TRON-1636: Setup tron secret_volumes in setup_tron_namespace #3615
Conversation
Molaire
changed the title
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
c3060ff
to
e9ccd71
Compare
| @@ -1430,7 +1535,7 @@ def test_create_complete_config_e2e(self, tmpdir): | |||
| # that are not static, this will cause continuous reconfiguration, which | |||
| # will add significant load to the Tron API, which happened in DAR-1461. | |||
| # but if this is intended, just change the hash. | |||
| assert hasher.hexdigest() == "f740410f7ae2794f9924121c1115e15d" | |||
| assert hasher.hexdigest() == "35972651618a848ac6bf7947245dbaea" | |||
There was a problem hiding this comment.
Note that this may cause a big bounce with all tron jobs when deployed. Make sure you sync with #compute-infra before shipping these changes in case any special considerations are needed to accommodate that.
There was a problem hiding this comment.
this should be fine - the main purpose of this test is too help us catch things like a timestamp (or something equally ever-changing) being added to the podspec as repeatedly reconfiguring every job is quite painful :)
There was a problem hiding this comment.
luisp++ ah right there in the comment above :) thanks for the context!
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
9a0fe06
to
ade4b57
Compare
| @@ -1430,7 +1535,7 @@ def test_create_complete_config_e2e(self, tmpdir): | |||
| # that are not static, this will cause continuous reconfiguration, which | |||
| # will add significant load to the Tron API, which happened in DAR-1461. | |||
| # but if this is intended, just change the hash. | |||
| assert hasher.hexdigest() == "f740410f7ae2794f9924121c1115e15d" | |||
| assert hasher.hexdigest() == "35972651618a848ac6bf7947245dbaea" | |||
There was a problem hiding this comment.
this should be fine - the main purpose of this test is too help us catch things like a timestamp (or something equally ever-changing) being added to the podspec as repeatedly reconfiguring every job is quite painful :)
| @@ -869,6 +869,7 @@ def format_tron_action_dict(action_config: TronActionConfig, use_k8s: bool = Fal | |||
| "node": action_config.get_node(), | |||
| "retries": action_config.get_retries(), | |||
| "retries_delay": action_config.get_retries_delay(), | |||
| "secret_volumes": action_config.get_secret_volumes(), | |||
There was a problem hiding this comment.
lol - nice! always good when things just work out and we don't need to do anything special :)
| @@ -48,6 +48,7 @@ example_cluster/paasta/docker_registry.json | |||
| general_itests/fake_etc_paasta/clusters.json | |||
| pip-wheel-metadata | |||
| debian/debhelper-build-stamp | |||
| unique-run | |||
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
1b94de5
to
a45bf49
Compare
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
5 times, most recently
from
e4ace1f
to
9ccbea3
Compare
| @@ -415,15 +415,17 @@ def get_job_name(self): | |||
| def get_action_name(self): | |||
| return self.action | |||
|
|
|||
| def get_secret_volumes(self) -> List[TronSecretVolume]: | |||
| def get_secret_volumes(self) -> List[TronSecretVolume]: # type: ignore | |||
There was a problem hiding this comment.
TypedDict does not support isinstance and issubclass for a subclass of a defined typeddict, and mypy is sad (mypy doesnt understand TronSecretVolume is a subclass of SecretVolume)
There was a problem hiding this comment.
rip, maybe we can unify TronSecretVolume and SecretVolume in the future (if we did it now we'd need another tron release, right?)
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
782a764
to
860d925
Compare
requirements.txt
Outdated
| @@ -104,7 +104,7 @@ sticht==1.1.18 | |||
| strict-rfc3339==0.7 | |||
| swagger-spec-validator==2.1.0 | |||
| syslogmp==0.2.2 | |||
| task-processing==0.1.3 | |||
| task-processing==0.12.1 | |||
There was a problem hiding this comment.
do we actually use task_processing in paasta right now? 😮
There was a problem hiding this comment.
It's "used" in the legacy remote run implementation
There was a problem hiding this comment.
noice - well, we don't necessarily need to bump this (and remote-run isn't really usable by folks right now), but this is fine to do now imo :)
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
860d925
to
3430d4f
Compare
Molaire
force-pushed
the
u/vit/tron-1636-add-secret-volume
branch
from
1e3d347
to
6e5c9b1
Compare
Ticket: TRON-1636
This pipes secret_volumes in tron. It was already set up in kubernetes, so most of the work here was adjusting the tests.
This was tested with 2 real tron jobs and patched paasta and tron on our
tron-infrastagebox.Success: https://fluffy.yelpcorp.com/i/bsJZQ3TlDR9N6fx3dNjT6WQfT0NVGh03.html
Jobs config: https://sourcegraph.yelpcorp.com/sysgit/yelpsoa-configs/-/blob/compute-infra-test-service/tron-infrastage.yaml?L94-119