Replace inperformant list calls with suitable read calls, fixes issue #8

(#33) * replace list with read * fix typo * replace list with read * handle 404 error * fix typo * fix typo * fix 404 handling * remove obsolete request * fix typos * exit(1) instead of crashing
inovex · Aug 19, 2019 · 14a83e6 · 14a83e6
1 parent bbe9a9f
commit 14a83e6
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -67,8 +67,8 @@ Test your newly created NetworkPolicy:
 ```bash
 illuminatio clean run
 Starting cleaning resources with policies ['on-request', 'always']
-Deleting namespacess [] with cleanup policy on-request
-Deleting namespacess [] with cleanup policy always
+Deleting namespaces [] with cleanup policy on-request
+Deleting namespaces [] with cleanup policy always
 Deleting DSs in default with cleanup policy on-request
 Deleting pods in default with cleanup policy on-request
 Deleting svcs in default with cleanup policy on-request

diff --git a/src/illuminatio/cleaner.py b/src/illuminatio/cleaner.py
@@ -54,7 +54,7 @@ def clean_up_namespaces(self, cleanup_policy):
         namespaces = self.core_api.list_namespace(
             label_selector=labels_to_string({CLEANUP_LABEL: cleanup_policy})).items
         namespace_names = [n.metadata.name for n in namespaces]
-        self.logger.info("Deleting namespacess %s with cleanup policy %s", str(namespace_names), cleanup_policy)
+        self.logger.info("Deleting namespaces %s with cleanup policy %s", str(namespace_names), cleanup_policy)
         for namespace in namespaces:
             resp = self.core_api.delete_namespace(namespace.metadata.name, propagation_policy="Background")
             resps.append(resp)

diff --git a/src/illuminatio/host.py b/src/illuminatio/host.py
@@ -149,9 +149,9 @@ def matches(self, obj):
             return (obj.metadata.labels is not None
                     and all(item in obj.metadata.labels.items() for item in self.namespace_labels.items()))
         else:
-            # we need to request the namepsace from the cluster to match the labels TODO: find better solution
+            # we need to request the namespace from the cluster to match the labels TODO: find better solution
             namespace = \
-                k8s.client.CoreV1Api().list_namespace(field_selector="metadata.name=" + obj.metadata.namespace).items[0]
+                k8s.client.CoreV1Api().read_namespace(obj.metadata.namespace)
             namespace_matches = (namespace.metadata.labels is not None and
                                  all(item in namespace.metadata.labels.items() for item in
                                      self.namespace_labels.items()))

diff --git a/src/illuminatio/illuminatio_runner.py b/src/illuminatio/illuminatio_runner.py
@@ -269,10 +269,18 @@ def store_results_to_cfg_map(results, namespace, name, runtimes=None):
     cfg_map = init_test_output_config_map(namespace, name, data=yaml.dump(results))
     if runtimes:
         cfg_map.data["runtimes"] = yaml.dump(runtimes)
-    config_map_in_cluster = api.list_namespaced_config_map(namespace, field_selector="metadata.name=" + name).items
-    if config_map_in_cluster:
+    try:
         api_response = api.patch_namespaced_config_map(name, namespace, cfg_map)
         logger.info(api_response)
-    else:
-        api_response = api.create_namespaced_config_map(namespace, cfg_map)
-        logger.info(api_response)
+    except k8s.client.rest.ApiException as e:
+        json_body = json.loads(e.body)
+        logger.debug("ApiException Body:\n%s\n" % json_body)
+        if json_body.get("code") == 404:
+            logger.info("Creating new ConfigMap")
+            api_response = api.create_namespaced_config_map(namespace, cfg_map)
+            logger.debug(api_response)
+        else:
+            logger.error("Code was: " + json_body.get("code"))
+            logger.error("An error occured while checking for an existing ConfigMap")
+            exit(1)
+            # TODO add retry logic e.g. with https://pypi.org/project/retry/
diff --git a/src/illuminatio/test_orchestrator.py b/src/illuminatio/test_orchestrator.py
@@ -213,8 +213,7 @@ def _find_or_create_namespace_for_host(self, from_host, api):
                     "Test namespace " + resp.metadata.name + " created succesfully, adding it to namespace list")
                 self._current_namespaces.append(resp)
                 time.sleep(1)
-                while not api.list_namespaced_service_account(resp.metadata.name,
-                                                              field_selector="metadata.name=default").items:
+                while not api.read_namespaced_service_account("default", resp.metadata.name):
                     logger.debug(
                         "Waiting for kubernetes to create default service account for namespace " + resp.metadata.name)
                     time.sleep(2)