Skip to content

Commit

Permalink
feat(backend): Source ObjStore Creds from Env in Tekton Template
Browse files Browse the repository at this point in the history
  • Loading branch information
@gmfrasca
gmfrasca committed Aug 22, 2023
1 parent 2f99e8b commit a126ab4
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 3 deletions.
25 changes: 24 additions & 1 deletion backend/src/apiserver/common/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,11 @@ const (
TerminateStatus string = "TERMINATE_STATUS"
MoveResultsImage string = "MOVERESULTS_IMAGE"
Path4InternalResults string = "PATH_FOR_INTERNAL_RESULTS"
ObjectStoreCredentialsSecret string = "OBJECTSTORECONFIG_CREDENTIALSSECRET"
ObjectStoreCredentialsAccessKeyKey string = "OBJECTSTORECONFIG_CREDENTIALSACCESSKEYKEY"
ObjectStoreCredentialsSecretKeyKey string = "OBJECTSTORECONFIG_CREDENTIALSSECRETKEYKEY"
ObjectStoreAccessKey string = "OBJECTSTORECONFIG_ACCESSKEY"
ObjectStoreSecretKey string = "OBJECTSTORECONFIG_SECRETKEY"
ObjectStoreSecretKey string = "OBJECTSTORECONFIG_SECRETACCESSKEY"
)

func IsPipelineVersionUpdatedByDefault() bool {
Expand Down Expand Up @@ -146,6 +149,26 @@ func GetArtifactImage() string {
return GetStringConfigWithDefault(ArtifactImage, DefaultArtifactImage)
}

func GetObjectStoreAccessKey() string {
return GetStringConfig(ObjectStoreAccessKey)
}

func GetObjectStoreSecretKey() string {
return GetStringConfig(ObjectStoreSecretKey)
}

func GetObjectStoreCredentialsSecretName() string {
return GetStringConfigWithDefault(ObjectStoreCredentialsSecret, DefaultObjectStoreCredentialsSecret)
}

func GetObjectStoreCredentialsAccessKeyKey() string {
return GetStringConfigWithDefault(ObjectStoreCredentialsAccessKeyKey, DefaultObjectStoreCredentialsAccessKeyKey)
}

func GetObjectStoreCredentialsSecretKeyKey() string {
return GetStringConfigWithDefault(ObjectStoreCredentialsSecretKeyKey, DefaultObjectStoreCredentialsSecretKeyKey)
}

func GetMoveResultsImage() string {
return GetStringConfigWithDefault(MoveResultsImage, DefaultMoveResultImage)
}
Expand Down
6 changes: 6 additions & 0 deletions backend/src/apiserver/common/const.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,12 @@ const (
DefaultMoveResultImage string = "busybox"
)

const (
DefaultObjectStoreCredentialsSecret string = "mlpipeline-minio-artifact"
DefaultObjectStoreCredentialsAccessKeyKey string = "accesskey"
DefaultObjectStoreCredentialsSecretKeyKey string = "secretkey"
)

const (
ArtifactItemsAnnotation string = "tekton.dev/artifact_items"
ArtifactBucketAnnotation string = "tekton.dev/artifact_bucket"
Expand Down
7 changes: 5 additions & 2 deletions backend/src/apiserver/template/tekton_template.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,9 @@ func (t *Tekton) injectArchivalStep(workflow util.Workflow, artifactItemsJSON ma
artifacts, hasArtifacts := artifactItemsJSON[task.Name]
archiveLogs := common.IsArchiveLogs()
trackArtifacts := common.IsTrackArtifacts()
objectStoreCredentialsSecretName := common.GetObjectStoreCredentialsSecretName()
objectStoreCredentialsSecretAccessKeyKey := common.GetObjectStoreCredentialsAccessKeyKey()
objectStoreCredentialsSecretSecretKeyKey := common.GetObjectStoreCredentialsSecretKeyKey()
stripEOF := common.IsStripEOF()
injectDefaultScript := common.IsInjectDefaultScript()
copyStepTemplate := common.GetCopyStepTemplate()
Expand Down Expand Up @@ -365,8 +368,8 @@ func (t *Tekton) injectArchivalStep(workflow util.Workflow, artifactItemsJSON ma
t.getObjectFieldSelector("PIPELINERUN", "metadata.labels['tekton.dev/pipelineRun']"),
t.getObjectFieldSelector("PODNAME", "metadata.name"),
t.getObjectFieldSelector("NAMESPACE", "metadata.namespace"),
t.getSecretKeySelector("AWS_ACCESS_KEY_ID", "mlpipeline-minio-artifact", "accesskey"),
t.getSecretKeySelector("AWS_SECRET_ACCESS_KEY", "mlpipeline-minio-artifact", "secretkey"),
t.getSecretKeySelector("AWS_ACCESS_KEY_ID", objectStoreCredentialsSecretName, objectStoreCredentialsSecretAccessKeyKey),
t.getSecretKeySelector("AWS_SECRET_ACCESS_KEY", objectStoreCredentialsSecretName, objectStoreCredentialsSecretSecretKeyKey),
t.getEnvVar("ARCHIVE_LOGS", strconv.FormatBool(archiveLogs)),
t.getEnvVar("TRACK_ARTIFACTS", strconv.FormatBool(trackArtifacts)),
t.getEnvVar("STRIP_EOF", strconv.FormatBool(stripEOF)),
Expand Down

0 comments on commit a126ab4

Please sign in to comment.