Search in sources :

Example 1 with V1SecurityContext

use of io.kubernetes.client.openapi.models.V1SecurityContext in project submarine by apache.

the class SSHGitCodeLocalizer method localize.

@Override
public void localize(V1PodSpec podSpec) {
    super.localize(podSpec);
    for (V1Container container : podSpec.getInitContainers()) {
        if (container.getName().equals(CODE_LOCALIZER_INIT_CONTAINER_NAME)) {
            List<V1EnvVar> gitSyncEnvVars = container.getEnv();
            V1EnvVar sshEnv = new V1EnvVar();
            sshEnv.setName(GIT_SYNC_SSH_NAME);
            sshEnv.setValue(GIT_SYNC_SSH_VALUE);
            gitSyncEnvVars.add(sshEnv);
            List<V1VolumeMount> mounts = container.getVolumeMounts();
            V1VolumeMount mount = new V1VolumeMount();
            mount.setName(GIT_SECRET_MOUNT_NAME);
            mount.setMountPath(GIT_SECRET_PATH);
            mount.setReadOnly(true);
            mounts.add(mount);
            V1SecurityContext containerSecurityContext = new V1SecurityContext();
            containerSecurityContext.setRunAsUser(SSHGitCodeLocalizer.GIT_SYNC_USER);
            container.setSecurityContext(containerSecurityContext);
        }
    }
}
Also used : V1Container(io.kubernetes.client.openapi.models.V1Container) V1SecurityContext(io.kubernetes.client.openapi.models.V1SecurityContext) V1EnvVar(io.kubernetes.client.openapi.models.V1EnvVar) V1VolumeMount(io.kubernetes.client.openapi.models.V1VolumeMount)

Aggregations

V1Container (io.kubernetes.client.openapi.models.V1Container)1 V1EnvVar (io.kubernetes.client.openapi.models.V1EnvVar)1 V1SecurityContext (io.kubernetes.client.openapi.models.V1SecurityContext)1 V1VolumeMount (io.kubernetes.client.openapi.models.V1VolumeMount)1