docker-socket optional, build volumes can be overridden

This enables KubernetesBuildExecutor to be subclassed and used with other builders such as Kaniko which doesn't need a host socket
jupyterhub · Nov 6, 2023 · 2df9bed · 2df9bed
1 parent 93201f7
commit 2df9bed
Showing 1 changed file with 40 additions and 25 deletions.
diff --git a/binderhub/build.py b/binderhub/build.py
@@ -302,7 +302,9 @@ def _default_builder_info(self):
         help=(
             "The docker socket to use for building the image. "
             "Must be a unix domain socket on a filesystem path accessible on the node "
-            "in which the build pod is running."
+            "in which the build pod is running. "
+            "This is mounted into the build pod, set to empty string to disable, "
+            "e.g. if you are subclassing this builder and don't need the docker socket."
         ),
         config=True,
     )
@@ -416,27 +418,50 @@ def get_affinity(self):
 
         return affinity
 
+    def get_builder_volumes(self):
+        """
+        Get the lists of volumes and volume-mounts for the build pod.
+        """
+        volume_mounts = []
+        volumes = []
+
+        if self.docker_host:
+            volume_mounts.append(
+                client.V1VolumeMount(
+                    mount_path="/var/run/docker.sock", name="docker-socket"
+                )
+            )
+            docker_socket_path = urlparse(self.docker_host).path
+            volumes.append(
+                client.V1Volume(
+                    name="docker-socket",
+                    host_path=client.V1HostPathVolumeSource(
+                        path=docker_socket_path, type="Socket"
+                    ),
+                )
+            )
+
+        if not self.registry_credentials and self.push_secret:
+            volume_mounts.append(
+                client.V1VolumeMount(mount_path="/root/.docker", name="docker-config")
+            )
+            volumes.append(
+                client.V1Volume(
+                    name="docker-config",
+                    secret=client.V1SecretVolumeSource(secret_name=self.push_secret),
+                )
+            )
+
+        return volumes, volume_mounts
+
     def submit(self):
         """
         Submit a build pod to create the image for the repository.
 
         Progress of the build can be monitored by listening for items in
         the Queue passed to the constructor as `q`.
         """
-        volume_mounts = [
-            client.V1VolumeMount(
-                mount_path="/var/run/docker.sock", name="docker-socket"
-            )
-        ]
-        docker_socket_path = urlparse(self.docker_host).path
-        volumes = [
-            client.V1Volume(
-                name="docker-socket",
-                host_path=client.V1HostPathVolumeSource(
-                    path=docker_socket_path, type="Socket"
-                ),
-            )
-        ]
+        volumes, volume_mounts = self.get_builder_volumes()
 
         env = [
             client.V1EnvVar(name=key, value=value)
@@ -454,16 +479,6 @@ def submit(self):
                     value=json.dumps(self.registry_credentials),
                 )
             )
-        elif self.push_secret:
-            volume_mounts.append(
-                client.V1VolumeMount(mount_path="/root/.docker", name="docker-config")
-            )
-            volumes.append(
-                client.V1Volume(
-                    name="docker-config",
-                    secret=client.V1SecretVolumeSource(secret_name=self.push_secret),
-                )
-            )
 
         self.pod = client.V1Pod(
             metadata=client.V1ObjectMeta(