diff --git a/dist/index.js b/dist/index.js index 0e9a74c2..0b9f7c43 100644 Binary files a/dist/index.js and b/dist/index.js differ diff --git a/dist/index.js.map b/dist/index.js.map index 8f752321..887849ab 100644 Binary files a/dist/index.js.map and b/dist/index.js.map differ diff --git a/src/model/cloud-runner/providers/k8s/index.ts b/src/model/cloud-runner/providers/k8s/index.ts index e4eb70dc..e20a8834 100644 --- a/src/model/cloud-runner/providers/k8s/index.ts +++ b/src/model/cloud-runner/providers/k8s/index.ts @@ -22,6 +22,7 @@ class Kubernetes implements ProviderInterface { public kubeConfig!: k8s.KubeConfig; public kubeClient!: k8s.CoreV1Api; public kubeClientBatch!: k8s.BatchV1Api; + public rbacAuthorizationV1Api!: k8s.RbacAuthorizationV1Api; public buildGuid: string = ''; public buildParameters!: BuildParameters; public pvcName: string = ''; @@ -40,6 +41,7 @@ class Kubernetes implements ProviderInterface { this.kubeConfig.loadFromDefault(); this.kubeClient = this.kubeConfig.makeApiClient(k8s.CoreV1Api); this.kubeClientBatch = this.kubeConfig.makeApiClient(k8s.BatchV1Api); + this.rbacAuthorizationV1Api = this.kubeConfig.makeApiClient(k8s.RbacAuthorizationV1Api); this.namespace = 'default'; CloudRunnerLogger.log('Loaded default Kubernetes configuration for this environment'); } @@ -245,7 +247,7 @@ class Kubernetes implements ProviderInterface { this.containerName, ); await new Promise((promise) => setTimeout(promise, 15000)); - await KubernetesRole.createRole(this.serviceAccountName, this.namespace); + await KubernetesRole.createRole(this.serviceAccountName, this.namespace, this.rbacAuthorizationV1Api); const result = await this.kubeClientBatch.createNamespacedJob(this.namespace, jobSpec); CloudRunnerLogger.log(`Build job created`); await new Promise((promise) => setTimeout(promise, 5000)); @@ -269,7 +271,7 @@ class Kubernetes implements ProviderInterface { try { await this.kubeClientBatch.deleteNamespacedJob(this.jobName, this.namespace); await this.kubeClient.deleteNamespacedPod(this.podName, this.namespace); - await KubernetesRole.deleteRole(this.serviceAccountName, this.namespace); + await KubernetesRole.deleteRole(this.serviceAccountName, this.namespace, this.rbacAuthorizationV1Api); } catch (error: any) { CloudRunnerLogger.log(`Failed to cleanup`); if (error.response.body.reason !== `NotFound`) { diff --git a/src/model/cloud-runner/providers/k8s/kubernetes-role.ts b/src/model/cloud-runner/providers/k8s/kubernetes-role.ts index 09a26d06..b7a3d3a5 100644 --- a/src/model/cloud-runner/providers/k8s/kubernetes-role.ts +++ b/src/model/cloud-runner/providers/k8s/kubernetes-role.ts @@ -1,9 +1,7 @@ import { RbacAuthorizationV1Api } from '@kubernetes/client-node'; class KubernetesRole { - static async createRole(serviceAccountName: string, namespace: string) { - const rbac = new RbacAuthorizationV1Api(); - + static async createRole(serviceAccountName: string, namespace: string, rbac: RbacAuthorizationV1Api) { // create admin kubernetes role and role binding const roleBinding = { apiVersion: 'rbac.authorization.k8s.io/v1', @@ -47,8 +45,7 @@ class KubernetesRole { return { roleBindingResponse, roleResponse }; } - public static async deleteRole(serviceAccountName: string, namespace: string) { - const rbac = new RbacAuthorizationV1Api(); + public static async deleteRole(serviceAccountName: string, namespace: string, rbac: RbacAuthorizationV1Api) { await rbac.deleteNamespacedRoleBinding(`${serviceAccountName}-admin`, namespace); await rbac.deleteNamespacedRole(`${serviceAccountName}-admin`, namespace); }