def _get_gcloud_container(self) -> Container:
"""Create Google Cloud SDK container.
Cloud SDK requires to enable some authorization method first. Because of that we start a container which
runs forever using `cat' command (like Jenkins do), put a service account credentials and activate them.
All consequent gcloud commands run using container.exec_run() method.
"""
container = ContainerManager.run_container(self, "gcloud")
credentials = KeyStore().get_gcp_credentials()
credentials["client_email"] = f"{credentials['client_email']}"
shell_command = f"umask 077 && echo '{json.dumps(credentials)}' > /tmp/gcloud_svc_account.json"
shell_command += " && echo 'kubeletConfig:\n cpuManagerPolicy: static' > /tmp/system_config.yaml"
# NOTE: use 'bash' in case of non-alpine sdk image and 'sh' when it is 'alpine' one.
res = container.exec_run(["bash", "-c", shell_command])
if res.exit_code:
raise DockerException(f"{container}: {res.output.decode('utf-8')}")
res = container.exec_run([
"gcloud", "auth", "activate-service-account",
credentials["client_email"], "--key-file",
"/tmp/gcloud_svc_account.json", "--project",
credentials["project_id"]
])
if res.exit_code:
raise DockerException(
f"{container}[]: {res.output.decode('utf-8')}")
return container
def _get_gcloud_container(self) -> Container:
"""Create Google Cloud SDK container.
Cloud SDK requires to enable some authorization method first. Because of that we start a container which
runs forever using `cat' command (like Jenkins do), put a service account credentials and activate them.
All consequent gcloud commands run using container.exec_run() method.
"""
container = ContainerManager.run_container(self, "gcloud")
credentials = KeyStore().get_gcp_credentials()
credentials[
"client_email"] = f"{credentials['project_id']}@appspot.gserviceaccount.com"
shell_command = f"umask 077 && echo '{json.dumps(credentials)}' > /tmp/gcloud_svc_account.json"
res = container.exec_run(["sh", "-c", shell_command])
if res.exit_code:
raise DockerException(f"{container}: {res.output.decode('utf-8')}")
res = container.exec_run([
"gcloud", "auth", "activate-service-account",
credentials["client_email"], "--key-file",
"/tmp/gcloud_svc_account.json", "--project",
credentials["project_id"]
])
if res.exit_code:
raise DockerException(
f"{container}[]: {res.output.decode('utf-8')}")
return container
def helm(self, kluster, *command: str, namespace: Optional[str] = None, values: 'HelmValues' = None, prepend_command=None) -> str:
cmd = ["helm", ]
if prepend_command:
if isinstance(prepend_command, list):
cmd = prepend_command + cmd
else:
raise TypeError("'prepend_cmd' param expected to be 'list'")
if kluster.k8s_server_url:
cmd.extend(("--kube-apiserver", kluster.k8s_server_url, ))
if namespace:
cmd.extend(("--namespace", namespace, ))
values_file = None
cmd.extend(command)
if values:
helm_values_file = NamedTemporaryFile(mode='tw') # pylint: disable=consider-using-with
helm_values_file.write(yaml.safe_dump(values.as_dict()))
helm_values_file.flush()
cmd.extend(("-f", helm_values_file.name))
values_file = helm_values_file
cmd = " ".join(cmd)
LOGGER.debug("Execute `%s'", cmd)
try:
res = self._helm_container.exec_run(["sh", "-c", cmd])
if res.exit_code:
raise DockerException(f"{self._helm_container}: {res.output.decode('utf-8')}")
return res.output.decode("utf-8")
finally:
if values_file:
values_file.close()
def helm(self,
kluster,
*command: str,
namespace: Optional[str] = None) -> str:
cmd = [
"helm",
]
if kluster.k8s_server_url:
cmd.extend((
"--kube-apiserver",
kluster.k8s_server_url,
))
if namespace:
cmd.extend((
"--namespace",
namespace,
))
cmd.extend(command)
cmd = " ".join(cmd)
LOGGER.debug("Execute `%s'", cmd)
res = self._helm_container.exec_run(["sh", "-c", cmd])
if res.exit_code:
raise DockerException(
f"{self._helm_container}: {res.output.decode('utf-8')}")
return res.output.decode("utf-8")
def run(self, force: bool = False) -> str:
if not force and AWS_MOCK_IP_FILE.exists():
LOGGER.warning(
"%s found, don't run a new container and return AWS Mock IP from it",
AWS_MOCK_IP_FILE)
return AWS_MOCK_IP_FILE.read_text(encoding="utf-8")
container = ContainerManager.run_container(self, "aws_mock")
res = container.exec_run([
"bash", "-cxe",
dedent("""\
mkdir -p /src/s3/scylla-qa-keystore
ssh-keygen -q -b 2048 -t rsa -N "" -C aws_mock -f /src/s3/scylla-qa-keystore/scylla-qa-ec2
chown -R nginx:nginx /src/s3/scylla-qa-keystore
useradd ubuntu
mkdir -m 700 -p /home/ubuntu/.ssh
cp /src/s3/scylla-qa-keystore/scylla-qa-ec2.pub /home/ubuntu/.ssh/authorized_keys
chown -R ubuntu:ubuntu /home/ubuntu/.ssh
""")
])
if res.exit_code:
raise DockerException(f"{container}: {res.output.decode('utf-8')}")
aws_mock_ip = ContainerManager.get_ip_address(self, "aws_mock")
AWS_MOCK_IP_FILE.write_text(aws_mock_ip, encoding="utf-8")
return aws_mock_ip
def runcmd(self, command: str) -> str:
LOGGER.info("Execute `%s' inside Jepsen container", command)
res = self._jepsen_container.exec_run(["sh", "-c", command],
stream=True)
for line in res.output:
LOGGER.info(line.decode("utf-8").rstrip())
if res.exit_code:
raise DockerException(
f"{self._jepsen_container}: {res.output.decode('utf-8')}")
def run(self, command) -> str:
one_time = self._container is None
if one_time:
self._span_container()
try:
LOGGER.debug("Execute `gcloud %s'", command)
res = self._container.exec_run(["sh", "-c", f"gcloud {command}"])
if res.exit_code:
raise DockerException(
f"{self._container}: {res.output.decode('utf-8')}")
return res.output.decode("utf-8")
finally:
if one_time:
self._destroy_container()