diff --git a/application_hub_context/app_hub_context.py b/application_hub_context/app_hub_context.py index e60c92e..025d3ee 100644 --- a/application_hub_context/app_hub_context.py +++ b/application_hub_context/app_hub_context.py @@ -377,7 +377,7 @@ def delete_role_binding(self, role_binding: RoleBinding): f"Exception deleting role {role_binding.role.name}: {e}\n" ) - def create_role_binding(self, name: str, subjects: [Subject], role: Role): + def create_role_binding(self, name: str, subjects: list[Subject], role: Role): if self.is_role_binding_created(name=name): return self.rbac_authorization_v1_api.read_namespaced_role_binding( name=name, namespace=self.namespace @@ -385,16 +385,15 @@ def create_role_binding(self, name: str, subjects: [Subject], role: Role): metadata = client.V1ObjectMeta(name=name, namespace=self.namespace) - role_ref = client.V1RoleRef(api_group="", kind="Role", name=role.name) + role_ref = client.V1RoleRef(api_group="rbac.authorization.k8s.io", kind="Role", name=role.name) subject_list = [] for subject in subjects: - subject = client.models.V1Subject( - api_group="", - kind=subject.kind.value, - name=subject.name, - namespace=self.namespace, - ) + subject = { + "kind": subject.kind.value, + "name": subject.name, + "namespace": self.namespace, + } subject_list.append(subject) body = client.V1RoleBinding( @@ -1024,7 +1023,7 @@ def initialise(self): ) self.spawner.log.info(f"env_from_secrets {env_from_secrets}") if env_from_secrets: - if self.spawner.extra_container_config["env_from"] is None: + if self.spawner.extra_container_config.get("env_from") is None: self.spawner.extra_container_config["env_from"] = [] for env_from_secret in env_from_secrets: diff --git a/application_hub_context/parser.py b/application_hub_context/parser.py index 64e37c9..0f63dac 100644 --- a/application_hub_context/parser.py +++ b/application_hub_context/parser.py @@ -11,26 +11,47 @@ def __init__(self, config_data, user_groups): self.config = Config(**config_data) self.user_groups = user_groups + @classmethod + def _render_templates(cls, obj, context): + """Recursively render Jinja templates in strings only.""" + if isinstance(obj, str): + if "{{" in obj: + return Template(obj).render(**context) + return obj + + if isinstance(obj, list): + return [cls._render_templates(i, context) for i in obj] + + if isinstance(obj, dict): + return { + k: cls._render_templates(v, context) + for k, v in obj.items() + } + + return obj + @classmethod def read_file(cls, config_path, user_groups, spawner, namespace): - """reads a config file encoded in YAML""" with open(config_path, "r") as stream: - try: - # Read the file as a raw string - raw_content = stream.read() - - # Render the content as a Jinja2 template - template = Template(raw_content) - rendered_content = template.render(spawner=spawner, - namespace=namespace) - - # Parse the rendered content as YAML - config_data = yaml.safe_load(rendered_content) - - except yaml.YAMLError as exc: - print(f"YAML Error: {exc}") - except Exception as e: - print(f"Error: {e}") + raw_content = stream.read() + + try: + # Parse YAML first (SAFE) + config_data = yaml.safe_load(raw_content) + + # Render templates selectively + context = { + "spawner": spawner, + "namespace": namespace, + } + config_data = cls._render_templates(config_data, context) + + except yaml.YAMLError as exc: + raise RuntimeError(f"Invalid YAML in {config_path}: {exc}") from exc + except Exception as exc: + raise RuntimeError( + f"Error processing config file {config_path}: {exc}" + ) from exc return cls(config_data=config_data, user_groups=user_groups) diff --git a/release.yaml b/release.yaml index b88c61f..2b900aa 100644 --- a/release.yaml +++ b/release.yaml @@ -1,4 +1,4 @@ image_name: application-hub image_prefix: eoepca -image_version: 1.5.1 +image_version: 1.5.2 image_registry: ghcr.io \ No newline at end of file diff --git a/setup.cfg b/setup.cfg index 135c20e..bdd13ef 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,4 +1,4 @@ [metadata] name = application-context-hub -version = 1.3.3 +version = 1.5.2