From d39d585a6d7d5c454c9e0048013a4da41a799732 Mon Sep 17 00:00:00 2001
From: telliere <emilien.tellier@hpe.com>
Date: Fri, 5 Apr 2024 11:16:46 +0200
Subject: [PATCH] adding a deployment ansible script for hpcs server and
 bumping server version

---
 k8s/hpcs-server-statefulset.yaml | 28 ++++++++++++++--------------
 server/app.py                    |  7 ++-----
 2 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/k8s/hpcs-server-statefulset.yaml b/k8s/hpcs-server-statefulset.yaml
index 73c6bef..276f876 100644
--- a/k8s/hpcs-server-statefulset.yaml
+++ b/k8s/hpcs-server-statefulset.yaml
@@ -21,20 +21,20 @@ spec:
       shareProcessNamespace: true
       containers:
         - name: hpcs-server
-          image: ghcr.io/cscfi/hpcs/server:k8s_plan
+          image: ghcr.io/cscfi/hpcs/server:0.1.1
           ports:
             - containerPort: 10080
               name: hpcs-server
           volumeMounts:
-          - name: hpcs-server-configs
-            mountPath: /tmp/
-            readOnly: false
-          - name: hpcs-spire-sockets
-            mountPath: /var/run/sockets
-            readOnly: false
-          - name: hpcs-spire-agent-token
-            mountPath: /var/run/secrets/tokens
-            readOnly: true
+            - name: hpcs-server-configs
+              mountPath: /tmp/
+              readOnly: false
+            - name: hpcs-spire-sockets
+              mountPath: /var/run/sockets
+              readOnly: false
+            - name: hpcs-spire-agent-token
+              mountPath: /var/run/secrets/tokens
+              readOnly: true
       volumes:
         - name: hpcs-server-configs
           configMap:
@@ -46,10 +46,10 @@ spec:
         - name: hpcs-spire-agent-token
           projected:
             sources:
-            - serviceAccountToken:
-                path: spire-agent
-                expirationSeconds: 7200
-                audience: spire-server
+              - serviceAccountToken:
+                  path: spire-agent
+                  expirationSeconds: 7200
+                  audience: spire-server
   volumeClaimTemplates:
     - metadata:
         name: spire-agent-data
diff --git a/server/app.py b/server/app.py
index dd98b69..6335cf5 100644
--- a/server/app.py
+++ b/server/app.py
@@ -6,7 +6,7 @@
     get_server_identity_JWT,
     validate_client_JWT_SVID,
 )
-from lib  import spire_interactions
+from lib import spire_interactions
 from tools.docker_utils import get_build_env_image_digests
 from pyspiffe.spiffe_id.spiffe_id import SpiffeId
 from pyspiffe.workloadapi import default_jwt_source
@@ -31,16 +31,13 @@
         "spire-server-bin"
     ]
 
-if configuration["spire-server"].get("pre-command"):
-    spire_interactions.pre_command = configuration["spire-server"]["pre-command"]
-    if configuration["spire-server"]["pre-command"] == '""':
-
 if configuration["spire-agent"].get("spire-agent-socket"):
     spire_interactions.jwt_workload_api = default_jwt_source.DefaultJwtSource(
         workload_api_client=None,
         spiffe_socket_path=f"unix://{configuration['spire-agent'].get('spire-agent-socket')}",
         timeout_in_seconds=None,
     )
+
 else:
     spire_interactions.jwt_workload_api = default_jwt_source.DefaultJwtSource(
         workload_api_client=None,