def createClusterRoleBinding(hubClient: dynamic.DynamicClient,
clusterName: str) -> ApiException:
if len(clusterName) == 0:
return ApiException(reason="cluster name is empty")
clusterRoleBindingAPI = hubClient.resources.get(
api_version="rbac.authorization.k8s.io/v1", kind="ClusterRoleBinding")
metricsCollectorView = {
"kind":
"ClusterRoleBinding",
"apiVersion":
"rbac.authorization.k8s.io/v1",
"metadata": {
"name": "{}-clusters-metrics-collector-view".format(clusterName),
"annotations": {
"owner": "multicluster-operator",
},
},
"subjects": [{
"kind": "ServiceAccount",
"name": "endpoint-observability-operator-sa",
"namespace": clusterName
}],
"roleRef": {
"apiGroup": "rbac.authorization.k8s.io",
"kind": "ClusterRole",
"name": "cluster-monitoring-view",
},
}
try:
clusterRoleBindingAPI.create(body=metricsCollectorView)
except ApiException as err:
if err.status != 409:
return err
def test_create_game_secret(game_manager, game_id):
token = "secret-token"
name = game_manager.create_game_name(game_id) + "-token"
expected_secret = kubernetes.client.V1Secret(
kind="Secret",
string_data={"token": token},
metadata=kubernetes.client.V1ObjectMeta(
name=name,
namespace=K8S_NAMESPACE,
labels={
"game_id": str(game_id),
"app": "aimmo-game"
},
),
)
game_manager.api.read_namespaced_secret = MagicMock()
game_manager.api.create_namespaced_secret = MagicMock()
game_manager.api.patch_namespaced_secret = MagicMock()
aimmo.game_manager.LOGGER.exception = MagicMock()
# Test create secret success
game_manager.api.read_namespaced_secret.side_effect = ApiException()
game_manager.create_game_secret(game_id=game_id, token=token)
game_manager.api.create_namespaced_secret.assert_called_with(
namespace=K8S_NAMESPACE, body=expected_secret)
# Test create secret exception
game_manager.api.create_namespaced_secret.side_effect = ApiException()
game_manager.create_game_secret(game_id=game_id, token=token)
aimmo.game_manager.LOGGER.exception.assert_called()
# Test patch secret success
game_manager.api.read_namespaced_secret.side_effect = None
game_manager.create_game_secret(game_id=game_id, token=token)
game_manager.api.patch_namespaced_secret.assert_called_with(
name=name, namespace=K8S_NAMESPACE, body=expected_secret)
# Test patch secret exception
game_manager.api.patch_namespaced_secret.side_effect = ApiException()
game_manager.create_game_secret(game_id=game_id, token=token)
aimmo.game_manager.LOGGER.exception.assert_called()
def runSimulaterAt(hubClient: dynamic.DynamicClient,
clusterName: str) -> ApiException:
if reuseAddonCertConfigMap(hubClient, clusterName) != None:
return ApiException(reason="failed to create cert configmap")
if reuseAddonSingerCertSecrets(hubClient, clusterName) != None:
return ApiException(reason="failed to create cert secrets")
if reuseAddonManagedCertSecrets(hubClient, clusterName) != None:
return ApiException(reason="failed to create cert secrets")
if reuseAddonCertServiceAccount(hubClient, clusterName) != None:
return ApiException(reason="failed to create cert serviceAccount")
if reuseAddonDeployment(hubClient, clusterName) != None:
return ApiException(reason="failed to create simulator deployment")
if createClusterRoleBinding(hubClient, clusterName) != None:
return ApiException(reason="failed to create clusterrolebinding")
return None
def request(self,
method,
url,
query_params=None,
headers=None,
body=None,
post_params=None,
_preload_content=True,
_request_timeout=None):
"""Perform requests.
:param method: http request method
:param url: http request url
:param query_params: query parameters in the url
:param headers: http request headers
:param body: request json body, for `application/json`
:param post_params: request post parameters,
`application/x-www-form-urlencoded`
and `multipart/form-data`
:param _preload_content: if False, the urllib3.HTTPResponse object will
be returned without reading/decoding response
data. Default is True.
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
"""
method = method.upper()
assert method in [
'GET', 'HEAD', 'DELETE', 'POST', 'PUT', 'PATCH', 'OPTIONS'
]
if post_params and body:
raise ApiValueError(
"body parameter cannot be used with post_params parameter.")
post_params = post_params or {}
headers = headers or {}
timeout = None
if _request_timeout:
if isinstance(_request_timeout, (int, ) if six.PY3 else
(int, long)): # noqa: E501,F821
timeout = urllib3.Timeout(total=_request_timeout)
elif (isinstance(_request_timeout, tuple)
and len(_request_timeout) == 2):
timeout = urllib3.Timeout(connect=_request_timeout[0],
read=_request_timeout[1])
if 'Content-Type' not in headers:
headers['Content-Type'] = 'application/json'
try:
# For `POST`, `PUT`, `PATCH`, `OPTIONS`, `DELETE`
if method in ['POST', 'PUT', 'PATCH', 'OPTIONS', 'DELETE']:
if query_params:
url += '?' + urlencode(query_params)
if re.search('json', headers['Content-Type'], re.IGNORECASE):
if headers[
'Content-Type'] == 'application/json-patch+json':
if not isinstance(body, list):
headers['Content-Type'] = \
'application/strategic-merge-patch+json'
request_body = None
if body is not None:
request_body = json.dumps(body)
r = self.pool_manager.request(
method,
url,
body=request_body,
preload_content=_preload_content,
timeout=timeout,
headers=headers)
elif headers[
'Content-Type'] == 'application/x-www-form-urlencoded': # noqa: E501
r = self.pool_manager.request(
method,
url,
fields=post_params,
encode_multipart=False,
preload_content=_preload_content,
timeout=timeout,
headers=headers)
elif headers['Content-Type'] == 'multipart/form-data':
# must del headers['Content-Type'], or the correct
# Content-Type which generated by urllib3 will be
# overwritten.
del headers['Content-Type']
r = self.pool_manager.request(
method,
url,
fields=post_params,
encode_multipart=True,
preload_content=_preload_content,
timeout=timeout,
headers=headers)
# Pass a `string` parameter directly in the body to support
# other content types than Json when `body` argument is
# provided in serialized form
elif isinstance(body, str) or isinstance(body, bytes):
request_body = body
r = self.pool_manager.request(
method,
url,
body=request_body,
preload_content=_preload_content,
timeout=timeout,
headers=headers)
else:
# Cannot generate the request from given parameters
msg = """Cannot prepare a request message for provided
arguments. Please check that your arguments match
declared content type."""
raise ApiException(status=0, reason=msg)
# For `GET`, `HEAD`
else:
r = self.pool_manager.request(method,
url,
fields=query_params,
preload_content=_preload_content,
timeout=timeout,
headers=headers)
except urllib3.exceptions.SSLError as e:
msg = "{0}\n{1}".format(type(e).__name__, str(e))
raise ApiException(status=0, reason=msg)
if _preload_content:
r = RESTResponse(r)
# In the python 3, the response.data is bytes.
# we need to decode it to string.
if six.PY3:
r.data = r.data.decode('utf8')
# log response body
logger.debug("response body: %s", r.data)
if not 200 <= r.status <= 299:
raise ApiException(http_resp=r)
return r