Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
blueprint_config = blueprint['full_config']
# create a dict out of space separated list of VAR=VAL entries
env_var_array = blueprint_config.get('environment_vars', '').split()
env_var_dict = {k: v for k, v in [x.split('=') for x in env_var_array]}
env_var_dict['INSTANCE_ID'] = instance['id']
env_var_list = [kc.V1EnvVar(x, env_var_dict[x]) for x in env_var_dict.keys()]
deployment = kc.V1Deployment(
metadata=kc.V1ObjectMeta(name=instance['name']),
spec=kc.V1DeploymentSpec(
selector={'matchLabels': {'name': instance['name']}},
template=kc.V1PodTemplateSpec(
metadata=kc.V1ObjectMeta(labels={'name': instance['name']}),
spec=kc.V1PodSpec(
automount_service_account_token=False,
containers=[
kc.V1Container(
name='test',
image=blueprint_config['image'],
args=blueprint_config['args'].split(),
env=env_var_list,
)
]
)
)
)
)
return deployment
safeowner = clean(owner)
safetitle = clean(title)
name = f"{safeowner}-{safetitle}"
container = kclient.V1Container(
name=job_id,
image=f"{self.cr}/{self.project}/{safeowner}_{safetitle}_tasks:{tag}",
command=["csw", "job", "--job-id", job_id, "--route-name", "sim"],
env=self.env(owner, title, config),
resources=kclient.V1ResourceRequirements(**config["resources"]),
)
# Create and configurate a spec section
template = kclient.V1PodTemplateSpec(
metadata=kclient.V1ObjectMeta(
labels={"app": f"{name}-job", "job-id": job_id}
),
spec=kclient.V1PodSpec(
restart_policy="Never",
containers=[container],
node_selector={"component": "model"},
),
)
# Create the specification of deployment
spec = kclient.V1JobSpec(
template=template, backoff_limit=1, ttl_seconds_after_finished=0
)
# Instantiate the job object
job = kclient.V1Job(
api_version="batch/v1",
kind="Job",
metadata=kclient.V1ObjectMeta(name=job_id),
spec=spec,
)
# Create a secret to enable pulling images from secure repositories
secret = None
if self.secret:
secret = client.V1LocalObjectReference(name=self.secret)
# Create list of volumes from (pvc, mount) tuples
volume_defs = []
for volume in volumes:
volume_defs.append(client.V1Volume(name=volume[0],
persistent_volume_claim=client.V1PersistentVolumeClaimVolumeSource(
claim_name=volume[0])))
metadata = client.V1ObjectMeta(name=pod_name,
labels={"app": job_name})
spec = client.V1PodSpec(containers=[container],
image_pull_secrets=[secret],
volumes=volume_defs
)
pod = client.V1Pod(spec=spec, metadata=metadata)
api_response = self.kube_client.create_namespaced_pod(namespace=self.namespace,
body=pod)
logger.debug("Pod created. status='{0}'".format(str(api_response.status)))
def create_deployment(apps_v1_api):
container = client.V1Container(
name="deployment",
image="gcr.io/google-appengine/fluentd-logger",
image_pull_policy="Never",
ports=[client.V1ContainerPort(container_port=5678)],
)
# Template
template = client.V1PodTemplateSpec(
metadata=client.V1ObjectMeta(labels={"app": "deployment"}),
spec=client.V1PodSpec(containers=[container]))
# Spec
spec = client.V1DeploymentSpec(
replicas=1,
template=template)
# Deployment
deployment = client.V1Deployment(
api_version="apps/v1",
kind="Deployment",
metadata=client.V1ObjectMeta(name="deployment"),
spec=spec)
# Creation of the Deployment in specified namespace
# (Can replace "default" with a namespace you may have created)
apps_v1_api.create_namespaced_deployment(
namespace="default", body=deployment
)
env_list = []
for key, value in env_vars_dict.iteritems():
v1_envvar = client.V1EnvVar(name=key, value=value)
env_list.append(v1_envvar)
# Configure Pod template container
container = client.V1Container(
name=deployment_name,
image=tagged_image,
ports=[client.V1ContainerPort(container_port=container_port)],
env=env_list)
# Create and configurate a spec section
template = client.V1PodTemplateSpec(
metadata=client.V1ObjectMeta(labels={"app": deployment_name}),
spec=client.V1PodSpec(containers=[container]))
deployment = ''
if not alternate_api:
# Create the specification of deployment
spec = client.AppsV1beta1DeploymentSpec(
replicas=1,
template=template)
# Instantiate the deployment object
deployment = client.AppsV1beta1Deployment(
api_version="apps/v1beta1",
kind="Deployment",
metadata=client.V1ObjectMeta(name=deployment_name),
spec=spec)
else:
# Create the specification of deployment
key = "op_docker_hosts_%s" % ip
if Redis.exists(key):
hostnames = Redis.lrange(key,0,-1)
if hostnames:
host_aliases.append(client.V1HostAlias(hostnames=hostnames,ip=ip))
Redis.delete(key)
except Exception as e:
logging.error(e)
if self.labels:
if 'deploy' in self.labels:
preference_key = self.labels['deploy']
if 'project' in self.labels:
project_values = [self.labels['project']]
template = client.V1PodTemplateSpec(
metadata=client.V1ObjectMeta(labels={"project": self.dm_name}),
spec=client.V1PodSpec(containers=containers,
image_pull_secrets=[secrets],
volumes=volumes,
host_aliases = host_aliases,
affinity=client.V1Affinity(
node_affinity=client.V1NodeAffinity(
preferred_during_scheduling_ignored_during_execution = [
client.V1PreferredSchedulingTerm(
preference=client.V1NodeSelectorTerm(
match_expressions=[client.V1NodeSelectorRequirement(
key=preference_key,
operator='In', values=['mark'])
]), weight=100)],
required_during_scheduling_ignored_during_execution=client.V1NodeSelector(node_selector_terms=[
client.V1NodeSelectorTerm(match_expressions=[
client.V1NodeSelectorRequirement(
key='project',operator='In',values=project_values)])
annotations = {}
if IAM_ROLE:
annotations["iam.amazonaws.com/role"] = IAM_ROLE
resp = _kube.create_namespaced_job(
namespace=NAMESPACE,
body=kubernetes.client.V1Job(
metadata=kubernetes.client.V1ObjectMeta(name=get_job_name(event["id"]), labels=get_job_labels(event)),
spec=kubernetes.client.V1JobSpec(
completions=1,
parallelism=1,
backoff_limit=1, # This is not respected in k8s v1.11 (https://github.com/kubernetes/kubernetes/issues/54870)
active_deadline_seconds=600,
template=kubernetes.client.V1PodTemplateSpec(
metadata=kubernetes.client.V1ObjectMeta(annotations=annotations, labels=get_job_labels(event)),
spec=kubernetes.client.V1PodSpec(
containers=[
kubernetes.client.V1Container(
name=get_job_name(event["id"]),
image=DRAGONCHAIN_IMAGE,
security_context=kubernetes.client.V1SecurityContext(privileged=True),
volume_mounts=volume_mounts,
command=["sh"],
args=["entrypoints/contract_job.sh"],
env=[
kubernetes.client.V1EnvVar(name="EVENT", value=json.dumps(event, separators=(",", ":"))),
kubernetes.client.V1EnvVar(name="SERVICE", value="contract-job"),
],
env_from=[
kubernetes.client.V1EnvFromSource(
config_map_ref=kubernetes.client.V1ConfigMapEnvSource(name=f"{DEPLOYMENT_NAME}-configmap")
)
ports = [
client.V1ContainerPort(container_port=port) for port in ports
]
container_pods.append(
client.V1Container(
name=name,
image=image,
env=environments,
command=command,
args=command_args,
ports=ports,
image_pull_policy="IfNotPresent",
)
)
deployment_metadata = client.V1ObjectMeta(name=deploy_name)
pod_spec = client.V1PodSpec(containers=container_pods)
spec_metadata = client.V1ObjectMeta(labels=labels)
template_spec = client.V1PodTemplateSpec(
metadata=spec_metadata, spec=pod_spec
)
spec = client.ExtensionsV1beta1DeploymentSpec(template=template_spec)
body = client.ExtensionsV1beta1Deployment(
api_version="extensions/v1beta1",
kind="Deployment",
metadata=deployment_metadata,
spec=spec,
)
api_instance = client.ExtensionsV1beta1Api()
try:
api_instance.create_namespaced_deployment(
devisgx = kube.client.V1Volume(
name="dev-isgx", host_path=kube.client.V1HostPathVolumeSource(path="/dev/isgx")
)
container_spec = kube.client.V1Container(
image=image,
env=envs,
image_pull_policy="Always",
name="cast-{}".format(app_id),
tty=True,
volume_mounts=[isgx],
security_context=kube.client.V1SecurityContext(privileged=True),
)
pod_spec = kube.client.V1PodSpec(
containers=[container_spec], restart_policy="OnFailure", volumes=[devisgx]
)
pod = kube.client.V1PodTemplateSpec(metadata=obj_meta, spec=pod_spec)
job_spec = kube.client.V1JobSpec(parallelism=1, template=pod)
job = kube.client.V1Job(
api_version="batch/v1", kind="Job", metadata=obj_meta, spec=job_spec
)
batch_v1 = kube.client.BatchV1Api()
job = batch_v1.create_namespaced_job(namespace, job)
port = create_service(app_id)
def func_to_pod(image, runtime, extra_env, command, args, workdir):
container = client.V1Container(
name='base',
image=image,
env=extra_env + runtime.spec.env,
command=[command],
args=args,
working_dir=workdir,
image_pull_policy=runtime.spec.image_pull_policy,
volume_mounts=runtime.spec.volume_mounts,
resources=runtime.spec.resources,
)
pod_spec = client.V1PodSpec(
containers=[container],
restart_policy='Never',
volumes=runtime.spec.volumes,
service_account=runtime.spec.service_account,
)
if runtime.spec.image_pull_secret:
pod_spec.image_pull_secrets = [
client.V1LocalObjectReference(name=runtime.spec.image_pull_secret)
]
return pod_spec