Skip to content
This repository has been archived by the owner on Oct 9, 2023. It is now read-only.

Commit

Permalink
Unblock flyteplugins being pulled due to Security override (#235)
Browse files Browse the repository at this point in the history
* Pull in FlytePlugins for Security Context fix

Signed-off-by: Anand Swaminathan <[email protected]>
Signed-off-by: Ketan Umare <[email protected]>
  • Loading branch information
anandswaminathan authored and kumare3 committed May 25, 2021
1 parent 3b9f57c commit 6007781
Show file tree
Hide file tree
Showing 13 changed files with 224 additions and 7 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ require (
github.com/benlaurie/objecthash v0.0.0-20180202135721-d1e3d6079fc1
github.com/fatih/color v1.10.0
github.com/flyteorg/flyteidl v0.18.20
github.com/flyteorg/flyteplugins v0.5.32
github.com/flyteorg/flyteplugins v0.5.35
github.com/flyteorg/flytestdlib v0.3.13
github.com/ghodss/yaml v1.0.0
github.com/go-redis/redis v6.15.7+incompatible
Expand Down
6 changes: 3 additions & 3 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -230,11 +230,11 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv
github.com/fatih/color v1.10.0 h1:s36xzo75JdqLaaWoiEHk767eHiwo0598uUxyfiPkDsg=
github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
github.com/fatih/structtag v1.2.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4/aAZl94=
github.com/flyteorg/flyteidl v0.18.15/go.mod h1:b5Fq4Z8a5b0mF6pEwTd48ufvikUGVkWSjZiMT0ZtqKI=
github.com/flyteorg/flyteidl v0.18.17/go.mod h1:b5Fq4Z8a5b0mF6pEwTd48ufvikUGVkWSjZiMT0ZtqKI=
github.com/flyteorg/flyteidl v0.18.20 h1:OGOb2FOHWL363Qp8uzbJeFbQBKYPT30+afv+8BnBlGs=
github.com/flyteorg/flyteidl v0.18.20/go.mod h1:b5Fq4Z8a5b0mF6pEwTd48ufvikUGVkWSjZiMT0ZtqKI=
github.com/flyteorg/flyteplugins v0.5.32 h1:fXyHUZFtNt1yQIQehilSnpzKlOAkXkqqnwh9M696Dvw=
github.com/flyteorg/flyteplugins v0.5.32/go.mod h1:+qu3cAdUdyNXer+R9NcvEKsEWwhvKAqRObmuFBGOJ0s=
github.com/flyteorg/flyteplugins v0.5.35 h1:KEMOiA4B+lIxQ+l7FRHzVcPA234Td9+ursuJDm6I8dg=
github.com/flyteorg/flyteplugins v0.5.35/go.mod h1:CxerBGWWEmNYmPxSMHnwQEr9cc1Fbo/g5fcABazU6Jo=
github.com/flyteorg/flytestdlib v0.3.13 h1:5ioA/q3ixlyqkFh5kDaHgmPyTP/AHtqq1K/TIbVLUzM=
github.com/flyteorg/flytestdlib v0.3.13/go.mod h1:Tz8JCECAbX6VWGwFT6cmEQ+RJpZ/6L9pswu3fzWs220=
github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
Expand Down
1 change: 1 addition & 0 deletions pkg/apis/flyteworkflow/v1alpha1/iface.go
Original file line number Diff line number Diff line change
Expand Up @@ -434,6 +434,7 @@ type Meta interface {
GetLabels() map[string]string
GetName() string
GetServiceAccountName() string
GetSecurityContext() core.SecurityContext
IsInterruptible() bool
GetEventVersion() EventVersion
GetRawOutputDataConfig() RawOutputDataConfig
Expand Down
34 changes: 34 additions & 0 deletions pkg/apis/flyteworkflow/v1alpha1/mocks/ExecutableWorkflow.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 34 additions & 0 deletions pkg/apis/flyteworkflow/v1alpha1/mocks/Meta.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 34 additions & 0 deletions pkg/apis/flyteworkflow/v1alpha1/mocks/MetaExtended.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 10 additions & 3 deletions pkg/apis/flyteworkflow/v1alpha1/workflow.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,13 @@ type FlyteWorkflow struct {
NodeDefaults NodeDefaults `json:"node-defaults,omitempty"`
// Specifies the time when the workflow has been accepted into the system.
AcceptedAt *metav1.Time `json:"acceptedAt,omitempty"`
// ServiceAccountName is the name of the ServiceAccount to use to run this pod.
// More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
// +optional
// [DEPRECATED] ServiceAccountName is the name of the ServiceAccount to use to run this pod.
// [DEPRECATED] More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
// [DEPRECATED] +optional
ServiceAccountName string `json:"serviceAccountName,omitempty" protobuf:"bytes,8,opt,name=serviceAccountName"`
// Security context fields to define privilege and access control settings
// +optional
SecurityContext core.SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,12,rep,name=securityContext"`
// Status is the only mutable section in the workflow. It holds all the execution information
Status WorkflowStatus `json:"status,omitempty"`
// RawOutputDataConfig defines the configurations to use for generating raw outputs (e.g. blobs, schemas).
Expand All @@ -58,6 +61,10 @@ type FlyteWorkflow struct {
DataReferenceConstructor storage.ReferenceConstructor `json:"-"`
}

func (in *FlyteWorkflow) GetSecurityContext() core.SecurityContext {
return in.SecurityContext
}

func (in *FlyteWorkflow) GetEventVersion() EventVersion {
if in.WorkflowMeta != nil {
return in.WorkflowMeta.EventVersion
Expand Down
1 change: 1 addition & 0 deletions pkg/apis/flyteworkflow/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 34 additions & 0 deletions pkg/controller/executors/mocks/execution_context.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

35 changes: 35 additions & 0 deletions pkg/controller/executors/mocks/immutable_execution_context.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 32 additions & 0 deletions pkg/controller/nodes/handler/mocks/node_execution_metadata.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions pkg/controller/nodes/handler/node_exec_context.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ type NodeExecutionMetadata interface {
GetLabels() map[string]string
GetAnnotations() map[string]string
GetK8sServiceAccount() string
GetSecurityContext() core.SecurityContext
IsInterruptible() bool
}

Expand Down
4 changes: 4 additions & 0 deletions pkg/controller/nodes/resolve_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,10 @@ func (d *dummyBaseWorkflow) GetServiceAccountName() string {
return ""
}

func (d *dummyBaseWorkflow) GetSecurityContext() core.SecurityContext {
return core.SecurityContext{}
}

func (d *dummyBaseWorkflow) GetTask(id v1alpha1.TaskID) (v1alpha1.ExecutableTask, error) {
return nil, nil
}
Expand Down

0 comments on commit 6007781

Please sign in to comment.