Skip to content

Commit 274e525

Browse files
sgaistsgaist
committed
refactor: make the pod owner of the secret once created
1 parent b5eef26 commit 274e525

File tree

1 file changed

+29
-4
lines changed

1 file changed

+29
-4
lines changed

binderhub/build.py

Lines changed: 29 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -382,10 +382,17 @@ def submit(self):
382382

383383
env = []
384384
if self.git_credentials:
385-
secret = client.V1Secret()
386-
secret.string_data = {"credentials": self.git_credentials}
387-
secret.metadata = {"name": self.name}
388-
secret.type = "Opaque"
385+
secret = client.V1Secret(
386+
metadata=client.V1ObjectMeta(
387+
name=self.name,
388+
labels={
389+
"name": self.name,
390+
"component": self._component_label,
391+
},
392+
),
393+
string_data={"credentials": self.git_credentials},
394+
type="Opaque",
395+
)
389396

390397
self.api.create_namespaced_secret(self.namespace, secret)
391398

@@ -497,6 +504,24 @@ def submit(self):
497504
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
498505
phase = self.pod.status.phase
499506
if phase == "Pending":
507+
if self.git_credentials:
508+
owner_reference = client.V1OwnerReference(
509+
api_version="v1",
510+
kind="Pod",
511+
name=self.pod.metadata.name,
512+
uid=self.pod.metadata.uid,
513+
)
514+
self.api.patch_namespaced_secret(
515+
namespace=self.namespace,
516+
name=self.pod.metadata.name,
517+
body=[
518+
{
519+
"op": "replace",
520+
"path": "/metadata/ownerReferences",
521+
"value": [owner_reference],
522+
}
523+
],
524+
)
500525
self.progress(
501526
ProgressEvent.Kind.BUILD_STATUS_CHANGE,
502527
ProgressEvent.BuildStatus.PENDING,

0 commit comments

Comments
 (0)