self-hosted/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-11-23 21:44:44 +02:00
Code Issues Releases Activity

Secured kubernetes backend configuration (#3204)

Browse Source 
Follow up of #3165
This commit is contained in:
Thomas Anderson
2024-01-15 05:59:08 +03:00
committed by GitHub
parent 59d824ebf8
commit 10f2e209d6
7 changed files with 111 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
pipeline/backend/kubernetes/volume.go
View File

@@ -25,15 +25,15 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func mkPersistentVolumeClaim(namespace, name, storageClass, size string, storageRwx bool) (*v1.PersistentVolumeClaim, error) {
_storageClass := &storageClass
if storageClass == "" {
func mkPersistentVolumeClaim(config *config, name string) (*v1.PersistentVolumeClaim, error) {
_storageClass := &config.StorageClass
if config.StorageClass == "" {
_storageClass = nil
}
var accessMode v1.PersistentVolumeAccessMode
if storageRwx {
if config.StorageRwx {
accessMode = v1.ReadWriteMany
} else {
accessMode = v1.ReadWriteOnce
@@ -47,14 +47,14 @@ func mkPersistentVolumeClaim(namespace, name, storageClass, size string, storage
pvc := &v1.PersistentVolumeClaim{
ObjectMeta: metav1.ObjectMeta{
Name: volumeName,
Namespace: namespace,
Namespace: config.Namespace,
},
Spec: v1.PersistentVolumeClaimSpec{
AccessModes: []v1.PersistentVolumeAccessMode{accessMode},
StorageClassName: _storageClass,
Resources: v1.VolumeResourceRequirements{
Requests: v1.ResourceList{
v1.ResourceStorage: resource.MustParse(size),
v1.ResourceStorage: resource.MustParse(config.VolumeSize),
},
},
},
@@ -76,13 +76,14 @@ func volumeMountPath(name string) string {
}
func startVolume(ctx context.Context, engine *kube, name string) (*v1.PersistentVolumeClaim, error) {
pvc, err := mkPersistentVolumeClaim(engine.config.Namespace, name, engine.config.StorageClass, engine.config.VolumeSize, engine.config.StorageRwx)
engineConfig := engine.getConfig()
pvc, err := mkPersistentVolumeClaim(engineConfig, name)
if err != nil {
return nil, err
}
log.Trace().Msgf("creating volume: %s", pvc.Name)
return engine.client.CoreV1().PersistentVolumeClaims(engine.config.Namespace).Create(ctx, pvc, metav1.CreateOptions{})
return engine.client.CoreV1().PersistentVolumeClaims(engineConfig.Namespace).Create(ctx, pvc, metav1.CreateOptions{})
}
func stopVolume(ctx context.Context, engine *kube, name string, deleteOpts metav1.DeleteOptions) error {