Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support for Kubernetes service account name spec #2254

Merged
merged 8 commits into from Aug 3, 2023
Merged

feat: add support for Kubernetes service account name spec #2254

merged 8 commits into from Aug 3, 2023

Conversation

hnawar
Copy link
Contributor

@hnawar hnawar commented May 9, 2023
edited

Description

Add support for Custom Kubernetes service account which enables the use of GKE Autopilot and other Kuberenetes clusters using Workload identity

QC

I tested it with a GATK pipeline but will add relevant test cases

  • The PR contains a test case for the changes or the changes are already covered by an existing test case.
  • The documentation (docs/) is updated to reflect the changes or this is not necessary (e.g. if the change does neither modify the language nor the behavior or functionalities of Snakemake).

@hnawar hnawar marked this pull request as draft May 9, 2023 12:36
@hnawar
Copy link
Contributor Author

hnawar commented May 9, 2023

Hi @johanneskoester ,
It's been a while since I used snakemake, but I was trying to use it with GKE Autopilot when I ran into some issues. This PR enables the use of GKE autopilot and clusters configured with Workload identity.

Can you let me know your thoughts and I will start adding test cases and documentation.

Please note that there is a limit on ephemeral storage per pod of 10GiB which does limit the pipelines you can run.
This is not an urgent PR

@hnawar
Copy link
Contributor Author

hnawar commented May 9, 2023

I noticed that docs should be added automatically by the CLI parser, so I'm assuming I don't need to add any more documentation unless you want me to add a note about Kubernetes workload identity.
Are there any examples of tests that would be needed. I've already tested with multiple snakefiles on different clusters using workload identity

@hnawar hnawar changed the title Add support for Kubernetes service account name spec [WIP] Add support for Kubernetes service account name spec May 9, 2023
@hnawar hnawar marked this pull request as ready for review May 9, 2023 16:23
johanneskoester
johanneskoester approved these changes May 12, 2023
View reviewed changes
Copy link
Contributor

@johanneskoester johanneskoester left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot!

@johanneskoester
Copy link
Contributor

May I ask you to fix the formatting with black?

@johanneskoester johanneskoester changed the title Add support for Kubernetes service account name spec feat: add support for Kubernetes service account name spec May 12, 2023
@hnawar
Copy link
Contributor Author

hnawar commented May 17, 2023

Hi Johannes, thanks for reviewing. Did you mean the missing parmeter type? I have added that and updated the branch so it can be merged.

Thanks

@sonarcloud
Copy link

sonarcloud bot commented May 17, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@johanneskoester
Copy link
Contributor

You have to run black on the source code to get the formatting fixed according to the best practices. This is what the failing test means.

@sonarcloud
Copy link

sonarcloud bot commented Aug 2, 2023

Please retry analysis of this Pull-Request directly on SonarCloud.

@johanneskoester johanneskoester merged commit 3370426 into snakemake:main Aug 3, 2023
7 checks passed
@github-actions github-actions bot mentioned this pull request Aug 3, 2023
Merged
johanneskoester pushed a commit that referenced this pull request Aug 3, 2023
@github-actions
chore(main): release 7.32.0 (#2388)
2e42866 
🤖 I have created a release *beep* *boop*
---


##
[7.32.0](v7.31.1...v7.32.0)
(2023-08-03)


### Features

* add support for Kubernetes service account name spec
([#2254](#2254))
([3370426](3370426))


### Bug Fixes

* Enable values with an = sign in default_resources
([#2340](#2340))
([c1c9229](c1c9229))
* Escape workdir paths for potential spaces in paths
([#2196](#2196))
([9261f7e](9261f7e))
* ga4gh executor resources
([#2042](#2042))
([ad6eaef](ad6eaef))
* print exceptions when job is not a shell job
([#2385](#2385))
([8a37b85](8a37b85))
* remote-azblob-sasToken-Authorization
([#1800](#1800))
([bc854a7](bc854a7))
* wms-monitor now gets data in correct json format
([#2347](#2347))
([7fafa7a](7fafa7a))


### Documentation

* fix a copy&paste (?) mistake
([#2386](#2386))
([d878847](d878847))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johanneskoester johanneskoester johanneskoester approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@hnawar @johanneskoester