ood_core 0.13.0 → 0.16.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3296708d7bc47f3379a9e4a6c845d3f25c5ccefb599f4b92406d9dffdaef220b
-  data.tar.gz: b6af9e90b67bc9a7a52203808d849d8800336b30b09bdb8ed204526d01bc92e9
+  metadata.gz: 19665b6db28d01da39093dc90d4a5023ca12264f07b932aebc8ec8c443bafa25
+  data.tar.gz: d9c8c6d8f30851ea9138c8325aafd750823534a51f36601a20366265ac4feec2
 SHA512:
-  metadata.gz: 623ac6e6f8081d68a3e925d1150c9f20a0f613ccfb6837519d1b95d04533a72caa403c54327aad85dcea9c0694cc23941f40307d942623c095f53fed7fc32026
-  data.tar.gz: 0d785a9ade36b2f6f62f9ae55672091346aa4fb76bf358e6c00d4bc007623b8d1798813474665fc7b4d850d89e041fae5c2fefc9719fbe9f53a161a76127eaad
+  metadata.gz: 1ed1eaa873366ad5e825ed29c7401dd3bca4a424ab7a689a19479f297ec20d7e019cd53609006b0919a365dd0002eb0c1e9c0cabcc9f69579cf7ae81b33b3ae7
+  data.tar.gz: 90a4cfa3ee8b1f76ef7e1f28df6d8e64725d1eaff005b4bd4ff7fc8f88e5bfda8a15e706636c18e7b5ac74451071eaea4e6814945ea25e95f6c7ed2de8fd2fec

data/.github/workflows/test.yml

@@ -0,0 +1,30 @@
+name: Unit Tests
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+
+      - name: Setup Ruby using Bundler
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: "2.7.1"
+          bundler-cache: true
+          bundler: "2.1.4"
+
+      - name: install gems
+        run: bundle install
+
+      - name: test
+        run: bundle exec rake spec

data/CHANGELOG.md

@@ -6,6 +6,64 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+## [0.16.1] - 2021-04-23
+### Fixed
+- memorized some allow? variables to have better support around ACLS in
+  [267](https://github.com/OSC/ood_core/pull/267)
+
+## [0.16.0] - 2021-04-20
+### Fixed
+- tmux 2.7+ bug in the linux host adapter in [2.5.8](https://github.com/OSC/ood_core/pull/258)
+  and [259](https://github.com/OSC/ood_core/pull/259).
+
+### Changed
+
+- Changed how k8s configmaps in are defined in [251](https://github.com/OSC/ood_core/pull/251).
+  The data structure now expects a key called files which is an array of objects that hold
+  filename, data, mount_path, sub_path and init_mount_path.
+  [255](https://github.com/OSC/ood_core/pull/255) also relates to this interface change.
+
+### Added
+
+- The k8s adapter can now specify environment variables and creates defaults 
+  in [252](https://github.com/OSC/ood_core/pull/252).
+- The k8s adapter can now specify image pull secrets in [253](https://github.com/OSC/ood_core/pull/253).
+
+## [0.15.1] - 2021-02-25
+### Fixed
+- kubernetes adapter uses the full module for helpers in [245](https://github.com/OSC/ood_core/pull/245).
+
+### Changed
+- kubernetes pods spawn with runAsNonRoot set to true in [247](https://github.com/OSC/ood_core/pull/247).
+- kubernetes pods can spawn with supplemental groups along with some other in security defaults in
+  [246](https://github.com/OSC/ood_core/pull/246).
+
+## [0.15.0] - 2021-01-26
+### Fixed
+- ccq adapter now accepts job names with spaces in [210](https://github.com/OSC/ood_core/pull/209)
+- k8s correctly handles having no mount volumes in [239](https://github.com/OSC/ood_core/pull/239)
+
+### Added
+- k8s adapter now applies account metadata to resources in [216](https://github.com/OSC/ood_core/pull/216) and
+  [231](https://github.com/OSC/ood_core/pull/231)
+- k8s adapter can now prefix namespaces in [218](https://github.com/OSC/ood_core/pull/218)
+- k8s adapter now applies time limits to pods in [224](https://github.com/OSC/ood_core/pull/224)
+
+### Changed
+- testing automation is now done in github actions in [221](https://github.com/OSC/ood_core/pull/218)
+- update bunlder to 2.1.4 and ruby to 2.7 in [235](https://github.com/OSC/ood_core/pull/218) updated bundler and ruby
+- k8s adapter more appropriately labels unschedulable pods as queued in [230](https://github.com/OSC/ood_core/pull/230)
+- k8s adapter now uses the script#ood_connection_info API instead of script#native in
+  [222](https://github.com/OSC/ood_core/pull/222)
+
+## [0.14.0] - 2020-10-01
+### Added 
+- Kubernetes adapter in PR [156](https://github.com/OSC/ood_core/pull/156)
+
+### Fixed
+- Catch Slurm times. [209](https://github.com/OSC/ood_core/pull/209)
+- LHA race condition in deleteing tmp files. [212](https://github.com/OSC/ood_core/pull/212)
+
 ## [0.13.0] - 2020-08-10
 ### Added
 - CloudyCluster CCQ Adapter
@@ -247,7 +305,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Added
 - Initial release!
 
-[Unreleased]: https://github.com/OSC/ood_core/compare/v0.13.0...HEAD
+[Unreleased]: https://github.com/OSC/ood_core/compare/v0.16.1...HEAD
+[0.16.1]: https://github.com/OSC/ood_core/compare/v0.16.0...v0.16.1
+[0.16.0]: https://github.com/OSC/ood_core/compare/v0.15.1...v0.16.0
+[0.15.1]: https://github.com/OSC/ood_core/compare/v0.15.0...v0.15.1
+[0.15.0]: https://github.com/OSC/ood_core/compare/v0.14.0...v0.15.0
+[0.14.0]: https://github.com/OSC/ood_core/compare/v0.13.0...v0.14.0
 [0.13.0]: https://github.com/OSC/ood_core/compare/v0.12.0...v0.13.0
 [0.12.0]: https://github.com/OSC/ood_core/compare/v0.11.4...v0.12.0
 [0.11.4]: https://github.com/OSC/ood_core/compare/v0.11.3...v0.11.4

data/README.md

@@ -1,12 +1,12 @@
 # OodCore
 
-[![Build Status](https://travis-ci.org/OSC/ood_core.svg?branch=master)](https://travis-ci.org/OSC/ood_core)
+[![Build Status](https://github.com/osc/ood_core/workflows/Unit%20Tests/badge.svg)](https://github.com/OSC/ood_core/actions?query=workflow%3A%22Unit+Tests%22)
 ![GitHub Release](https://img.shields.io/github/release/osc/ood_core.svg)
 ![GitHub License](https://img.shields.io/github/license/osc/ood_core.svg)
 
 - Website: http://openondemand.org/
 - Website repo with JOSS publication: https://github.com/OSC/Open-OnDemand
-- Documentation: https://osc.github.io/ood-documentation/master/
+- Documentation: https://osc.github.io/ood-documentation/latest/
 - Main code repo: https://github.com/OSC/ondemand
 - Core library repo: https://github.com/OSC/ood_core
 

data/lib/ood_core/cluster.rb

@@ -78,7 +78,9 @@ module OodCore
     # Whether the login feature is allowed
     # @return [Boolean] is login allowed
     def login_allow?
-      allow? && !login_config.empty?
+      return @login_allow if defined?(@login_allow)
+
+      @login_allow = (allow? && !login_config.empty?)
     end
 
     # Build a job adapter from the job configuration
@@ -90,9 +92,11 @@ module OodCore
     # Whether the job feature is allowed based on the ACLs
     # @return [Boolean] is the job feature allowed
     def job_allow?
-      allow? &&
-        !job_config.empty? &&
-        build_acls(job_config.fetch(:acls, []).map(&:to_h)).all?(&:allow?)
+      return @job_allow if defined?(@job_allow)
+
+      @job_allow = (allow? && ! job_config.empty? && build_acls(
+        job_config.fetch(:acls, []).map(&:to_h)
+      ).all?(&:allow?))
     end
 
     # The batch connect template configuration used for this cluster
@@ -138,7 +142,9 @@ module OodCore
     # Whether this cluster is allowed to be used
     # @return [Boolean] whether cluster is allowed
     def allow?
-      acls.all?(&:allow?)
+      return @allow if defined?(@allow)
+
+      @allow = acls.all?(&:allow?)
     end
 
     # The comparison operator

data/lib/ood_core/job/adapters/ccq.rb

@@ -203,6 +203,10 @@ module OodCore
           'ccq_ood_script_'
         end
 
+        def ccqstat_regex
+          /^(?<id>\S+)\s+(?<name>.+)\s+(?<username>\S+)\s+(?<scheduler>\S+)\s+(?<status>\S+)\s*$/
+        end
+
         def parse_job_id_from_ccqsub(output)
           match_data = /#{jobid_regex}/.match(output)
           # match_data could be nil, OR re-configured jobid_regex could be looking for a different named group
@@ -236,28 +240,31 @@ module OodCore
         def info_from_ccqstat(data)
           infos = []
 
-          data.to_s.each_line do |line|
-            words = line.split(/\s/).reject(&:empty?)
-            next if !words.empty? && words[0] == "Id" # just skip the header
-
-            infos << Info.new(line_to_hash(words)) if words.size == 5
+          data.to_s.lines.drop(1).each do |line|
+            match_data = ccqstat_regex.match(line)
+            infos << Info.new(ccqstat_match_to_hash(match_data)) if valid_ccqstat_match?(match_data)
           end
 
           infos
         end
 
-        def line_to_hash(words)
-          return unless words.size == 5
-
+        def ccqstat_match_to_hash(match)
           data_hash = {}
-          data_hash[:id] = words[0]
-          data_hash[:job_name] = words[1]
-          data_hash[:job_owner] = words[2]
-          data_hash[:status] = get_state(words[4])
+          data_hash[:id] = match.named_captures.fetch('id', nil)
+          data_hash[:job_owner] = match.named_captures.fetch('username', nil)
+          data_hash[:status] = get_state(match.named_captures.fetch('status', nil))
+
+          # The regex leaves trailing empty spaces. There's no way to tell if they're _actually_
+          # a part of the job name or not, so we assume they're not and add the rstrip.
+          data_hash[:job_name] = match.named_captures.fetch('name', nil).to_s.rstrip
 
           data_hash
         end
 
+        def valid_ccqstat_match?(match)
+          !match.nil? && !match.named_captures.fetch('id', nil).nil?
+        end
+
         def get_state(state)
           STATE_MAP.fetch(state, :undetermined)
         end

data/lib/ood_core/job/adapters/kubernetes.rb

@@ -0,0 +1,193 @@
+require "ood_core/refinements/hash_extensions"
+require "ood_core/refinements/array_extensions"
+
+module OodCore
+  module Job
+    class Factory
+      using Refinements::HashExtensions
+
+      def self.build_kubernetes(config)
+        batch = Adapters::Kubernetes::Batch.new(config.to_h.symbolize_keys)
+        Adapters::Kubernetes.new(batch)
+      end
+    end
+
+    module Adapters
+      class Kubernetes < Adapter
+
+        using Refinements::ArrayExtensions
+        using Refinements::HashExtensions
+
+        require "ood_core/job/adapters/kubernetes/batch"
+
+        attr_reader :batch
+
+        def initialize(batch)
+          @batch = batch
+        end
+
+        # Submit a job with the attributes defined in the job template instance
+        # @abstract Subclass is expected to implement {#submit}
+        # @raise [NotImplementedError] if subclass did not define {#submit}
+        # @example Submit job template to cluster
+        #   solver_id = job_adapter.submit(solver_script)
+        #   #=> "1234.server"
+        # @example Submit job that depends on previous job
+        #   post_id = job_adapter.submit(
+        #     post_script,
+        #     afterok: solver_id
+        #   )
+        #   #=> "1235.server"
+        # @param script [Script] script object that describes the
+        #   script and attributes for the submitted job
+        # @param after [#to_s, Array<#to_s>] this job may be scheduled for execution
+        #   at any point after dependent jobs have started execution
+        # @param afterok [#to_s, Array<#to_s>] this job may be scheduled for
+        #   execution only after dependent jobs have terminated with no errors
+        # @param afternotok [#to_s, Array<#to_s>] this job may be scheduled for
+        #   execution only after dependent jobs have terminated with errors
+        # @param afterany [#to_s, Array<#to_s>] this job may be scheduled for
+        #   execution after dependent jobs have terminated
+        # @return [String] the job id returned after successfully submitting a job
+        def submit(script, after: [], afterok: [], afternotok: [], afterany: [])
+          raise ArgumentError, 'Must specify the script' if script.nil?
+
+          batch.submit(script)
+        rescue Batch::Error => e
+          raise JobAdapterError, e.message
+        end
+
+
+        # Retrieve info for all jobs from the resource manager
+        # @abstract Subclass is expected to implement {#info_all}
+        # @raise [NotImplementedError] if subclass did not define {#info_all}
+        # @param attrs [Array<symbol>] defaults to nil (and all attrs are provided) 
+        #   This array specifies only attrs you want, in addition to id and status.
+        #   If an array, the Info object that is returned to you is not guarenteed
+        #   to have a value for any attr besides the ones specified and id and status.
+        #
+        #   For certain adapters this may speed up the response since
+        #   adapters can get by without populating the entire Info object
+        # @return [Array<Info>] information describing submitted jobs
+        def info_all(attrs: nil)
+          batch.info_all(attrs: attrs)
+        rescue Batch::Error => e
+          raise JobAdapterError, e.message
+        end
+
+        # Retrieve info for all jobs for a given owner or owners from the
+        # resource manager
+        # @param owner [#to_s, Array<#to_s>] the owner(s) of the jobs
+        # @param attrs [Array<symbol>] defaults to nil (and all attrs are provided) 
+        #   This array specifies only attrs you want, in addition to id and status.
+        #   If an array, the Info object that is returned to you is not guarenteed
+        #   to have a value for any attr besides the ones specified and id and status.
+        #
+        #   For certain adapters this may speed up the response since
+        #   adapters can get by without populating the entire Info object
+        # @return [Array<Info>] information describing submitted jobs
+        def info_where_owner(owner, attrs: nil)
+          owner = Array.wrap(owner).map(&:to_s)
+
+          # must at least have job_owner to filter by job_owner
+          attrs = Array.wrap(attrs) | [:job_owner] unless attrs.nil?
+
+          info_all(attrs: attrs).select { |info| owner.include? info.job_owner }
+        end
+
+        # Iterate over each job Info object
+        # @param attrs [Array<symbol>] defaults to nil (and all attrs are provided) 
+        #   This array specifies only attrs you want, in addition to id and status.
+        #   If an array, the Info object that is returned to you is not guarenteed
+        #   to have a value for any attr besides the ones specified and id and status.
+        #
+        #   For certain adapters this may speed up the response since
+        #   adapters can get by without populating the entire Info object
+        # @yield [Info] of each job to block
+        # @return [Enumerator] if no block given
+        def info_all_each(attrs: nil)
+          return to_enum(:info_all_each, attrs: attrs) unless block_given?
+
+          info_all(attrs: attrs).each do |job|
+            yield job
+          end
+        end
+
+        # Iterate over each job Info object
+        # @param owner [#to_s, Array<#to_s>] the owner(s) of the jobs
+        # @param attrs [Array<symbol>] defaults to nil (and all attrs are provided) 
+        #   This array specifies only attrs you want, in addition to id and status.
+        #   If an array, the Info object that is returned to you is not guarenteed
+        #   to have a value for any attr besides the ones specified and id and status.
+        #
+        #   For certain adapters this may speed up the response since
+        #   adapters can get by without populating the entire Info object
+        # @yield [Info] of each job to block
+        # @return [Enumerator] if no block given
+        def info_where_owner_each(owner, attrs: nil)
+          return to_enum(:info_where_owner_each, owner, attrs: attrs) unless block_given?
+
+          info_where_owner(owner, attrs: attrs).each do |job|
+            yield job
+          end
+        end
+
+        # Whether the adapter supports job arrays
+        # @return [Boolean] - assumes true; but can be overridden by adapters that
+        #   explicitly do not
+        def supports_job_arrays?
+          false
+        end
+
+        # Retrieve job info from the resource manager
+        # @abstract Subclass is expected to implement {#info}
+        # @raise [NotImplementedError] if subclass did not define {#info}
+        # @param id [#to_s] the id of the job
+        # @return [Info] information describing submitted job
+        def info(id)
+          batch.info(id.to_s)
+        rescue Batch::Error => e
+          raise JobAdapterError, e.message
+        end
+
+        # Retrieve job status from resource manager
+        # @note Optimized slightly over retrieving complete job information from server
+        # @abstract Subclass is expected to implement {#status}
+        # @raise [NotImplementedError] if subclass did not define {#status}
+        # @param id [#to_s] the id of the job
+        # @return [Status] status of job
+        def status(id)
+          info(id).status
+        end
+
+        # Put the submitted job on hold
+        # @abstract Subclass is expected to implement {#hold}
+        # @raise [NotImplementedError] if subclass did not define {#hold}
+        # @param id [#to_s] the id of the job
+        # @return [void]
+        def hold(id)
+          raise NotImplementedError, 'subclass did not define #hold'
+        end
+
+        # Release the job that is on hold
+        # @abstract Subclass is expected to implement {#release}
+        # @raise [NotImplementedError] if subclass did not define {#release}
+        # @param id [#to_s] the id of the job
+        # @return [void]
+        def release(id)
+          raise NotImplementedError, 'subclass did not define #release'
+        end
+
+        # Delete the submitted job.
+        #
+        # @param id [#to_s] the id of the job
+        # @return [void]
+        def delete(id)
+          batch.delete(id.to_s)
+        rescue Batch::Error => e
+          raise JobAdapterError, e.message
+        end
+      end
+    end
+  end
+end

data/lib/ood_core/job/adapters/kubernetes/batch.rb

@@ -0,0 +1,372 @@
+require "ood_core/refinements/hash_extensions"
+require "json"
+
+class OodCore::Job::Adapters::Kubernetes::Batch
+
+  require_relative "helper"
+  require_relative "k8s_job_info"
+
+  using OodCore::Refinements::HashExtensions
+
+  class Error < StandardError; end
+  class NotFoundError < StandardError; end
+
+  attr_reader :config_file, :bin, :cluster, :mounts
+  attr_reader :all_namespaces, :using_context, :helper
+  attr_reader :username_prefix, :namespace_prefix
+
+  def initialize(options = {})
+    options = options.to_h.symbolize_keys
+
+    @config_file = options.fetch(:config_file, default_config_file)
+    @bin = options.fetch(:bin, '/usr/bin/kubectl')
+    @cluster = options.fetch(:cluster, 'open-ondemand')
+    @mounts = options.fetch(:mounts, []).map { |m| m.to_h.symbolize_keys }
+    @all_namespaces = options.fetch(:all_namespaces, false)
+    @username_prefix = options.fetch(:username_prefix, nil)
+    @namespace_prefix = options.fetch(:namespace_prefix, '')
+
+    @using_context = false
+    @helper = OodCore::Job::Adapters::Kubernetes::Helper.new
+
+    begin
+      make_kubectl_config(options)
+    rescue
+      # FIXME could use a log here
+      # means you couldn't 'kubectl set config'
+    end
+  end
+
+  def resource_file(resource_type = 'pod')
+    File.dirname(__FILE__) + "/templates/#{resource_type}.yml.erb"
+  end
+
+  def submit(script, after: [], afterok: [], afternotok: [], afterany: [])
+    raise ArgumentError, 'Must specify the script' if script.nil?
+
+    resource_yml, id = generate_id_yml(script)
+    call("#{formatted_ns_cmd} create -f -", stdin: resource_yml)
+
+    id
+  end
+
+  def generate_id(name)
+    # 2_821_109_907_456 = 36**8
+    name.downcase.tr(' ', '-') + '-' + rand(2_821_109_907_456).to_s(36)
+  end
+
+  def info_all(attrs: nil)
+    cmd = if all_namespaces
+            "#{base_cmd} get pods -o json --all-namespaces"
+          else
+            "#{namespaced_cmd} get pods -o json"
+          end
+
+    output = call(cmd)
+    all_pods_to_info(output)
+  end
+
+  def info_where_owner(owner, attrs: nil)
+    owner = Array.wrap(owner).map(&:to_s)
+
+    # must at least have job_owner to filter by job_owner
+    attrs = Array.wrap(attrs) | [:job_owner] unless attrs.nil?
+
+    info_all(attrs: attrs).select { |info| owner.include? info.job_owner }
+  end
+
+  def info_all_each(attrs: nil)
+    return to_enum(:info_all_each, attrs: attrs) unless block_given?
+
+    info_all(attrs: attrs).each do |job|
+      yield job
+    end
+  end
+
+  def info_where_owner_each(owner, attrs: nil)
+    return to_enum(:info_where_owner_each, owner, attrs: attrs) unless block_given?
+
+    info_where_owner(owner, attrs: attrs).each do |job|
+      yield job
+    end
+  end
+
+  def info(id)
+    pod_json = safe_call('get', 'pod', id)
+    return OodCore::Job::Info.new({ id: id, status: 'completed' }) if pod_json.empty?
+
+    service_json = safe_call('get', 'service', service_name(id))
+    secret_json = safe_call('get', 'secret', secret_name(id))
+
+    helper.info_from_json(pod_json: pod_json, service_json: service_json, secret_json: secret_json)
+  end
+
+  def status(id)
+    info(id).status
+  end
+
+  def delete(id)
+    safe_call("delete", "pod", id)
+    safe_call("delete", "service", service_name(id))
+    safe_call("delete", "secret", secret_name(id))
+    safe_call("delete", "configmap", configmap_name(id))
+  end
+
+  private
+
+  def safe_call(verb, resource, id)
+    begin
+      case verb.to_s
+      when "get"
+        call_json_output('get', resource, id)
+      when "delete"
+        call("#{namespaced_cmd} delete #{resource} #{id}")
+      end
+    rescue NotFoundError
+      {}
+    end
+  end
+
+  # helper to help format multi-line yaml data from the submit.yml into 
+  # mutli-line yaml in the pod.yml.erb
+  def config_data_lines(data)
+    output = []
+    first = true
+
+    data.to_s.each_line do |line|
+      output.append(first ? line : line.prepend("    "))
+      first = false
+    end
+
+    output
+  end
+
+  def username
+    @username ||= Etc.getlogin
+  end
+
+  def k8s_username
+    username_prefix.nil? ? username : "#{username_prefix}-#{username}"
+  end
+
+  def user
+    @user ||= Etc.getpwnam(username)
+  end
+
+  def home_dir
+    user.dir
+  end
+
+  def run_as_user
+    user.uid
+  end
+
+  def run_as_group
+    user.gid
+  end
+
+  def fs_group
+    run_as_group
+  end
+
+  def group
+    Etc.getgrgid(run_as_group).name
+  end
+
+  def default_env
+    {
+      USER: username,
+      UID: run_as_user,
+      HOME: home_dir,
+      GROUP: group,
+      GID: run_as_group,
+    }
+  end
+
+  # helper to template resource yml you're going to submit and
+  # create an id.
+  def generate_id_yml(script)
+    native_data = script.native
+    container = helper.container_from_native(native_data[:container], default_env)
+    id = generate_id(container.name)
+    configmap = helper.configmap_from_native(native_data, id)
+    init_containers = helper.init_ctrs_from_native(native_data[:init_containers], container.env)
+    spec = OodCore::Job::Adapters::Kubernetes::Resources::PodSpec.new(container, init_containers: init_containers)
+    all_mounts = native_data[:mounts].nil? ? mounts : mounts + native_data[:mounts]
+
+    template = ERB.new(File.read(resource_file), nil, '-')
+
+    [template.result(binding), id]
+  end
+
+  # helper to call kubectl and get json data back.
+  # verb, resrouce and id are the kubernetes parlance terms.
+  # example: 'kubectl get pod my-pod-id' is verb=get, resource=pod
+  # and  id=my-pod-id
+  def call_json_output(verb, resource, id, stdin: nil)
+    cmd = "#{formatted_ns_cmd} #{verb} #{resource} #{id}"
+    data = call(cmd, stdin: stdin)
+    data = data.empty? ? '{}' : data
+    json_data = JSON.parse(data, symbolize_names: true)
+
+    json_data
+  end
+
+  def service_name(id)
+    helper.service_name(id)
+  end
+
+  def secret_name(id)
+    helper.secret_name(id)
+  end
+
+  def configmap_name(id)
+    helper.configmap_name(id)
+  end
+
+  def namespace
+    "#{namespace_prefix}#{username}"
+  end
+
+  def context
+    cluster
+  end
+
+  def default_config_file
+    (ENV['KUBECONFIG'] || "#{Dir.home}/.kube/config")
+  end
+
+  def default_auth
+    {
+      type: 'managaged'
+    }.symbolize_keys
+  end
+
+  def default_server
+    {
+      endpoint: 'https://localhost:8080',
+      cert_authority_file: nil
+    }.symbolize_keys
+  end
+
+  def formatted_ns_cmd
+    "#{namespaced_cmd} -o json"
+  end
+
+  def namespaced_cmd
+    "#{base_cmd} --namespace=#{namespace}"
+  end
+
+  def base_cmd
+    base = "#{bin} --kubeconfig=#{config_file}"
+    base << " --context=#{context}" if using_context
+    base
+  end
+
+  def all_pods_to_info(data)
+    json_data = JSON.parse(data, symbolize_names: true)
+    pods = json_data.dig(:items)
+
+    info_array = []
+    pods.each do |pod|
+      info = pod_info_from_json(pod)
+      info_array.push(info) unless info.nil?
+    end
+
+    info_array
+  rescue JSON::ParserError
+    # 'no resources in <namespace>' throws parse error
+    []
+  end
+
+  def pod_info_from_json(pod)
+    hash = helper.pod_info_from_json(pod)
+    K8sJobInfo.new(hash)
+  rescue Helper::K8sDataError
+    # FIXME: silently eating error, could probably use a logger
+    nil
+  end
+
+  def make_kubectl_config(config)
+    set_cluster(config.fetch(:server, default_server).to_h.symbolize_keys)
+    configure_auth(config.fetch(:auth, default_auth).to_h.symbolize_keys)
+  end
+
+  def configure_auth(auth)
+    type = auth.fetch(:type)
+    return if managed?(type)
+
+    case type
+    when 'gke'
+      set_gke_config(auth)
+    when 'oidc'
+      set_context
+    end
+  end
+
+  def use_context
+    @using_context = true
+  end
+
+  def managed?(type)
+    if type.nil?
+      true # maybe should be false?
+    else
+      type.to_s == 'managed'
+    end
+  end
+
+  def set_gke_config(auth)
+    cred_file = auth.fetch(:svc_acct_file)
+
+    cmd = "gcloud auth activate-service-account --key-file=#{cred_file}"
+    call(cmd)
+
+    set_gke_credentials(auth)
+  end
+
+  def set_gke_credentials(auth)
+
+    zone = auth.fetch(:zone, nil)
+    region = auth.fetch(:region, nil)
+
+    locale = ''
+    locale = "--zone=#{zone}" unless zone.nil?
+    locale = "--region=#{region}" unless region.nil?
+
+    # gke cluster name can probably can differ from what ood calls the cluster
+    cmd = "gcloud container clusters get-credentials #{locale} #{cluster}"
+    env = { 'KUBECONFIG' => config_file }
+    call(cmd, env)
+  end
+
+  def set_context
+    cmd = "#{base_cmd} config set-context #{cluster}"
+    cmd << " --cluster=#{cluster} --namespace=#{namespace}"
+    cmd << " --user=#{k8s_username}"
+
+    call(cmd)
+    use_context
+  end
+
+  def set_cluster(config)
+    server = config.fetch(:endpoint)
+    cert = config.fetch(:cert_authority_file, nil)
+
+    cmd = "#{base_cmd} config set-cluster #{cluster}"
+    cmd << " --server=#{server}"
+    cmd << " --certificate-authority=#{cert}" unless cert.nil?
+
+    call(cmd)
+  end
+
+  def call(cmd = '', env: {}, stdin: nil)
+    o, e, s = Open3.capture3(env, cmd, stdin_data: stdin.to_s)
+    s.success? ? o : interpret_and_raise(e)
+  end
+
+  def interpret_and_raise(stderr)
+    raise NotFoundError, stderr if /^Error from server \(NotFound\):/.match(stderr)
+    raise(Error, stderr)
+  end
+end