Add secret volume (#370)
* add secret volume implement with config map Signed-off-by: xianwei.zw <xianwei.zw@alibaba-inc.com> Signed-off-by: shidao-ytt <shidao.ytt@alibaba-inc.com> * add request log for CreateContainerGroup
This commit is contained in:
shidao-ytt
@@ -214,11 +214,13 @@ func (p *ECIProvider) CreatePod(ctx context.Context, pod *v1.Pod) error {
|
|||||||
request.SecurityGroupId = p.secureGroup
|
request.SecurityGroupId = p.secureGroup
|
||||||
request.VSwitchId = p.vSwitch
|
request.VSwitchId = p.vSwitch
|
||||||
request.ContainerGroupName = ContainerGroupName
|
request.ContainerGroupName = ContainerGroupName
|
||||||
|
msg := fmt.Sprintf("CreateContainerGroup request %+v", request)
|
||||||
|
log.G(ctx).WithField("Method", "CreatePod").Info(msg)
|
||||||
response, err := p.eciClient.CreateContainerGroup(request)
|
response, err := p.eciClient.CreateContainerGroup(request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
msg := fmt.Sprintf("CreateContainerGroup successed. %s, %s, %s", response.RequestId, response.ContainerGroupId, ContainerGroupName)
|
msg = fmt.Sprintf("CreateContainerGroup successed. %s, %s, %s", response.RequestId, response.ContainerGroupId, ContainerGroupName)
|
||||||
log.G(ctx).WithField("Method", "CreatePod").Info(msg)
|
log.G(ctx).WithField("Method", "CreatePod").Info(msg)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
@@ -652,6 +654,32 @@ func (p *ECIProvider) getVolumes(pod *v1.Pod) ([]eci.Volume, error) {
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if v.Secret != nil {
|
||||||
|
ConfigFileToPaths := make([]eci.ConfigFileToPath, 0)
|
||||||
|
secret, err := p.resourceManager.GetSecret(v.Secret.SecretName, pod.Namespace)
|
||||||
|
if v.Secret.Optional != nil && !*v.Secret.Optional && k8serr.IsNotFound(err) {
|
||||||
|
return nil, fmt.Errorf("Secret %s is required by Pod %s and does not exist", v.Secret.SecretName, pod.Name)
|
||||||
|
}
|
||||||
|
if secret == nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
for k, v := range secret.Data {
|
||||||
|
var b bytes.Buffer
|
||||||
|
enc := base64.NewEncoder(base64.StdEncoding, &b)
|
||||||
|
enc.Write(v)
|
||||||
|
ConfigFileToPaths = append(ConfigFileToPaths, eci.ConfigFileToPath{Path: k, Content: b.String()})
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(ConfigFileToPaths) != 0 {
|
||||||
|
volumes = append(volumes, eci.Volume{
|
||||||
|
Type: eci.VOL_TYPE_CONFIGFILEVOLUME,
|
||||||
|
Name: v.Name,
|
||||||
|
ConfigFileVolumeConfigFileToPaths: ConfigFileToPaths,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
// If we've made it this far we have found a volume type that isn't supported
|
// If we've made it this far we have found a volume type that isn't supported
|
||||||
return nil, fmt.Errorf("Pod %s requires volume %s which is of an unsupported type\n", pod.Name, v.Name)
|
return nil, fmt.Errorf("Pod %s requires volume %s which is of an unsupported type\n", pod.Name, v.Name)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user