From 83222e90af3288543a38ccf21bcc490146ce53f4 Mon Sep 17 00:00:00 2001 From: catttam Date: Thu, 26 Oct 2023 12:29:19 +0200 Subject: [PATCH] Fixed support for SGX on exposed services --- pkg/utils/expose.go | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/pkg/utils/expose.go b/pkg/utils/expose.go index df4a7371..8fdcbdb4 100644 --- a/pkg/utils/expose.go +++ b/pkg/utils/expose.go @@ -211,17 +211,7 @@ func getPodTemplateSpec(e Expose) v1.PodTemplateSpec { ContainerPort: int32(e.Port), } cores := resource.NewMilliQuantity(500, resource.DecimalSI) - var container v1.Container = v1.Container{ - Name: e.Name, - Image: e.Image, - Env: types.ConvertEnvVars(e.Variables), - Ports: []v1.ContainerPort{ports}, - Resources: v1.ResourceRequirements{ - Requests: v1.ResourceList{ - "cpu": *cores, - }, - }, - } + template := v1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Name: e.Name, @@ -232,19 +222,31 @@ func getPodTemplateSpec(e Expose) v1.PodTemplateSpec { }, Spec: v1.PodSpec{ InitContainers: []v1.Container{}, - Containers: []v1.Container{container}, + Containers: []v1.Container{ + { + Name: e.Name, + Image: e.Image, + Env: types.ConvertEnvVars(e.Variables), + Ports: []v1.ContainerPort{ports}, + Resources: v1.ResourceRequirements{ + Requests: v1.ResourceList{ + "cpu": *cores, + }, + }, + }, + }, }, } if e.EnableSGX { types.SetSecurityContext(&template.Spec) sgx, _ := resource.ParseQuantity("1") - container.Resources.Limits["sgx.intel.com/enclave"] = sgx + template.Spec.Containers[0].Resources.Limits["sgx.intel.com/enclave"] = sgx } if e.EnableGPU { gpu, _ := resource.ParseQuantity("1") - container.Resources.Limits["nvidia.com/gpu"] = gpu + template.Spec.Containers[0].Resources.Limits["nvidia.com/gpu"] = gpu } return template