Skip to content

Commit

Permalink
Merge pull request #10 from teamhephy/issue/fix-objecstorage-keyfile-…
Browse files Browse the repository at this point in the history 
…in-namespaces

Fix for refreshing of objectstorage-keyfile
  • Loading branch information
@Cryptophobia
Cryptophobia authored Oct 20, 2020
2 parents f5363a9 + 02f8892 commit 3aab23d
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions rootfs/api/models/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1153,6 +1153,25 @@ def set_application_config(self, release):
def create_object_store_secret(self):
try:
self._scheduler.secret.get(self.id, 'objectstorage-keyfile')
if self._scheduler.secret.get(self.id, 'objectstorage-keyfile'):
'''
Rotating Secret Access Keys Bug:
Issue #9: https://github.com/teamhephy/controller/issues/9
We need to set a new objectstorage-keyfile if it has changed
in workflow's namespace
'''
workflow_objectstorage_keyfile = self._scheduler.secret.get(
settings.WORKFLOW_NAMESPACE, 'objectstorage-keyfile').json()
app_objectstorage_keyfile = self._scheduler.secret.get(
self.id, 'objectstorage-keyfile').json()
if workflow_objectstorage_keyfile['data'] != app_objectstorage_keyfile['data']:
self.log('Refreshing the objectstorage-keyfile for {} namespace'
.format(self.id), level=logging.INFO)
self._scheduler.secret.delete(self.id, 'objectstorage-keyfile')
secret = self._scheduler.secret.get(
settings.WORKFLOW_NAMESPACE, 'objectstorage-keyfile').json()
self._scheduler.secret.create(self.id, 'objectstorage-keyfile', secret['data'])
except KubeException:
secret = self._scheduler.secret.get(
settings.WORKFLOW_NAMESPACE, 'objectstorage-keyfile').json()
Expand Down

0 comments on commit 3aab23d

Please sign in to comment.