args.unshift("kubectl")
-      args.push("--namespace=#{@namespace}") if use_namespace
-      args.push("--context=#{@context}")     if use_context
-      args.push("--output=#{output}") if output
-      args.push("--request-timeout=#{@default_timeout}") if @default_timeout
+      cmd = build_command_from_options(args, use_namespace, use_context, output)
       out, err, st = nil
 
-      (1..attempts).to_a.each do |attempt|
-        @logger.debug("Running command (attempt #{attempt}): #{args.join(' ')}")
-        out, err, st = Open3.capture3(*args)
+      (1..attempts).to_a.each do |current_attempt|
+        @logger.debug("Running command (attempt #{current_attempt}): #{cmd.join(' ')}")
+        out, err, st = Open3.capture3(*cmd)
         @logger.debug("Kubectl out: " + out.gsub(/\s+/, ' ')) unless output_is_sensitive
 
         break if st.success?
+        raise(ResourceNotFoundError, err) if err.match(ERROR_MATCHERS[:not_found]) && raise_if_not_found
 
         if log_failure
-          @logger.warn("The following command failed (attempt #{attempt}/#{attempts}): #{Shellwords.join(args)}")
+          warning = if current_attempt == attempts
+            "The following command failed (attempt #{current_attempt}/#{attempts})"
+          elsif retriable_err?(err, retry_whitelist)
+            "The following command failed and will be retried (attempt #{current_attempt}/#{attempts})"
+          else
+            "The following command failed and cannot be retried"
+          end
+          @logger.warn("#{warning}: #{Shellwords.join(cmd)}")
           @logger.warn(err) unless output_is_sensitive
-        end
-
-        if err.match(NOT_FOUND_ERROR_TEXT)
-          raise(ResourceNotFoundError, err) if raise_if_not_found
         else
-          @logger.debug("Kubectl err: #{err}") unless output_is_sensitive
-          StatsD.increment('kubectl.error', 1, tags: { context: @context, namespace: @namespace, cmd: args[1] })
+          @logger.debug("Kubectl err: #{output_is_sensitive ? '<suppressed sensitive output>' : err}")
         end
-        sleep(retry_delay(attempt)) unless attempt == attempts
+        StatsD.increment('kubectl.error', 1, tags: { context: @context, namespace: @namespace, cmd: cmd[1] })
+
+        break unless retriable_err?(err, retry_whitelist) && current_attempt < attempts
+        sleep(retry_delay(current_attempt))
       end
 
       [out.chomp, err.chomp, st]
     end
 
     def retry_delay(attempt)
-      attempt
+      # exponential backoff starting at 1s with cap at 16s, offset by up to 0.5s
+      [2**(attempt - 1), MAX_RETRY_DELAY].min - Random.rand(0.5).round(1)
     end
 
     def version_info
@@ -79,6 +85,23 @@ module KubernetesDeploy
 
     private
 
+    def build_command_from_options(args, use_namespace, use_context, output)
+      cmd = ["kubectl"] + args
+      cmd.push("--namespace=#{@namespace}")              if use_namespace
+      cmd.push("--context=#{@context}")                  if use_context
+      cmd.push("--output=#{output}")                     if output
+      cmd.push("--request-timeout=#{@default_timeout}")  if @default_timeout
+      cmd
+    end
+
+    def retriable_err?(err, retry_whitelist)
+      return !err.match(ERROR_MATCHERS[:not_found]) if retry_whitelist.nil?
+      retry_whitelist.any? do |retriable|
+        raise NotImplementedError, "No matcher defined for #{retriable.inspect}" unless ERROR_MATCHERS.key?(retriable)
+        err.match(ERROR_MATCHERS[retriable])
+      end
+    end
+
     def extract_version_info_from_kubectl_response(response)
       info = {}
       response.each_line do |l|

data/lib/kubernetes-deploy/kubernetes_resource.rb

@@ -122,18 +122,8 @@ module KubernetesDeploy
       @validation_errors = []
       validate_selector(selector) if selector
       validate_timeout_annotation
-
-      command = ["create", "-f", file_path, "--dry-run", "--output=name"]
-      _, err, st = kubectl.run(*command, log_failure: false, output_is_sensitive: sensitive_template_content?)
-      return true if st.success?
-      if sensitive_template_content?
-        @validation_errors << <<-EOS
-          Validation for #{id} failed. Detailed information is unavailable as the raw error may contain sensitive data.
-        EOS
-      else
-        @validation_errors << err
-      end
-      false
+      validate_spec_with_kubectl(kubectl)
+      @validation_errors.present?
     end
 
     def validation_error_msg
@@ -433,6 +423,19 @@ module KubernetesDeploy
       end
     end
 
+    def validate_spec_with_kubectl(kubectl)
+      command = ["create", "-f", file_path, "--dry-run", "--output=name"]
+      _, err, st = kubectl.run(*command, log_failure: false, output_is_sensitive: sensitive_template_content?,
+        retry_whitelist: [:client_timeout], attempts: 3)
+
+      return true if st.success?
+      @validation_errors << if sensitive_template_content?
+        "Validation for #{id} failed. Detailed information is unavailable as the raw error may contain sensitive data."
+      else
+        err
+      end
+    end
+
     def labels
       @definition.dig("metadata", "labels")
     end

data/lib/kubernetes-deploy/kubernetes_resource/custom_resource_definition.rb

@@ -56,6 +56,11 @@ module KubernetesDeploy
       prunable == "true"
     end
 
+    def predeployed?
+      predeployed = @definition.dig("metadata", "annotations", "kubernetes-deploy.shopify.io/predeployed")
+      predeployed.nil? || predeployed == "true"
+    end
+
     def rollout_conditions
       return @rollout_conditions if defined?(@rollout_conditions)
 

data/lib/kubernetes-deploy/kubernetes_resource/persistent_volume_claim.rb

@@ -3,16 +3,78 @@ module KubernetesDeploy
   class PersistentVolumeClaim < KubernetesResource
     TIMEOUT = 5.minutes
 
+    def sync(cache)
+      super
+      @storage_classes = cache.get_all("StorageClass").map { |sc| StorageClass.new(sc) }
+    end
+
     def status
       exists? ? @instance_data["status"]["phase"] : "Not Found"
     end
 
     def deploy_succeeded?
-      status == "Bound"
+      return true if status == "Bound"
+
+      # if the StorageClass has volumeBindingMode: WaitForFirstConsumer,
+      # it won't bind until after a Pod mounts it. But it must be pre-deployed,
+      # as the Pod requires it. So 'Pending' must be treated as a 'Success' state
+      if storage_class&.volume_binding_mode == "WaitForFirstConsumer"
+        return status == "Pending" || status == "Bound"
+      end
+      false
     end
 
     def deploy_failed?
-      status == "Lost"
+      status == "Lost" || failure_message.present?
+    end
+
+    def failure_message
+      if storage_class_name.nil? && @storage_classes.count(&:default?) > 1
+        "PVC has no StorageClass specified and there are multiple StorageClasses " \
+        "annotated as default. This is an invalid cluster configuration."
+      end
+    end
+
+    def timeout_message
+      return STANDARD_TIMEOUT_MESSAGE unless storage_class_name.present? && !storage_class
+      "PVC specified a StorageClass of #{storage_class_name} but the resource does not exist"
+    end
+
+    private
+
+    def storage_class_name
+      @definition.dig("spec", "storageClassName")
+    end
+
+    def storage_class
+      if storage_class_name.present?
+        @storage_classes.detect { |sc| sc.name == storage_class_name }
+      # storage_class_name = "" is an explicit request for no storage class
+      # storage_class_name = nil is an impplicit request for default storage class
+      elsif storage_class_name != ""
+        @storage_classes.detect(&:default?)
+      end
+    end
+
+    class StorageClass < KubernetesResource
+      DEFAULT_CLASS_ANNOTATION = "storageclass.kubernetes.io/is-default-class"
+      DEFAULT_CLASS_BETA_ANNOTATION = "storageclass.beta.kubernetes.io/is-default-class"
+
+      attr_reader :name
+
+      def initialize(definition)
+        @definition = definition
+        @name = definition.dig("metadata", "name").to_s
+      end
+
+      def volume_binding_mode
+        @definition.dig("volumeBindingMode")
+      end
+
+      def default?
+        @definition.dig("metadata", "annotations", DEFAULT_CLASS_ANNOTATION) == "true" ||
+        @definition.dig("metadata", "annotations", DEFAULT_CLASS_BETA_ANNOTATION) == "true"
+      end
     end
   end
 end

data/lib/kubernetes-deploy/kubernetes_resource/pod.rb

@@ -65,10 +65,15 @@ module KubernetesDeploy
     end
 
     def timeout_message
-      return STANDARD_TIMEOUT_MESSAGE unless readiness_probe_failure?
-      probe_failure_msgs = @containers.map(&:readiness_fail_reason).compact
-      header = "The following containers have not passed their readiness probes on at least one pod:\n"
-      header + probe_failure_msgs.join("\n")
+      if readiness_probe_failure?
+        probe_failure_msgs = @containers.map(&:readiness_fail_reason).compact
+        header = "The following containers have not passed their readiness probes on at least one pod:\n"
+        header + probe_failure_msgs.join("\n")
+      elsif failed_schedule_reason.present?
+        "Pod could not be scheduled because #{failed_schedule_reason}"
+      else
+        STANDARD_TIMEOUT_MESSAGE
+      end
     end
 
     def failure_message
@@ -98,6 +103,16 @@ module KubernetesDeploy
 
     private
 
+    def failed_schedule_reason
+      if phase == "Pending"
+        conditions = @instance_data.dig('status', 'conditions') || []
+        unschedulable = conditions.find do |condition|
+          condition["type"] == "PodScheduled" && condition["status"] == "False"
+        end
+        unschedulable&.dig('message')
+      end
+    end
+
     def failed_phase?
       phase == FAILED_PHASE_NAME
     end

data/lib/kubernetes-deploy/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module KubernetesDeploy
-  VERSION = "0.26.4"
+  VERSION = "0.26.5"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kubernetes-deploy
 version: !ruby/object:Gem::Version
-  version: 0.26.4
+  version: 0.26.5
 platform: ruby
 authors:
 - Katrina Verey
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-04-29 00:00:00.000000000 Z
+date: 2019-07-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '4.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '4.3'
 - !ruby/object:Gem::Dependency
   name: googleauth
   requirement: !ruby/object:Gem::Requirement
@@ -239,9 +239,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".buildkite/pipeline.nightly.yml"
-- ".buildkite/pipeline.yml"
+- ".github/probots.yml"
 - ".gitignore"
 - ".rubocop.yml"
+- ".shopify-build/VERSION"
+- ".shopify-build/kubernetes-deploy.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
@@ -273,7 +275,6 @@ files:
 - lib/kubernetes-deploy/errors.rb
 - lib/kubernetes-deploy/formatted_logger.rb
 - lib/kubernetes-deploy/kubeclient_builder.rb
-- lib/kubernetes-deploy/kubeclient_builder/kube_config.rb
 - lib/kubernetes-deploy/kubectl.rb
 - lib/kubernetes-deploy/kubernetes_resource.rb
 - lib/kubernetes-deploy/kubernetes_resource/cloudsql.rb

data/.buildkite/pipeline.yml

@@ -1,29 +0,0 @@
-steps:
-  - name: 'Run Test Suite (:kubernetes: 1.13-latest)'
-    command: bin/ci
-    agents:
-      queue: k8s-ci
-    env:
-      LOGGING_LEVEL: 4
-      KUBERNETES_VERSION: v1.13-latest
-  - name: 'Run Test Suite (:kubernetes: 1.12-latest)'
-    command: bin/ci
-    agents:
-      queue: k8s-ci
-    env:
-      LOGGING_LEVEL: 4
-      KUBERNETES_VERSION: v1.12-latest
-  - name: 'Run Test Suite (:kubernetes: 1.11-latest)'
-    command: bin/ci
-    agents:
-      queue: k8s-ci
-    env:
-      LOGGING_LEVEL: 4
-      KUBERNETES_VERSION: v1.11-latest
-  - name: 'Run Test Suite (:kubernetes: 1.10-latest)'
-    command: bin/ci
-    agents:
-      queue: minikube-ci
-    env:
-      LOGGING_LEVEL: 4
-      KUBERNETES_VERSION: v1.10-latest

data/lib/kubernetes-deploy/kubeclient_builder/kube_config.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-require 'googleauth'
-module KubernetesDeploy
-  class KubeclientBuilder
-    class KubeConfig < Kubeclient::Config
-      def self.read(filename)
-        parsed = YAML.safe_load(File.read(filename), [Date, Time])
-        new(parsed, File.dirname(filename))
-      end
-
-      def fetch_user_auth_options(user)
-        if user.dig('auth-provider', 'name') == 'gcp'
-          { bearer_token: Kubeclient::GoogleApplicationDefaultCredentials.token }
-        else
-          super
-        end
-      end
-    end
-  end
-end