Skip to content

Commit

Permalink
fixing some issues with k8s plan
Browse files Browse the repository at this point in the history
  • Loading branch information
telliere committed Apr 3, 2024
1 parent 57b8395 commit 5db5fe2
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 4 deletions.
14 changes: 14 additions & 0 deletions k8s/hpcs-server-service.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Service definition for spire-oidc (expose the OIDC socket)
apiVersion: v1
kind: Service
metadata:
name: hpcs-server
namespace: hpcs
spec:
clusterIP: None
selector:
app: hpcs-server
ports:
- name: https
port: 10080
targetPort: hpcs-server
3 changes: 3 additions & 0 deletions k8s/hpcs-server-statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ spec:
containers:
- name: hpcs-server
image: ghcr.io/cscfi/hpcs/server:k8s_plan
ports:
- containerPort: 10080
name: hpcs-server
command:
- sleep
args:
Expand Down
5 changes: 5 additions & 0 deletions server/app.py
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,11 @@
"hpcs-server-spiffeid"
)

if configuration["spire-server"].get("socket-path"):
spire_interactions.spire_server_socketpath = configuration["spire-server"].get(
"socket-path"
)

if configuration["spire-server"].get("pre-command"):
spire_interactions.pre_command = configuration["spire-server"]["pre-command"]
if configuration["spire-server"]["pre-command"] == '""':
Expand Down
9 changes: 5 additions & 4 deletions server/lib/spire_interactions.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@

jwt_workload_api = None
hpcs_server_spiffeid = "spiffe://hpcs/hpcs-server/workload"
spire_server_socketpath = "/tmp/spire-server/private/api.sock:"


def token_generate(spiffeID: SpiffeId) -> subprocess.CompletedProcess:
Expand All @@ -23,11 +24,11 @@ def token_generate(spiffeID: SpiffeId) -> subprocess.CompletedProcess:
"""

if pre_command != "":
command = f"{pre_command} {spire_server_bin} token generate -spiffeID {str(spiffeID)}".split(
command = f"{pre_command} {spire_server_bin} token generate -socketPath {spire_server_socketpath} -spiffeID {str(spiffeID)}".split(
" "
)
else:
command = f"{spire_server_bin} token generate -spiffeID {str(spiffeID)}".split(
command = f"{spire_server_bin} token generate -socketPath {spire_server_socketpath} -spiffeID {str(spiffeID)}".split(
" "
)

Expand All @@ -48,11 +49,11 @@ def entry_create(
subprocess.CompletedProcess: result of the cli command to create the entry
"""
if pre_command != "":
command = f"{pre_command} {spire_server_bin} entry create -parentID {str(parentID)} -spiffeID {str(spiffeID)}".split(
command = f"{pre_command} {spire_server_bin} entry create -socketPath {spire_server_socketpath} -parentID {str(parentID)} -spiffeID {str(spiffeID)}".split(
" "
)
else:
command = f"{spire_server_bin} entry create -parentID {str(parentID)} -spiffeID {str(spiffeID)}".split(
command = f"{spire_server_bin} entry create -socketPath {spire_server_socketpath} -parentID {str(parentID)} -spiffeID {str(spiffeID)}".split(
" "
)

Expand Down

0 comments on commit 5db5fe2

Please sign in to comment.