Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support for Kubernetes service account name spec #2254

Merged
merged 8 commits into from Aug 3, 2023
+25 −0
Merged

feat: add support for Kubernetes service account name spec #2254

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e7e9938
Add support for k8s service account
hnawar May 9, 2023
5c336f9
Update workflow and scheduler with k8s service account
hnawar May 9, 2023
00a5017
Update workflow.py with k8s service account
hnawar May 9, 2023
2ebe9d2
Update __init__.py
hnawar May 17, 2023
2371057
Merge branch 'snakemake:main' into main
hnawar May 17, 2023
dac87c7
Run black to format docs
hnawar May 17, 2023
811a0da
fmt
johanneskoester Aug 2, 2023
1b343fb
Merge branch 'main' into main
johanneskoester Aug 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
15 changes: 15 additions & 0 deletions snakemake/__init__.py
View file
Open in desktop
Expand Up @@ -174,6 +174,7 @@ def snakemake(
kubernetes=None,
container_image=None,
k8s_cpu_scalar=1.0,
k8s_service_account_name=None,
flux=False,
tibanna=False,
tibanna_sfn=None,
Expand Down Expand Up @@ -312,6 +313,7 @@ def snakemake(
kubernetes (str): submit jobs to Kubernetes, using the given namespace.
container_image (str): Docker image to use, e.g., for Kubernetes.
k8s_cpu_scalar (float): What proportion of each k8s node's CPUs are availabe to snakemake?
k8s_service_account_name: Custom k8s service account, needed for workload identity.
flux (bool): Launch workflow to flux cluster.
default_remote_provider (str): default remote provider to use instead of local files (e.g. S3, GS)
default_remote_prefix (str): prefix for default remote provider (e.g. name of the bucket).
Expand Down Expand Up @@ -726,6 +728,7 @@ def snakemake(
kubernetes=kubernetes,
container_image=container_image,
k8s_cpu_scalar=k8s_cpu_scalar,
k8s_service_account_name=k8s_service_account_name,
conda_create_envs_only=conda_create_envs_only,
default_remote_provider=default_remote_provider,
default_remote_prefix=default_remote_prefix,
Expand Down Expand Up @@ -786,6 +789,7 @@ def snakemake(
kubernetes=kubernetes,
container_image=container_image,
k8s_cpu_scalar=k8s_cpu_scalar,
k8s_service_account_name=k8s_service_account_name,
tibanna=tibanna,
tibanna_sfn=tibanna_sfn,
google_lifesciences=google_lifesciences,
Expand Down Expand Up @@ -2409,6 +2413,16 @@ def get_argument_parser(profile=None):
"see the original value, i.e. as the value substituted in {threads}.",
)

group_kubernetes.add_argument(
"--k8s-service-account-name",
metavar="SERVICEACCOUNTNAME",
default=None,
help="This argument allows the use of customer service accounts for "
"kubernetes pods. If specified serviceAccountName will be added to the "
"pod specs. This is needed when using workload identity which is enforced "
"when using Google Cloud GKE Autopilot.",
)

group_tibanna.add_argument(
"--tibanna",
action="store_true",
Expand Down Expand Up @@ -3009,6 +3023,7 @@ def open_browser():
kubernetes=args.kubernetes,
container_image=args.container_image,
k8s_cpu_scalar=args.k8s_cpu_scalar,
k8s_service_account_name=args.k8s_service_account_name,
flux=args.flux,
tibanna=args.tibanna,
tibanna_sfn=args.tibanna_sfn,
Expand Down
6 changes: 6 additions & 0 deletions snakemake/executors/__init__.py
View file
Open in desktop
Expand Up @@ -1679,6 +1679,7 @@ def __init__(
namespace,
container_image=None,
k8s_cpu_scalar=1.0,
k8s_service_account_name=None,
jobname="{rulename}.{jobid}",
printreason=False,
quiet=False,
Expand Down Expand Up @@ -1720,6 +1721,7 @@ def __init__(
import kubernetes.client

self.k8s_cpu_scalar = k8s_cpu_scalar
self.k8s_service_account_name = k8s_service_account_name
self.kubeapi = kubernetes.client.CoreV1Api()
self.batchapi = kubernetes.client.BatchV1Api()
self.namespace = namespace
Expand Down Expand Up @@ -1901,6 +1903,10 @@ def run(self, job, callback=None, submit_callback=None, error_callback=None):
body.spec = kubernetes.client.V1PodSpec(
containers=[container], node_selector=node_selector
)
#Add service account name if provided
if self.k8s_service_account_name:
body.spec.service_account_name = self.k8s_service_account_name

# fail on first error
body.spec.restart_policy = "Never"

Expand Down
2 changes: 2 additions & 0 deletions snakemake/scheduler.py
View file
Open in desktop
Expand Up @@ -87,6 +87,7 @@ def __init__(
env_modules=None,
kubernetes=None,
k8s_cpu_scalar=1.0,
k8s_service_account_name=None,
container_image=None,
flux=None,
tibanna=None,
Expand Down Expand Up @@ -317,6 +318,7 @@ def __init__(
kubernetes,
container_image=container_image,
k8s_cpu_scalar=k8s_cpu_scalar,
k8s_service_account_name=k8s_service_account_name,
printreason=printreason,
quiet=quiet,
printshellcmds=printshellcmds,
Expand Down
2 changes: 2 additions & 0 deletions snakemake/workflow.py
View file
Open in desktop
Expand Up @@ -530,6 +530,7 @@ def execute(
drmaa_log_dir=None,
kubernetes=None,
k8s_cpu_scalar=1.0,
k8s_service_account_name=None,
flux=None,
tibanna=None,
tibanna_sfn=None,
Expand Down Expand Up @@ -983,6 +984,7 @@ def files(items):
drmaa_log_dir=drmaa_log_dir,
kubernetes=kubernetes,
k8s_cpu_scalar=k8s_cpu_scalar,
k8s_service_account_name=k8s_service_account_name,
flux=flux,
tibanna=tibanna,
tibanna_sfn=tibanna_sfn,
Expand Down