From f2e2128e235987651f161df3ccb9d247923e8651 Mon Sep 17 00:00:00 2001
From: "Keerthan Reddy Mala (kmala)" <keerthan.mala@gmail.com>
Date: Thu, 15 Dec 2016 17:17:25 -0700
Subject: [PATCH] fix(slugrunner): use init container to download the slug from
 objectstorage

---
 rootfs/scheduler/resources/pod.py | 41 ++++++++++++++++++++++++++++---
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/rootfs/scheduler/resources/pod.py b/rootfs/scheduler/resources/pod.py
index 04fa64359..1968caf84 100644
--- a/rootfs/scheduler/resources/pod.py
+++ b/rootfs/scheduler/resources/pod.py
@@ -140,15 +140,22 @@ def manifest(self, namespace, name, image, **kwargs):
                 'secret': {
                     'secretName': 'objectstorage-keyfile'
                 }
+            }, {
+                'name': 'slugdir',
+                'emptyDir': {}
             }]
 
             # added to kwargs to send to the container function
             kwargs['volumeMounts'] = [{
-                'name': 'objectstorage-keyfile',
-                'mountPath': '/var/run/secrets/deis/objectstore/creds',
-                'readOnly': True
+                'name': 'slugdir',
+                'mountPath': '/app'
             }]
 
+            container_manifest = self._get_init_container_manifest(**kwargs)
+            if 'annotations' not in manifest['metadata']:
+                manifest['metadata']['annotations'] = {}
+            manifest['metadata']['annotations']['pod.beta.kubernetes.io/init-containers'] = '[{}]'.format(str(container_manifest).replace("'","\""))  # noqa
+
         # create the base container
         container = {}
 
@@ -171,6 +178,34 @@ def manifest(self, namespace, name, image, **kwargs):
 
         return manifest
 
+    def _get_init_container_manifest(self, **kwargs):
+        env = kwargs.get('envs', {})
+        manifest = {
+            "name": "slug-downloader",
+            "image": "quay.io/deis/base:v0.3.5",
+            "imagePullPolicy": "IfNotPresent",
+            "command": ["/bin/bash"],
+            "args": ["-c", "curl https://storage.googleapis.com/object-storage-cli/bb8e054/objstorage-bb8e054-linux-amd64 -o /bin/objstorage && chmod +x /bin/objstorage && GET_PATH=/slugdir/slug.tgz && export BUCKET_FILE=/var/run/secrets/deis/objectstore/creds/builder-bucket && if [ $BUILDER_STORAGE == minio ]; then mkdir -p /app/objectstore/minio && echo git > /app/objectstore/minio/builder-bucket && export BUCKET_FILE=/app/objectstore/minio/builder-bucket; elif [ $BUILDER_STORAGE == azure ] || [ $BUILDER_STORAGE == swift ]; then export CONTAINER_FILE=/var/run/secrets/deis/objectstore/creds/builder-container; fi && objstorage --storage-type=$BUILDER_STORAGE download $SLUG_URL $GET_PATH && tar -xzf $GET_PATH -C /slugdir && rm $GET_PATH"],  # noqa
+            "volumeMounts": [
+                {
+                    "name": "slugdir",
+                    "mountPath": "/slugdir"
+                },
+                {
+                    "name": "objectstorage-keyfile",
+                    "mountPath": "/var/run/secrets/deis/objectstore/creds"
+                }
+            ]
+        }
+        manifest['env'] = []
+        for key in ['BUILDER_STORAGE', 'DEIS_MINIO_SERVICE_PORT', 'DEIS_MINIO_SERVICE_HOST', 'SLUG_URL']:  # noqa
+            item = {
+                "name": key,
+                "value": env.get(key, {})
+            }
+            manifest["env"].append(item)
+        return manifest
+
     def _set_container(self, namespace, container_name, data, **kwargs):
         """Set app container information (env, healthcheck, etc) on a Pod"""
         env = kwargs.get('envs', {})