in marketplace/deployer_util/provision.py [0:0]
def provision_deployer(schema, app_name, namespace, deployer_image,
deployer_entrypoint, app_params,
deployer_service_account_name, image_pull_secret):
"""Provisions resources to run the deployer."""
dependents_labels = {
'app.kubernetes.io/component': 'deployer.marketplace.cloud.google.com',
'marketplace.cloud.google.com/deployer': 'Dependent',
}
dependents_rbac_labels = {
'app.kubernetes.io/component':
'deployer-rbac.marketplace.cloud.google.com',
'marketplace.cloud.google.com/deployer':
'Dependent',
}
job_labels = {
'app.kubernetes.io/component': 'deployer.marketplace.cloud.google.com',
'marketplace.cloud.google.com/deployer': 'Main',
}
resources_requests = {'requests': {'memory': '100Mi', 'cpu': '100m'}}
if schema.is_v2():
config = make_v2_config(schema, deployer_image, namespace, app_name,
dependents_labels, app_params)
pod_spec = {
'serviceAccountName':
deployer_service_account_name,
'containers': [{
'name': 'deployer',
'image': deployer_image,
'imagePullPolicy': 'Always',
'volumeMounts': [{
'name': 'config-volume',
'mountPath': '/data/values.yaml',
'subPath': 'values.yaml',
'readOnly': True,
},],
'resources': resources_requests,
},],
'restartPolicy':
'Never',
'volumes': [{
'name': 'config-volume',
'secret': {
'secretName': config['metadata']['name'],
},
},]
}
else:
config = make_v1_config(schema, namespace, app_name, dependents_labels,
app_params)
pod_spec = {
'serviceAccountName':
deployer_service_account_name,
'containers': [{
'name': 'deployer',
'image': deployer_image,
'imagePullPolicy': 'Always',
'volumeMounts': [{
'name': 'config-volume',
'mountPath': '/data/values',
},],
'resources': resources_requests,
},],
'restartPolicy':
'Never',
'volumes': [{
'name': 'config-volume',
'configMap': {
'name': config['metadata']['name'],
},
},]
}
if deployer_entrypoint:
pod_spec['containers'][0]['command'] = [deployer_entrypoint]
service_account = {
'apiVersion': 'v1',
'kind': 'ServiceAccount',
'metadata': {
'name': deployer_service_account_name,
'namespace': namespace,
'labels': dependents_labels,
},
}
if image_pull_secret:
service_account['imagePullSecrets'] = [{
'name': image_pull_secret,
}]
manifests = [
service_account,
config,
{
'apiVersion': 'batch/v1',
'kind': 'Job',
'metadata': {
'name': "{}-deployer".format(app_name),
'namespace': namespace,
'labels': job_labels,
},
'spec': {
'template': {
'metadata': {
'annotations': {
'sidecar.istio.io/inject': "false",
},
},
'spec': pod_spec,
},
'backoffLimit': 0,
},
},
]
manifests += make_deployer_rolebindings(schema, namespace, app_name,
dependents_rbac_labels,
deployer_service_account_name)
return manifests