Added support for group_add key
#739
Conversation
|
@surajnarwade, thank you for the pull request! We'll ping some people to review your PR. @surajssd and @containscafeine, please review this. |
k8s-ci-robot
added
the
cncf-cla: yes
surajnarwade
changed the title
group_add keygroup_add key
pkg/loader/compose/v1v2.go
Outdated
| for _, i := range composeServiceConfig.GroupAdd { | ||
| j, err := strconv.Atoi(i) | ||
| if err != nil { | ||
| panic(err) |
| @@ -103,8 +103,11 @@ func (k *Kubernetes) CheckUnsupportedKey(komposeObject *kobject.KomposeObject, u | |||
| } | |||
|
|
|||
| // InitPodSpec creates the pod specification | |||
| func (k *Kubernetes) InitPodSpec(name string, image string) api.PodSpec { | |||
| func (k *Kubernetes) InitPodSpec(name string, image string, groupadd []int64) api.PodSpec { | |||
There was a problem hiding this comment.
no need to add groupadd here, we can add this to k8sutils.go, having it in kubernetes.go / openshift.go will make InitPodSpec messy with multiple input variables.
Have a look at how we transform the Kubernetes artifacts in k8sutils.go
| @@ -113,7 +113,8 @@ | |||
| "resources": {} | |||
| } | |||
| ], | |||
| "restartPolicy": "Always" | |||
| "restartPolicy": "Always", | |||
| "securityContext": {} | |||
There was a problem hiding this comment.
all of the tests add securityContext, we should have an if statement in the code that ONLY adds securityContext if it's been supplied. no need for blank resources like this.
surajnarwade
force-pushed
the
group_add
branch
2 times, most recently
from
a321210 to
aad3b25
Compare
surajnarwade
changed the title
group_add keygroup_add key
There was a problem hiding this comment.
A couple of nits, and maybe add a failing test for both providers, and this is good to go.
Great work, @surajnarwade 🎉
pkg/loader/compose/v1v2.go
Outdated
| for _, i := range composeServiceConfig.GroupAdd { | ||
| j, err := strconv.Atoi(i) | ||
| if err != nil { | ||
| return kobject.KomposeObject{}, errors.Wrap(err, "Unable to get group_add key") |
There was a problem hiding this comment.
nit: start the error with lowercase
pkg/loader/compose/v1v2.go
Outdated
| @@ -264,6 +264,16 @@ func libComposeToKomposeMapping(composeObject *project.Project) (kobject.Kompose | |||
| serviceConfig.MemLimit = composeServiceConfig.MemLimit | |||
| serviceConfig.TmpFs = composeServiceConfig.Tmpfs | |||
| serviceConfig.StopGracePeriod = composeServiceConfig.StopGracePeriod | |||
| var t2 []int64 | |||
There was a problem hiding this comment.
nit: what does t2 mean? How about a more explanatory variable name?
script/test/cmd/tests.sh
Outdated
| # kubernetes test | ||
| convert::expect_success "kompose -f $KOMPOSE_ROOT/script/test/fixtures/group-add/docker-compose.yml convert --stdout -j" "$KOMPOSE_ROOT/script/test/fixtures/group-add/output-k8s.json" | ||
| # openshift test | ||
| convert::expect_success "kompose --provider openshift -f $KOMPOSE_ROOT/script/test/fixtures/group-add/docker-compose.yml convert --stdout -j" "$KOMPOSE_ROOT/script/test/fixtures/group-add/output-os.json" | ||
|
|
There was a problem hiding this comment.
Can we add a failing test for both the providers? Makes the tests more robust.
| @@ -4,7 +4,7 @@ services: | |||
| postgresql: | |||
| image: swordphilic/postgresql | |||
| ports: | |||
| - "$DB_PORT" | |||
| - $DB_PORT | |||
There was a problem hiding this comment.
Why is this changed? Please revert back to with quotes.
pkg/loader/compose/v1v2.go
Outdated
| @@ -264,6 +264,16 @@ func libComposeToKomposeMapping(composeObject *project.Project) (kobject.Kompose | |||
| serviceConfig.MemLimit = composeServiceConfig.MemLimit | |||
| serviceConfig.TmpFs = composeServiceConfig.Tmpfs | |||
| serviceConfig.StopGracePeriod = composeServiceConfig.StopGracePeriod | |||
| var groupAdd []int64 | |||
There was a problem hiding this comment.
Please add spacing, newline here as well as a newline below (after serviceConfig.GroupAdd = groupAdd).
Since this is a range, perhaps it may be better to make this into a separate function?
Also add a small comment please :)
|
Please add a description to your commit as well as update this original PR description. |
surajnarwade
force-pushed
the
group_add
branch
3 times, most recently
from
483b750 to
d2d76cc
Compare
This PR will add support for `group_add` key which will map to supplemental group in pod security context.
surajnarwade
force-pushed
the
group_add
branch
from
d2d76cc to
641f8f8
Compare
|
@cdrage updated with suggested changes |
|
Awesome! This is great. Changes are good. Thanks @surajnarwade for the hard work. |
No description provided.