def create_imagepullsecret(access_token, project_id, project_code, cluster_id, namespace):
# get dept domain
dept_domain = paas_cc.get_jfrog_domain(access_token, project_id, cluster_id)
# 判断是否为研发仓库,正式环境分为:研发仓库、生产仓库,这2个仓库的账号要分开申请
is_bk_dept = True if dept_domain.startswith(settings.BK_JFROG_ACCOUNT_DOMAIN) else False
dept_account = get_jfrog_account(access_token, project_code, project_id, is_bk_dept)
# get user or pwd by dept account
user = dept_account.get('user', '')
pwd = dept_account.get('password', '')
# compose config
secret_config = {
"kind": "secret",
"metadata": {
"name": MESOS_IMAGE_SECRET,
"namespace": namespace
},
"datas": {
"user": {
"content": base64.b64encode(user.encode(encoding="utf-8")).decode()
},
"pwd": {
"content": base64.b64encode(pwd.encode(encoding="utf-8")).decode()
}
},
"apiVersion": "v4"
}
client = MesosClient(access_token, project_id, cluster_id, env=None)
resp = client.create_secret(namespace, secret_config)
if (resp.get('code') != ErrorCode.NoError) and ('already exists' not in resp.get('message', '')):
raise error_codes.APIError(f'create secret error, result.get("message")')
def init_mesos_ns_by_bcs(self, access_token, project_id, project_code,
cluster_id, ns_name):
"""新建包含仓库账号信息的sercret配置文件并下发
"""
# 获取镜像仓库地址
jfrog_domain = paas_cc.get_jfrog_domain(access_token, project_id,
cluster_id)
# 按项目申请仓库的账号信息
# 判断是否为研发仓库,正式环境分为:研发仓库、生产仓库,这2个仓库的账号要分开申请
if jfrog_domain.startswith(settings.BK_JFROG_ACCOUNT_DOMAIN):
is_bk_jfrog = True
else:
is_bk_jfrog = False
jfrog_account = get_jfrog_account(access_token, project_code,
project_id, is_bk_jfrog)
_user = jfrog_account.get('user', '')
_pwd = jfrog_account.get('password', '')
jfrog_config = {
"kind": "secret",
"metadata": {
"name": MESOS_IMAGE_SECRET,
"namespace": ns_name
},
"datas": {
"user": {
"content":
base64.b64encode(_user.encode(encoding="utf-8")).decode()
},
"pwd": {
"content":
base64.b64encode(_pwd.encode(encoding="utf-8")).decode()
}
},
"apiVersion": "v4"
}
# 下发secret配置文件
client = MesosClient(access_token, project_id, cluster_id, env=None)
result = client.create_secret(ns_name, jfrog_config)
if result.get('code') != 0:
client.delete_secret(ns_name, MESOS_IMAGE_SECRET)
raise error_codes.ComponentError.f(
"创建jforg secret失败,%s, 请联系管理员解决" % result.get('message'))