Skip to content

Commit 5c897b4

Browse files
catttamcatttam
committed
Re-Do: Fixed empty uid on mount when job request has no event
1 parent 63932da commit 5c897b4

File tree

1 file changed

+23
-17
lines changed

1 file changed

+23
-17
lines changed

pkg/handlers/job.go

Lines changed: 23 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -52,8 +52,10 @@ var (
5252
)
5353

5454
const (
55-
SupervisorPath = "./supervisor"
56-
NodeSelectorKey = "kubernetes.io/hostname"
55+
SupervisorPath = "./supervisor"
56+
NodeSelectorKey = "kubernetes.io/hostname"
57+
MinIOCredentialsPath = "/var/run/secrets/providers/minio.default"
58+
MinIOSecretVolumeName = "minio-user"
5759

5860
// Annotations for InterLink nodes
5961
InterLinkDNSPolicy = "ClusterFirst"
@@ -141,10 +143,11 @@ func MakeJobHandler(cfg *types.Config, kubeClientset kubernetes.Interface, back
141143
}
142144

143145
// Check if it has the MinIO event format
144-
uid, sourceIPAddress, err := decodeEventBytes(eventBytes)
146+
requestUserUID, sourceIPAddress, err := decodeEventBytes(eventBytes)
145147
if err != nil {
146148
// Check if the request was made with OIDC token to get user UID
147149
if uidFromToken != "" {
150+
requestUserUID = uidFromToken
148151
c.Set("uidOrigin", uidFromToken)
149152
} else {
150153
// Set as nil string if unable to get an UID
@@ -153,11 +156,27 @@ func MakeJobHandler(cfg *types.Config, kubeClientset kubernetes.Interface, back
153156
}
154157
} else {
155158
c.Set("IPAddress", sourceIPAddress)
156-
c.Set("uidOrigin", uid)
159+
c.Set("uidOrigin", requestUserUID)
157160
}
158161

159162
c.Next()
160163

164+
// Mount user MinIO credentials
165+
podSpec.Volumes = append(podSpec.Volumes, v1.Volume{
166+
Name: MinIOSecretVolumeName,
167+
VolumeSource: v1.VolumeSource{
168+
Secret: &v1.SecretVolumeSource{
169+
SecretName: auth.FormatUID(requestUserUID),
170+
},
171+
},
172+
})
173+
174+
podSpec.Containers[0].VolumeMounts = append(podSpec.Containers[0].VolumeMounts, v1.VolumeMount{
175+
Name: MinIOSecretVolumeName,
176+
ReadOnly: true,
177+
MountPath: MinIOCredentialsPath,
178+
})
179+
161180
// Initialize event envVar and args var
162181
var event v1.EnvVar
163182
var args []string
@@ -227,20 +246,7 @@ func MakeJobHandler(cfg *types.Config, kubeClientset kubernetes.Interface, back
227246
jobLogger.Printf("unable to delegate job. Error: %v\n", err)
228247
}
229248
}
230-
podSpec.Volumes = append(podSpec.Volumes, v1.Volume{
231-
Name: "minio-user-credentials",
232-
VolumeSource: v1.VolumeSource{
233-
Secret: &v1.SecretVolumeSource{
234-
SecretName: auth.FormatUID(uid),
235-
},
236-
},
237-
})
238249

239-
podSpec.Containers[0].VolumeMounts = append(podSpec.Containers[0].VolumeMounts, v1.VolumeMount{
240-
Name: "minio-user-credentials",
241-
ReadOnly: true,
242-
MountPath: "/opt/.credentials",
243-
})
244250
// Create job definition
245251
job := &batchv1.Job{
246252
ObjectMeta: metav1.ObjectMeta{

0 commit comments

Comments
 (0)