def remove_local_folders(compute_plan_key):
if not settings.ENABLE_REMOVE_LOCAL_CP_FOLDERS:
logger.info(
f'Skipping deletion of local volume for compute plan {compute_plan_key}'
)
return
try:
local_folder = get_local_folder(compute_plan_key)
logger.info(f'Deleting local folder {local_folder}')
shutil.rmtree(local_folder)
except FileNotFoundError:
logger.info(f'No local folder with path {local_folder}')
pass
except Exception:
logger.error(f'Cannot delete volume {local_folder}', exc_info=True)
if settings.TASK['CHAINKEYS_ENABLED']:
chainkeys_directory = get_chainkeys_directory(compute_plan_key)
try:
shutil.rmtree(chainkeys_directory)
except Exception:
logger.error(f'Cannot delete volume {chainkeys_directory}',
exc_info=True)
def prepare_chainkeys(compute_plan_key, compute_plan_tag, subtuple_directory):
chainkeys_directory = get_chainkeys_directory(compute_plan_key)
chainkeys_volume = {
chainkeys_directory: {
'bind': '/sandbox/chainkeys',
'mode': 'rw'
}
}
if not os.path.exists(chainkeys_directory):
os.makedirs(chainkeys_directory)
kubernetes.config.load_incluster_config()
k8s_client = kubernetes.client.CoreV1Api()
secret_namespace = os.getenv('K8S_SECRET_NAMESPACE', 'default')
label_selector = f'compute_plan={compute_plan_tag}'
# fetch secrets and write them to disk
try:
secrets = k8s_client.list_namespaced_secret(
secret_namespace, label_selector=label_selector)
except kubernetes.client.rest.ApiException as e:
logger.error(
f'failed to fetch namespaced secrets {secret_namespace} with selector {label_selector}'
)
raise e
secrets = secrets.to_dict()['items']
if not secrets:
raise TasksError(
f'No secret found using label selector {label_selector}')
formatted_secrets = {
s['metadata']['labels']['index']: list(b64decode(s['data']['key']))
for s in secrets
}
with open(path.join(chainkeys_directory, 'chainkeys.json'), 'w') as f:
json.dump({'chain_keys': formatted_secrets}, f)
f.write('\n') # Add newline cause Py JSON does not
# remove secrets:
# do not delete secrets as a running k8s operator will recreate them, instead
# replace each secret data with an empty dict
for secret in secrets:
try:
k8s_client.replace_namespaced_secret(
secret['metadata']['name'],
secret_namespace,
body=kubernetes.client.V1Secret(
data={},
metadata=kubernetes.client.V1ObjectMeta(
name=secret['metadata']['name'],
labels=secret['metadata']['labels'],
),
),
)
except kubernetes.client.rest.ApiException as e:
logger.error(
f'failed to remove secrets from namespace {secret_namespace}'
)
raise e
else:
logger.info(f'{len(secrets)} secrets have been removed')
logger.info(f'Prepared chainkeys: {list_files(chainkeys_directory)}')
return chainkeys_volume