-
Notifications
You must be signed in to change notification settings - Fork 5
/
secrets.go
87 lines (74 loc) · 2.82 KB
/
secrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/*
* Copyright 2017-2018 IBM Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package learner
import (
"github.com/AISphere/ffdl-commons/config"
"github.com/AISphere/ffdl-lcm/service/lcm/certs"
v1core "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
//COSVolumeSecret ...
type COSVolumeSecret struct {
ID, TrainingID, Username, APIKey string
}
//SSHVolumeSecret ...
type SSHVolumeSecret struct {
ID, TrainingID, Framework, Version string
}
//Secrets ...
type Secrets struct {
TrainingDataSecret *COSVolumeSecret
SSHVolumeSecret *SSHVolumeSecret
ResultsDirSecret *COSVolumeSecret
}
//CreateVolumeSecretsSpec ...
func CreateVolumeSecretsSpec(secrets Secrets) []*v1core.Secret {
var secretSpecs []*v1core.Secret
if secrets.TrainingDataSecret != nil {
cosTrainingDataVolumeSecretParams := secrets.TrainingDataSecret
secretSpecs = append(secretSpecs, generateCOSVolumeSecret(cosTrainingDataVolumeSecretParams.ID, cosTrainingDataVolumeSecretParams.TrainingID, cosTrainingDataVolumeSecretParams.Username, cosTrainingDataVolumeSecretParams.APIKey))
}
if secrets.ResultsDirSecret != nil {
cosResultDirVolumeSecretParams := secrets.ResultsDirSecret
secretSpecs = append(secretSpecs, generateCOSVolumeSecret(cosResultDirVolumeSecretParams.ID, cosResultDirVolumeSecretParams.TrainingID, cosResultDirVolumeSecretParams.Username, cosResultDirVolumeSecretParams.APIKey))
}
if secrets.SSHVolumeSecret != nil {
sshVolumeSecretParams := secrets.SSHVolumeSecret
secretSpecs = append(secretSpecs, generateSSHVolumeSecret(sshVolumeSecretParams.ID, sshVolumeSecretParams.TrainingID, sshVolumeSecretParams.Framework, sshVolumeSecretParams.Version))
}
return secretSpecs
}
func generateCOSVolumeSecret(id, trainingID, username, apikey string) *v1core.Secret {
// create secret
spec := v1core.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: id,
Namespace: config.GetLearnerNamespace(),
Labels: map[string]string{"training_id": trainingID},
},
Type: cosMountDriverName,
StringData: map[string]string{
"access-key": username,
"secret-key": apikey,
},
}
return &spec
}
func generateSSHVolumeSecret(id, trainingID, framework, version string) *v1core.Secret {
sshSecret, _ := certs.GenerateSSHCertAsK8sSecret(id, trainingID, framework, version)
//FIXME error handling
return sshSecret
}