From a8521503974f728616c79e3d0737feeb5788fc5c Mon Sep 17 00:00:00 2001 From: SergioLangaritaBenitez Date: Tue, 14 Jan 2025 16:07:57 +0100 Subject: [PATCH] fix bugs --- examples/expose_services/deep/deep_expose.yaml | 8 ++++++-- examples/expose_services/deep/deep_expose2.yaml | 15 --------------- examples/expose_services/deep/deepscript.sh | 2 +- pkg/handlers/delete.go | 2 +- pkg/types/expose.go | 7 ++++++- pkg/utils/minio.go | 17 ++++++++++++----- 6 files changed, 26 insertions(+), 25 deletions(-) delete mode 100644 examples/expose_services/deep/deep_expose2.yaml diff --git a/examples/expose_services/deep/deep_expose.yaml b/examples/expose_services/deep/deep_expose.yaml index a84c5ba1..656f0ab9 100644 --- a/examples/expose_services/deep/deep_expose.yaml +++ b/examples/expose_services/deep/deep_expose.yaml @@ -1,15 +1,19 @@ functions: oscar: - oscar-cluster: - name: plant + name: dogs-breed memory: 3Gi cpu: '2.0' - image: deephdc/deep-oc-plants-classification-tf + image: ai4oshub/dogs-breed-detector log_level: CRITICAL script: script.sh + environment: + Variables: + basePath: /system/services/dogs-breed/exposed/main expose: min_scale: 1 max_scale: 1 api_port: 5000 + rewrite_target: true cpu_threshold: 90 set_auth: true diff --git a/examples/expose_services/deep/deep_expose2.yaml b/examples/expose_services/deep/deep_expose2.yaml deleted file mode 100644 index 1642aa78..00000000 --- a/examples/expose_services/deep/deep_expose2.yaml +++ /dev/null @@ -1,15 +0,0 @@ -functions: - oscar: - - oscar-cluster: - name: plant-classification-sync - memory: 2Gi - cpu: '1.0' - image: deephdc/deep-oc-plants-classification-tf - log_level: CRITICAL - script: script.sh - expose: - min_scale: 1 - max_scale: 1 - api_port: 5000 - cpu_threshold: 90 - nodePort: 30500 diff --git a/examples/expose_services/deep/deepscript.sh b/examples/expose_services/deep/deepscript.sh index b7b86d20..d8465092 100644 --- a/examples/expose_services/deep/deepscript.sh +++ b/examples/expose_services/deep/deepscript.sh @@ -1 +1 @@ -deepaas-run --openwhisk-detect --listen-ip 0.0.0.0 --listen-port 5000 \ No newline at end of file +deepaas-run --listen-ip 0.0.0.0 --listen-port 5000 --base-path $basePath \ No newline at end of file diff --git a/pkg/handlers/delete.go b/pkg/handlers/delete.go index 0dee6006..744d7caf 100644 --- a/pkg/handlers/delete.go +++ b/pkg/handlers/delete.go @@ -221,7 +221,7 @@ func deletePrivateBuckets(service *types.Service, minIOAdminClient *utils.MinIOA log.Printf("Error disabling MinIO input notifications for service \"%s\": %v\n", service.Name, err) } //Delete bucket and unset the associated policy - err := minIOAdminClient.EmptyPolicy(service.AllowedUsers[i]) + err := minIOAdminClient.EmptyPolicy(service.AllowedUsers[i], false) if err != nil { fmt.Println(err) } diff --git a/pkg/types/expose.go b/pkg/types/expose.go index 09b758b4..aeabd6a2 100644 --- a/pkg/types/expose.go +++ b/pkg/types/expose.go @@ -84,6 +84,9 @@ func DeleteExpose(name string, kubeClientset kubernetes.Interface, cfg *Config) ingressType := existsIngress(name, cfg.ServicesNamespace, kubeClientset) if ingressType { err = deleteIngress(getIngressName(name), kubeClientset, cfg) + if existsSecret(name, kubeClientset, cfg) { + deleteSecret(name, kubeClientset, cfg) + } if err != nil { return fmt.Errorf("error deleting ingress for exposed service '%s': %v", name, err) } @@ -125,6 +128,9 @@ func UpdateExpose(service Service, kubeClientset kubernetes.Interface, cfg *Conf // New service config if NodePort if service.Expose.NodePort != 0 { err = deleteIngress(getIngressName(service.Name), kubeClientset, cfg) + if existsSecret(service.Name, kubeClientset, cfg) { + deleteSecret(service.Name, kubeClientset, cfg) + } if err != nil { log.Printf("error deleting ingress service: %v\n", err) return err @@ -547,7 +553,6 @@ func deleteIngress(name string, kubeClientset kubernetes.Interface, cfg *Config) if err != nil { return err } - deleteSecret(name, kubeClientset, cfg) return nil } diff --git a/pkg/utils/minio.go b/pkg/utils/minio.go index 0b2bb7fb..910c4b80 100644 --- a/pkg/utils/minio.go +++ b/pkg/utils/minio.go @@ -313,6 +313,8 @@ func (minIOAdminClient *MinIOAdminClient) CreateAddPolicy(bucketName string, pol actualPolicy.Statement = []Statement{ { Resource: []string{rs}, + Action: []string{"s3:*"}, + Effect: "Allow", }, } @@ -401,10 +403,15 @@ func (minIOAdminClient *MinIOAdminClient) RemoveFromPolicy(bucketName string, po actualPolicy := &Policy{} json.Unmarshal(policyInfo.Policy, actualPolicy) if len(actualPolicy.Statement[0].Resource) == 1 { - if err := minIOAdminClient.adminClient.RemoveCannedPolicy(context.TODO(), policyName); err != nil { - return fmt.Errorf("error removing canned policy: %v", err) + if policyName == ALL_USERS_GROUP { + actualPolicy.Statement[0].Effect = "Deny" + } else { + if err := minIOAdminClient.adminClient.RemoveCannedPolicy(context.TODO(), policyName); err != nil { + return fmt.Errorf("error removing canned policy: %v", err) + } + return nil } - return nil + } else { for i, r := range actualPolicy.Statement[0].Resource { if r == rs { @@ -431,8 +438,8 @@ func (minIOAdminClient *MinIOAdminClient) RemoveFromPolicy(bucketName string, po return nil } -func (minIOAdminClient *MinIOAdminClient) EmptyPolicy(policyName string) error { - err := minIOAdminClient.adminClient.SetPolicy(context.TODO(), "", policyName, false) +func (minIOAdminClient *MinIOAdminClient) EmptyPolicy(policyName string, group bool) error { + err := minIOAdminClient.adminClient.SetPolicy(context.TODO(), "", policyName, group) if err != nil { return fmt.Errorf("error setting MinIO policy for group %s: %v", policyName, err) }