Using team namespaces: Kubeconfig Step Thru #616
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsNo conflicts as of last run. |
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
from
1dde333
to
730b203
Compare
|
Nice, took a brief look and this looks good! I think the prefix approach is fine, and then we can revisit in a follow up a more comprehensive approach based on labels/annotations, which would remove the need for any sort of naming convention in our namespaces. |
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
4 times, most recently
from
c92bb66
to
6f5264b
Compare
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
from
966363b
to
dc39367
Compare
mplsgrant
changed the title
|
Did a walk through of the commits, looks good. I think it would be helpful to squash the commits into logical groups, e.g., one commit for adding the ns option to the cli arguments, one commit for all of the namespace prefix logic, etc. I found it a bit confusing to step through each commit where later commits were re-editing lines of code that had already been touched. Alternatively, people can just review the files, but given the scope of the PR I think logical commits would be helpful. |
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
2 times, most recently
from
822f0c8
to
531e436
Compare
|
@josibake Updated the commit structure as you suggested. |
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
5 times, most recently
from
41c6727
to
0dbeac8
Compare
|
@josibake This PR is looking good I think. Added a flag to |
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
from
0dbeac8
to
fa08a48
Compare
|
rebased on main |
src/warnet/admin.py
Outdated
| namespace: {namespace} | ||
| user: {sa} | ||
| current-context: {sa}-{namespace} | ||
| """ |
There was a problem hiding this comment.
might be cleaner to implement as a dict and then use yaml.dump()
There was a problem hiding this comment.
Fixed here: f50dcf8 "admin: make kubeconfig a dict"
src/warnet/bitcoin.py
Outdated
| if not namespace: | ||
| namespace = get_default_namespace() |
There was a problem hiding this comment.
i wonder if the repetition of this can be smoothed out with a function decorator like @needs_namespace that can be applied to all relevant commands
There was a problem hiding this comment.
Fixed here: 2a906e2 "DRY out the namespace check"
And use yaml.dump
`get_namespaces_by_prefix` is now renamed to `get_namespaces_by_type` in anticipation of using labels in the future.
We use this to check if the current user can delete pods.
We want to back out early if the user is not able to bring down the network
The K8sError allows us to easily handle one single error that crops up from functions that life in k8s.py. Right now I just have it implemented in the open/write kubeconfig functions.
We use this following to check for the scenario file:
while [ ! -f /shared/archive.pyz ]; do
echo "Waiting for /shared/archive.pyz to exist..."
sleep 2
done
I suspect this may cut off longer-running copy commands. Using mv we make sure all the data is
copied over, and then we `mv` the file into place.
mplsgrant
force-pushed
the
2024-09-create-kube-configs-stepthru
branch
from
f35c0c4
to
424eba8
Compare
|
rebased on main |
I've created this as an extension on #598. It includes
deployfunction to create tanks in a specific namespace and "--to-all-users"downfunction that asks before nuking a whole wargame (and a "--force" to not bother asking)namespaces destroyneeds to target wargames namespaces #618