PyPI - cluster-builder - Versions diffs - 0.3.3__tar.gz → 0.4.0__tar.gz - Mend

cluster-builder 0.3.3tar.gz → 0.4.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cluster-builder might be problematic. Click here for more details.

Files changed (32) hide show

{cluster_builder-0.3.3 → cluster_builder-0.4.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cluster-builder
-Version: 0.3.3
+Version: 0.4.0
 Summary: Swarmchestrate cluster builder
 Author-email: Gunjan <G.Kotak@westminster.ac.uk>, Jay <J.Deslauriers@westminster.ac.uk>
 License: Apache2

{cluster_builder-0.3.3 → cluster_builder-0.4.0}/cluster_builder/swarmchestrate.py RENAMED Viewed

@@ -591,3 +591,107 @@ class Swarmchestrate:
         finally:
             if copy_dir.exists():
                 shutil.rmtree(copy_dir)
+    def create_registry_secrets(self, cluster_config: dict):
+        """
+        Create Docker registry secrets in Kubernetes using OpenTofu.
+        :param cluster_config: dict with keys:
+            {
+                "master_ip": "1.2.3.4",
+                "ssh_user": "ubuntu",
+                "ssh_private_key_path": "/path/to/key.pem",
+                "namespace": "optional-namespace",
+                "secret_names": ["optional-name1", "optional-name2"]
+            }
+        """
+        load_dotenv()
+        # Read registry creds from env
+        registries = os.getenv("DOCKER_REGISTRIES", "").split(",")
+        usernames = os.getenv("DOCKER_USERNAMES", "").split(",")
+        passwords = os.getenv("DOCKER_PASSWORDS", "").split(",")
+        if not (len(registries) == len(usernames) == len(passwords)):
+            raise RuntimeError("Mismatch in registry, username, and password counts")
+        # Get cluster connection from method input
+        master_ip = cluster_config.get("master_ip")
+        ssh_user = cluster_config.get("ssh_user")
+        ssh_key_path = cluster_config.get("ssh_private_key_path")
+        namespace = cluster_config.get("namespace", "default")
+        secret_names = cluster_config.get("secret_names", [])
+        if not all([master_ip, ssh_user, ssh_key_path]):
+            raise ValueError("Cluster config missing required keys")
+        # Validate secret_names length if provided
+        if secret_names and len(secret_names) != len(registries):
+            raise RuntimeError("Length of secret_names must match number of registries")
+        # Create temp dir for TF
+        temp_dir = Path(self.output_dir) / "registry-secret"
+        temp_dir.mkdir(parents=True, exist_ok=True)
+        try:
+            # Copy template tf file into temp dir
+            tf_source_file = Path(self.template_manager.templates_dir) / "registry_secret.tf"
+            if not tf_source_file.exists():
+                logger.debug(f"registry_secret.tf not found at: {tf_source_file}")
+                raise RuntimeError(f"registry_secret.tf not found at: {tf_source_file}")
+            tf_target = temp_dir / "registry_secret.tf"
+            shutil.copy(tf_source_file, tf_target)
+            logger.debug(f"Copied registry_secret.tf to {temp_dir}")
+            # Setup env for tofu
+            env_vars = os.environ.copy()
+            env_vars["TF_LOG"] = os.getenv("TF_LOG", "INFO")
+            # tofu init
+            CommandExecutor.run_command(
+                ["tofu", "init"],
+                cwd=str(temp_dir),
+                description="Init OpenTofu",
+                env=env_vars,
+            )
+            # Apply registry secrets
+            apply_vars = [
+                f"-var=registries={json.dumps(registries)}",
+                f"-var=usernames={json.dumps(usernames)}",
+                f"-var=passwords={json.dumps(passwords)}",
+                f"-var=master_ip={master_ip}",
+                f"-var=ssh_user={ssh_user}",
+                f"-var=ssh_private_key_path={ssh_key_path}",
+                f"-var=namespace={namespace}"
+            ]
+            if secret_names:
+                apply_vars.append(f"-var=secret_names={json.dumps(secret_names)}")
+            CommandExecutor.run_command(
+                ["tofu", "apply", "-auto-approve"] + apply_vars,
+                cwd=str(temp_dir),
+                description="Apply registry secrets",
+                env=env_vars,
+            )
+            # Fetch Terraform/OpenTofu output
+            output_result = CommandExecutor.run_command(
+                ["tofu", "output", "-json", "docker_registry_secret_names"],
+                cwd=str(temp_dir),
+                description="Fetch registry secret names",
+                env=env_vars,
+            )
+            lines = [line for line in output_result.splitlines() if line.strip()]
+            if not lines:
+                raise RuntimeError("No output received from OpenTofu for secret names")
+            secret_names_list = json.loads(lines[-1])
+            logger.info(f"Created registry secrets: {secret_names_list}")
+            return secret_names_list
+        finally:
+            logger.debug(f"Cleaning up temp dir: {temp_dir}")
+            shutil.rmtree(temp_dir)

cluster_builder-0.4.0/cluster_builder/templates/registry_secret.tf ADDED Viewed

@@ -0,0 +1,52 @@
+variable "registries" {
+  type = list(string)
+}
+variable "usernames" {
+  type = list(string)
+}
+variable "passwords" {
+  type = list(string)
+}
+variable "secret_names" {
+  type    = list(string)
+  default = []
+}
+variable "master_ip" {}
+variable "ssh_user" {}
+variable "ssh_private_key_path" {}
+variable "namespace" {
+  default = "default"
+}
+resource "null_resource" "docker_registry_secrets" {
+  count = length(var.registries)
+  connection {
+    type        = "ssh"
+    host        = var.master_ip
+    user        = var.ssh_user
+    private_key = file(var.ssh_private_key_path)
+  }
+  provisioner "remote-exec" {
+    inline = [
+      <<EOT
+        SECRET_NAME=${length(var.secret_names) > 0 ? var.secret_names[count.index] : "regcred-${count.index}"}
+        sudo -E KUBECONFIG=/etc/rancher/k3s/k3s.yaml kubectl create secret docker-registry $SECRET_NAME \
+          --docker-server="${var.registries[count.index]}" \
+          --docker-username="${var.usernames[count.index]}" \
+          --docker-password="${var.passwords[count.index]}" \
+          --namespace="${var.namespace}" \
+          --dry-run=client -o yaml | sudo kubectl apply -f -
+      EOT
+    ]
+  }
+}
+output "docker_registry_secret_names" {
+  value = [for i in range(length(var.registries)) : length(var.secret_names) > 0 ? var.secret_names[i] : "regcred-${i}"]
+}

{cluster_builder-0.3.3 → cluster_builder-0.4.0}/cluster_builder.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cluster-builder
-Version: 0.3.3
+Version: 0.4.0
 Summary: Swarmchestrate cluster builder
 Author-email: Gunjan <G.Kotak@westminster.ac.uk>, Jay <J.Deslauriers@westminster.ac.uk>
 License: Apache2

{cluster_builder-0.3.3 → cluster_builder-0.4.0}/cluster_builder.egg-info/SOURCES.txt RENAMED Viewed

@@ -19,6 +19,7 @@ cluster_builder/templates/deploy_manifest.tf
 cluster_builder/templates/ha_user_data.sh.tpl
 cluster_builder/templates/master_user_data.sh.tpl
 cluster_builder/templates/openstack_provider.tf
+cluster_builder/templates/registry_secret.tf
 cluster_builder/templates/worker_user_data.sh.tpl
 cluster_builder/templates/aws/main.tf
 cluster_builder/templates/edge/main.tf

{cluster_builder-0.3.3 → cluster_builder-0.4.0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "cluster-builder"
-version = "0.3.3"
+version = "0.4.0"
 description = "Swarmchestrate cluster builder"
 readme = "README.md"
 authors = [