Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: reserved system name checks when creating templates #746

Open
wants to merge 104 commits into
base: master
Choose a base branch
from

Conversation

Vafilor
Copy link
Contributor

@Vafilor Vafilor commented Nov 25, 2020

What this PR does:

Updated workspace templates' associated workflow templates to have a sys- prefix to indicate it is a system resource.

Also added checks to workflow/workspace template creation so they don't allow sys- prefixes.

Which issue(s) this PR fixes:
Fixes #256

Special notes for your reviewer:

To test:

Try creating a workflow template and workspace template with a sys- prefixed name. You should get an error.

Try creating a workspace template and check in the database that the newly created workflow template has a sys- prefixed name.

Checklist

Please check if applies

  • I have added/updated relevant unit tests
  • I have added/updated relevant documentation

Required

  • I accept to release these changes under the Apache 2.0 License

… sure they don't allow sys- prefixed names.

Also updated workspace creation so that the workflow templates created by workspace templates have a sys- prefix.
@Vafilor Vafilor added the kind/bug Something isn't working label Nov 25, 2020
@Vafilor Vafilor added this to the v0.16.0 milestone Nov 25, 2020
@Vafilor Vafilor self-assigned this Nov 25, 2020
@aleksandrmelnikov
Copy link
Contributor

Code looks good, need to go through test cases.

@aleksandrmelnikov
Copy link
Contributor

Point of concern.
I was trying to run this PR against my existing cluster.
It looks like the migrations are looking for sys prefixed templates.

  • But prior to this change, they won't be sys prefixed.
2020-12-02T20:53:31.330701457Z time="2020-12-02T20:53:31Z" level=error msg="Could not get latest argo workflow template" Error="not found" Namespace=default WorkflowTemplate="&{2 0001-01-01 00:00:00 +0000 UTC <nil> sys-cvat  sys-cvat arguments:\n  parameters:\n  - displayName: Workspace name\n    hint: Must be between 3-30 characters, contain only alphanumeric or `-` characters\n    name: sys-name\n    required: true\n    type: input.text\n    value: name\n  - name: sys-resource-action\n    type: input.hidden\n    value: apply\n  - name: sys-workspace-action\n    type: input.hidden\n    value: create\n  - name: sys-uid\n    type: input.hidden\n    value: uid\n  - name: sys-host\n    type: input.hidden\n    value: alex002.onepanel.io\n  - name: sys-node-pool-label\n    type: input.hidden\n    value: node.kubernetes.io/instance-type\n  - displayName: Node pool\n    hint: Name of node pool or group\n    name: sys-node-pool\n    options:\n    - name: 4cpu_16ram_gb\n      value: Standard_D4s_v3\n    - name: gpu_12cpu_112ram_gb_2gpu\n      value: Standard_NC12\n    - name: gpu_6cpu_56gbram_1gpu\n      value: Standard_NC6_Promo\n    required: true\n    type: select.select\n    value: Standard_D4s_v3\n  - displayName: Directory to sync raw input and training output\n    hint: Location (relative to current namespace) to sync raw input, models and checkpoints\n      from default object storage to '/share'.\n    name: sync-directory\n    value: workflow-data\n  - displayName: Disk size for \"cvat-data\"\n    hint: Disk size in MB for volume mounted at `/cvat`\n    name: sys-cvat-data-volume-size\n    required: true\n    type: input.number\n    value: \"20480\"\n  - displayName: Disk size for \"share\"\n    hint: Disk size in MB for volume mounted at `/share`\n    name: sys-share-volume-size\n    required: true\n    type: input.number\n    value: \"20480\"\nentrypoint: workspace\nonExit: handleExit\ntemplates:\n- arguments: {}\n  dag:\n    tasks:\n    - arguments: {}\n      name: exit-handler\n      template: sys-update-workspace-status\n  inputs: {}\n  metadata: {}\n  name: handleExit\n  outputs: {}\n- arguments: {}\n  dag:\n    failFast: false\n    tasks:\n    - arguments: {}\n      name: service\n      template: service-resource\n    - arguments: {}\n      dependencies:\n      - service\n      name: virtual-service\n      template: virtual-service-resource\n    - arguments: {}\n      dependencies:\n      - virtual-service\n      name: create-stateful-set\n      template: stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments:\n        parameters:\n        - name: update-revision\n          value: '{{tasks.create-stateful-set.outputs.parameters.update-revision}}'\n      dependencies:\n      - create-stateful-set\n      name: get-stateful-set\n      template: get-stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments: {}\n      dependencies:\n      - get-stateful-set\n      name: create-workspace\n      template: workspace-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments: {}\n      dependencies:\n      - virtual-service\n      name: delete-stateful-set\n      template: delete-stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == pause || {{workflow.parameters.sys-workspace-action}}\n        == delete'\n    - arguments: {}\n      dependencies:\n      - delete-stateful-set\n      name: delete-workspace\n      template: workspace-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == pause || {{workflow.parameters.sys-workspace-action}}\n        == delete'\n    - arguments:\n        parameters:\n        - name: sys-pvc-name\n          value: '{{item}}'\n      dependencies:\n      - delete-workspace\n      name: delete-pvc\n      template: delete-pvc-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == delete'\n      withItems:\n      - db\n      - sys-dshm\n      - cvat-data\n      - share\n      - sys-namespace-config\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Running\n      dependencies:\n      - create-workspace\n      name: sys-set-phase-running\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Paused\n      dependencies:\n      - delete-workspace\n      name: sys-set-phase-paused\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == pause'\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Terminated\n      dependencies:\n      - delete-pvc\n      name: sys-set-phase-terminated\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == delete'\n  inputs: {}\n  metadata: {}\n  name: workspace\n  outputs: {}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: service-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: v1\n      kind: Service\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        ports:\n        - name: cvat-ui\n          port: 80\n          protocol: TCP\n          targetPort: 80\n        - name: cvat\n          port: 8080\n          protocol: TCP\n          targetPort: 8080\n        - name: fs\n          port: 8888\n          protocol: TCP\n          targetPort: 8888\n        selector:\n          app: '{{workflow.parameters.sys-uid}}'\n      status:\n        loadBalancer: {}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: virtual-service-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: networking.istio.io/v1alpha3\n      kind: VirtualService\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        gateways:\n        - istio-system/ingressgateway\n        hosts:\n        - '{{workflow.parameters.sys-host}}'\n        http:\n        - match:\n          - uri:\n              prefix: /sys/filesyncer\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 8888\n        - match:\n          - uri:\n              regex: /api/.*|/git/.*|/tensorflow/.*|/onepanelio/.*|/tracking/.*|/auto_annotation/.*|/analytics/.*|/static/.*|/admin/.*|/documentation/.*|/dextr/.*|/reid/.*\n          - queryParams:\n              id:\n                regex: \\d+.*\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 8080\n        - match:\n          - uri:\n              prefix: /\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 80\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: stateful-set-resource\n  outputs:\n    parameters:\n    - name: update-revision\n      valueFrom:\n        jsonPath: '{.status.updateRevision}'\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        replicas: 1\n        selector:\n          matchLabels:\n            app: '{{workflow.parameters.sys-uid}}'\n        serviceName: '{{workflow.parameters.sys-uid}}'\n        template:\n          metadata:\n            creationTimestamp: null\n            labels:\n              app: '{{workflow.parameters.sys-uid}}'\n          spec:\n            containers:\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: POSTGRES_USER\n                value: root\n              - name: POSTGRES_DB\n                value: cvat\n              - name: POSTGRES_HOST_AUTH_METHOD\n                value: trust\n              - name: PGDATA\n                value: /var/lib/psql/data\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: postgres:10-alpine\n              name: cvat-db\n              ports:\n              - containerPort: 5432\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /var/lib/psql\n                name: db\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: redis:4.0-alpine\n              name: cvat-redis\n              ports:\n              - containerPort: 6379\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: DJANGO_MODWSGI_EXTRA_ARGS\n              - name: ALLOWED_HOSTS\n                value: '*'\n              - name: CVAT_REDIS_HOST\n                value: localhost\n              - name: CVAT_POSTGRES_HOST\n                value: localhost\n              - name: CVAT_SHARE_URL\n                value: /cvat/data\n              - name: CVAT_SHARE_DIR\n                value: /share\n              - name: CVAT_DATA_DIR\n                value: /cvat/data\n              - name: CVAT_MEDIA_DATA_DIR\n                value: /cvat/data/data\n              - name: CVAT_KEYS_DIR\n                value: /cvat/data/keys\n              - name: CVAT_MODELS_DIR\n                value: /cvat/data/models\n              - name: CVAT_LOGS_DIR\n                value: /cvat/logs\n              - name: ONEPANEL_SYNC_DIRECTORY\n                value: '{{workflow.parameters.sync-directory}}'\n              - name: NVIDIA_VISIBLE_DEVICES\n                value: all\n              - name: NVIDIA_DRIVER_CAPABILITIES\n                value: compute,utility\n              - name: NVIDIA_REQUIRE_CUDA\n                value: cuda>=10.0 brand=tesla,driver>=384,driver<385 brand=tesla,driver>=410,driver<411\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat:0.16.0_cvat.1.0.0\n              name: cvat\n              ports:\n              - containerPort: 8080\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /cvat\n                name: cvat-data\n              - mountPath: /share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat-ui:0.16.0_cvat.1.0.0\n              name: cvat-ui\n              ports:\n              - containerPort: 80\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - args:\n              - download\n              - -server-prefix=/sys/filesyncer\n              env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: FS_PATH\n                value: /mnt/share\n              - name: FS_PREFIX\n                value: '{{workflow.namespace}}/{{workflow.parameters.sync-directory}}'\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/filesyncer:s3\n              imagePullPolicy: Always\n              name: filesyncer\n              resources: {}\n              volumeMounts:\n              - mountPath: /mnt/share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            nodeSelector:\n              '{{workflow.parameters.sys-node-pool-label}}': '{{workflow.parameters.sys-node-pool}}'\n            volumes:\n            - emptyDir:\n                medium: Memory\n              name: sys-dshm\n            - name: sys-namespace-config\n              projected:\n                sources:\n                - configMap:\n                    name: onepanel\n                - secret:\n                    name: onepanel\n        volumeClaimTemplates:\n        - metadata:\n            creationTimestamp: null\n            name: db\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: 20Gi\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: cvat-data\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-cvat-data-vol2020-12-02T20:53:31.330701457Z ume-size}}Mi'\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: share\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-share-volume-size}}Mi'\n            storageClassName: onepanel\n    successCondition: status.readyReplicas > 0\n- arguments: {}\n  inputs:\n    parameters:\n    - name: update-revision\n  metadata: {}\n  name: get-stateful-set-resource\n  outputs: {}\n  resource:\n    action: get\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        name: {{workflow.parameters.sys-uid}}\n    successCondition: status.readyReplicas > 0, status.currentRevision == {{inputs.parameters.update-revision}}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: delete-stateful-set-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        replicas: 1\n        selector:\n          matchLabels:\n            app: '{{workflow.parameters.sys-uid}}'\n        serviceName: '{{workflow.parameters.sys-uid}}'\n        template:\n          metadata:\n            creationTimestamp: null\n            labels:\n              app: '{{workflow.parameters.sys-uid}}'\n          spec:\n            containers:\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: POSTGRES_USER\n                value: root\n              - name: POSTGRES_DB\n                value: cvat\n              - name: POSTGRES_HOST_AUTH_METHOD\n                value: trust\n              - name: PGDATA\n                value: /var/lib/psql/data\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: postgres:10-alpine\n              name: cvat-db\n              ports:\n              - containerPort: 5432\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /var/lib/psql\n                name: db\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: redis:4.0-alpine\n              name: cvat-redis\n              ports:\n              - containerPort: 6379\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: DJANGO_MODWSGI_EXTRA_ARGS\n              - name: ALLOWED_HOSTS\n                value: '*'\n              - name: CVAT_REDIS_HOST\n                value: localhost\n              - name: CVAT_POSTGRES_HOST\n                value: localhost\n              - name: CVAT_SHARE_URL\n                value: /cvat/data\n              - name: CVAT_SHARE_DIR\n                value: /share\n              - name: CVAT_DATA_DIR\n                value: /cvat/data\n              - name: CVAT_MEDIA_DATA_DIR\n                value: /cvat/data/data\n              - name: CVAT_KEYS_DIR\n                value: /cvat/data/keys\n              - name: CVAT_MODELS_DIR\n                value: /cvat/data/models\n              - name: CVAT_LOGS_DIR\n                value: /cvat/logs\n              - name: ONEPANEL_SYNC_DIRECTORY\n                value: '{{workflow.parameters.sync-directory}}'\n              - name: NVIDIA_VISIBLE_DEVICES\n                value: all\n              - name: NVIDIA_DRIVER_CAPABILITIES\n                value: compute,utility\n              - name: NVIDIA_REQUIRE_CUDA\n                value: cuda>=10.0 brand=tesla,driver>=384,driver<385 brand=tesla,driver>=410,driver<411\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat:0.16.0_cvat.1.0.0\n              name: cvat\n              ports:\n              - containerPort: 8080\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /cvat\n                name: cvat-data\n              - mountPath: /share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat-ui:0.16.0_cvat.1.0.0\n              name: cvat-ui\n              ports:\n              - containerPort: 80\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - args:\n              - download\n              - -server-prefix=/sys/filesyncer\n              env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: FS_PATH\n                value: /mnt/share\n              - name: FS_PREFIX\n                value: '{{workflow.namespace}}/{{workflow.parameters.sync-directory}}'\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/filesyncer:s3\n              imagePullPolicy: Always\n              name: filesyncer\n              resources: {}\n              volumeMounts:\n              - mountPath: /mnt/share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            nodeSelector:\n              '{{workflow.parameters.sys-node-pool-label}}': '{{workflow.parameters.sys-node-pool}}'\n            volumes:\n            - emptyDir:\n                medium: Memory\n              name: sys-dshm\n            - name: sys-namespace-config\n              projected:\n                sources:\n                - configMap:\n                    name: onepanel\n                - secret:\n                    name: onepanel\n        volumeClaimTemplates:\n        - metadata:\n            creationTimestamp: null\n            name: db\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: 20Gi\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: cvat-data\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-cvat-data-volume-size}}Mi'\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: share\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-share-volume-size}}Mi'\n            storageClassName: onepanel\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: workspace-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: onepanel.io/v1alpha1\n      kind: Workspace\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n- arguments: {}\n  inputs:\n    parameters:\n    - name: sys-pvc-name\n  metadata: {}\n  name: delete-pvc-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: v1\n      kind: PersistentVolumeClaim\n      metadata:\n        name: {{inputs.parameters.sys-pvc-name}}-{{workflow.parameters.sys-uid}}-0\n- arguments: {}\n  container:\n    args:\n    - 'SERVICE_ACCOUNT_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\n      && curl -X PUT -s -o /dev/null -w ''%{http_code}'' --connect-timeout 10 --retry\n      5 --retry-delay 5 ''http://onepanel-core.onepanel.svc.cluster.local/apis/v1beta1/{{workflow.namespace}}/workspaces/{{workflow.parameters.sys-uid}}/status''\n      -H \"Content-Type: application/json\" -H ''Connection: keep-alive'' -H ''Accept:\n      application/json'' -H ''Authorization: Bearer ''\"$SERVICE_ACCOUNT_TOKEN\"''''\n      --data ''{\"phase\":\"{{workflow.status}}\"}'' --compressed'\n    command:\n    - sh\n    - -c\n    image: curlimages/curl\n    name: curl\n    resources: {}\n  inputs: {}\n  metadata: {}\n  name: sys-update-workspace-status\n  outputs: {}\n- arguments: {}\n  container:\n    args:\n    - 'SERVICE_ACCOUNT_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\n      && curl -X PUT -s -o /dev/null -w ''%{http_code}'' --connect-timeout 10 --retry\n      5 --retry-delay 5 ''http://onepanel-core.onepanel.svc.cluster.local/apis/v1beta1/{{workflow.namespace}}/workspaces/{{workflow.parameters.sys-uid}}/status''\n      -H \"Content-Type: application/json\" -H ''Connection: keep-alive'' -H ''Accept:\n      application/json'' -H ''Authorization: Bearer ''\"$SERVICE_ACCOUNT_TOKEN\"''''\n      --data ''{\"phase\":\"{{inputs.parameters.sys-workspace-phase}}\"}'' --compressed'\n    command:\n    - sh\n    - -c\n    image: curlimages/curl\n    name: curl\n    resources: {}\n  inputs:\n    parameters:\n    - name: sys-workspace-phase\n  metadata: {}\n  name: sys-update-status\n  outputs: {}\n 0 0 false false false nil map[] <nil> <nil> 55 <nil> <nil> []}"
2020-12-02T20:53:31.342148256Z time="2020-12-02T20:53:31Z" level=fatal msg="Failed to run database go migrations: failed to run Go migration \"20201115133046_update_cvat_env_vars.go\": not found"

@Vafilor
Copy link
Contributor Author

Vafilor commented Dec 2, 2020

Point of concern.
I was trying to run this PR against my existing cluster.
It looks like the migrations are looking for sys prefixed templates.

  • But prior to this change, they won't be sys prefixed.
2020-12-02T20:53:31.330701457Z time="2020-12-02T20:53:31Z" level=error msg="Could not get latest argo workflow template" Error="not found" Namespace=default WorkflowTemplate="&{2 0001-01-01 00:00:00 +0000 UTC <nil> sys-cvat  sys-cvat arguments:\n  parameters:\n  - displayName: Workspace name\n    hint: Must be between 3-30 characters, contain only alphanumeric or `-` characters\n    name: sys-name\n    required: true\n    type: input.text\n    value: name\n  - name: sys-resource-action\n    type: input.hidden\n    value: apply\n  - name: sys-workspace-action\n    type: input.hidden\n    value: create\n  - name: sys-uid\n    type: input.hidden\n    value: uid\n  - name: sys-host\n    type: input.hidden\n    value: alex002.onepanel.io\n  - name: sys-node-pool-label\n    type: input.hidden\n    value: node.kubernetes.io/instance-type\n  - displayName: Node pool\n    hint: Name of node pool or group\n    name: sys-node-pool\n    options:\n    - name: 4cpu_16ram_gb\n      value: Standard_D4s_v3\n    - name: gpu_12cpu_112ram_gb_2gpu\n      value: Standard_NC12\n    - name: gpu_6cpu_56gbram_1gpu\n      value: Standard_NC6_Promo\n    required: true\n    type: select.select\n    value: Standard_D4s_v3\n  - displayName: Directory to sync raw input and training output\n    hint: Location (relative to current namespace) to sync raw input, models and checkpoints\n      from default object storage to '/share'.\n    name: sync-directory\n    value: workflow-data\n  - displayName: Disk size for \"cvat-data\"\n    hint: Disk size in MB for volume mounted at `/cvat`\n    name: sys-cvat-data-volume-size\n    required: true\n    type: input.number\n    value: \"20480\"\n  - displayName: Disk size for \"share\"\n    hint: Disk size in MB for volume mounted at `/share`\n    name: sys-share-volume-size\n    required: true\n    type: input.number\n    value: \"20480\"\nentrypoint: workspace\nonExit: handleExit\ntemplates:\n- arguments: {}\n  dag:\n    tasks:\n    - arguments: {}\n      name: exit-handler\n      template: sys-update-workspace-status\n  inputs: {}\n  metadata: {}\n  name: handleExit\n  outputs: {}\n- arguments: {}\n  dag:\n    failFast: false\n    tasks:\n    - arguments: {}\n      name: service\n      template: service-resource\n    - arguments: {}\n      dependencies:\n      - service\n      name: virtual-service\n      template: virtual-service-resource\n    - arguments: {}\n      dependencies:\n      - virtual-service\n      name: create-stateful-set\n      template: stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments:\n        parameters:\n        - name: update-revision\n          value: '{{tasks.create-stateful-set.outputs.parameters.update-revision}}'\n      dependencies:\n      - create-stateful-set\n      name: get-stateful-set\n      template: get-stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments: {}\n      dependencies:\n      - get-stateful-set\n      name: create-workspace\n      template: workspace-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments: {}\n      dependencies:\n      - virtual-service\n      name: delete-stateful-set\n      template: delete-stateful-set-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == pause || {{workflow.parameters.sys-workspace-action}}\n        == delete'\n    - arguments: {}\n      dependencies:\n      - delete-stateful-set\n      name: delete-workspace\n      template: workspace-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == pause || {{workflow.parameters.sys-workspace-action}}\n        == delete'\n    - arguments:\n        parameters:\n        - name: sys-pvc-name\n          value: '{{item}}'\n      dependencies:\n      - delete-workspace\n      name: delete-pvc\n      template: delete-pvc-resource\n      when: '{{workflow.parameters.sys-workspace-action}} == delete'\n      withItems:\n      - db\n      - sys-dshm\n      - cvat-data\n      - share\n      - sys-namespace-config\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Running\n      dependencies:\n      - create-workspace\n      name: sys-set-phase-running\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == create || {{workflow.parameters.sys-workspace-action}}\n        == update'\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Paused\n      dependencies:\n      - delete-workspace\n      name: sys-set-phase-paused\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == pause'\n    - arguments:\n        parameters:\n        - name: sys-workspace-phase\n          value: Terminated\n      dependencies:\n      - delete-pvc\n      name: sys-set-phase-terminated\n      template: sys-update-status\n      when: '{{workflow.parameters.sys-workspace-action}} == delete'\n  inputs: {}\n  metadata: {}\n  name: workspace\n  outputs: {}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: service-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: v1\n      kind: Service\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        ports:\n        - name: cvat-ui\n          port: 80\n          protocol: TCP\n          targetPort: 80\n        - name: cvat\n          port: 8080\n          protocol: TCP\n          targetPort: 8080\n        - name: fs\n          port: 8888\n          protocol: TCP\n          targetPort: 8888\n        selector:\n          app: '{{workflow.parameters.sys-uid}}'\n      status:\n        loadBalancer: {}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: virtual-service-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: networking.istio.io/v1alpha3\n      kind: VirtualService\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        gateways:\n        - istio-system/ingressgateway\n        hosts:\n        - '{{workflow.parameters.sys-host}}'\n        http:\n        - match:\n          - uri:\n              prefix: /sys/filesyncer\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 8888\n        - match:\n          - uri:\n              regex: /api/.*|/git/.*|/tensorflow/.*|/onepanelio/.*|/tracking/.*|/auto_annotation/.*|/analytics/.*|/static/.*|/admin/.*|/documentation/.*|/dextr/.*|/reid/.*\n          - queryParams:\n              id:\n                regex: \\d+.*\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 8080\n        - match:\n          - uri:\n              prefix: /\n          route:\n          - destination:\n              host: '{{workflow.parameters.sys-uid}}'\n              port:\n                number: 80\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: stateful-set-resource\n  outputs:\n    parameters:\n    - name: update-revision\n      valueFrom:\n        jsonPath: '{.status.updateRevision}'\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        replicas: 1\n        selector:\n          matchLabels:\n            app: '{{workflow.parameters.sys-uid}}'\n        serviceName: '{{workflow.parameters.sys-uid}}'\n        template:\n          metadata:\n            creationTimestamp: null\n            labels:\n              app: '{{workflow.parameters.sys-uid}}'\n          spec:\n            containers:\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: POSTGRES_USER\n                value: root\n              - name: POSTGRES_DB\n                value: cvat\n              - name: POSTGRES_HOST_AUTH_METHOD\n                value: trust\n              - name: PGDATA\n                value: /var/lib/psql/data\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: postgres:10-alpine\n              name: cvat-db\n              ports:\n              - containerPort: 5432\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /var/lib/psql\n                name: db\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: redis:4.0-alpine\n              name: cvat-redis\n              ports:\n              - containerPort: 6379\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: DJANGO_MODWSGI_EXTRA_ARGS\n              - name: ALLOWED_HOSTS\n                value: '*'\n              - name: CVAT_REDIS_HOST\n                value: localhost\n              - name: CVAT_POSTGRES_HOST\n                value: localhost\n              - name: CVAT_SHARE_URL\n                value: /cvat/data\n              - name: CVAT_SHARE_DIR\n                value: /share\n              - name: CVAT_DATA_DIR\n                value: /cvat/data\n              - name: CVAT_MEDIA_DATA_DIR\n                value: /cvat/data/data\n              - name: CVAT_KEYS_DIR\n                value: /cvat/data/keys\n              - name: CVAT_MODELS_DIR\n                value: /cvat/data/models\n              - name: CVAT_LOGS_DIR\n                value: /cvat/logs\n              - name: ONEPANEL_SYNC_DIRECTORY\n                value: '{{workflow.parameters.sync-directory}}'\n              - name: NVIDIA_VISIBLE_DEVICES\n                value: all\n              - name: NVIDIA_DRIVER_CAPABILITIES\n                value: compute,utility\n              - name: NVIDIA_REQUIRE_CUDA\n                value: cuda>=10.0 brand=tesla,driver>=384,driver<385 brand=tesla,driver>=410,driver<411\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat:0.16.0_cvat.1.0.0\n              name: cvat\n              ports:\n              - containerPort: 8080\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /cvat\n                name: cvat-data\n              - mountPath: /share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat-ui:0.16.0_cvat.1.0.0\n              name: cvat-ui\n              ports:\n              - containerPort: 80\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - args:\n              - download\n              - -server-prefix=/sys/filesyncer\n              env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: FS_PATH\n                value: /mnt/share\n              - name: FS_PREFIX\n                value: '{{workflow.namespace}}/{{workflow.parameters.sync-directory}}'\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/filesyncer:s3\n              imagePullPolicy: Always\n              name: filesyncer\n              resources: {}\n              volumeMounts:\n              - mountPath: /mnt/share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            nodeSelector:\n              '{{workflow.parameters.sys-node-pool-label}}': '{{workflow.parameters.sys-node-pool}}'\n            volumes:\n            - emptyDir:\n                medium: Memory\n              name: sys-dshm\n            - name: sys-namespace-config\n              projected:\n                sources:\n                - configMap:\n                    name: onepanel\n                - secret:\n                    name: onepanel\n        volumeClaimTemplates:\n        - metadata:\n            creationTimestamp: null\n            name: db\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: 20Gi\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: cvat-data\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-cvat-data-vol2020-12-02T20:53:31.330701457Z ume-size}}Mi'\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: share\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-share-volume-size}}Mi'\n            storageClassName: onepanel\n    successCondition: status.readyReplicas > 0\n- arguments: {}\n  inputs:\n    parameters:\n    - name: update-revision\n  metadata: {}\n  name: get-stateful-set-resource\n  outputs: {}\n  resource:\n    action: get\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        name: {{workflow.parameters.sys-uid}}\n    successCondition: status.readyReplicas > 0, status.currentRevision == {{inputs.parameters.update-revision}}\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: delete-stateful-set-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: apps/v1\n      kind: StatefulSet\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n      spec:\n        replicas: 1\n        selector:\n          matchLabels:\n            app: '{{workflow.parameters.sys-uid}}'\n        serviceName: '{{workflow.parameters.sys-uid}}'\n        template:\n          metadata:\n            creationTimestamp: null\n            labels:\n              app: '{{workflow.parameters.sys-uid}}'\n          spec:\n            containers:\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: POSTGRES_USER\n                value: root\n              - name: POSTGRES_DB\n                value: cvat\n              - name: POSTGRES_HOST_AUTH_METHOD\n                value: trust\n              - name: PGDATA\n                value: /var/lib/psql/data\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: postgres:10-alpine\n              name: cvat-db\n              ports:\n              - containerPort: 5432\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /var/lib/psql\n                name: db\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: redis:4.0-alpine\n              name: cvat-redis\n              ports:\n              - containerPort: 6379\n                name: tcp\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: DJANGO_MODWSGI_EXTRA_ARGS\n              - name: ALLOWED_HOSTS\n                value: '*'\n              - name: CVAT_REDIS_HOST\n                value: localhost\n              - name: CVAT_POSTGRES_HOST\n                value: localhost\n              - name: CVAT_SHARE_URL\n                value: /cvat/data\n              - name: CVAT_SHARE_DIR\n                value: /share\n              - name: CVAT_DATA_DIR\n                value: /cvat/data\n              - name: CVAT_MEDIA_DATA_DIR\n                value: /cvat/data/data\n              - name: CVAT_KEYS_DIR\n                value: /cvat/data/keys\n              - name: CVAT_MODELS_DIR\n                value: /cvat/data/models\n              - name: CVAT_LOGS_DIR\n                value: /cvat/logs\n              - name: ONEPANEL_SYNC_DIRECTORY\n                value: '{{workflow.parameters.sync-directory}}'\n              - name: NVIDIA_VISIBLE_DEVICES\n                value: all\n              - name: NVIDIA_DRIVER_CAPABILITIES\n                value: compute,utility\n              - name: NVIDIA_REQUIRE_CUDA\n                value: cuda>=10.0 brand=tesla,driver>=384,driver<385 brand=tesla,driver>=410,driver<411\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat:0.16.0_cvat.1.0.0\n              name: cvat\n              ports:\n              - containerPort: 8080\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /cvat\n                name: cvat-data\n              - mountPath: /share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/cvat-ui:0.16.0_cvat.1.0.0\n              name: cvat-ui\n              ports:\n              - containerPort: 80\n                name: http\n              resources: {}\n              volumeMounts:\n              - mountPath: /dev/shm\n                name: sys-dshm\n            - args:\n              - download\n              - -server-prefix=/sys/filesyncer\n              env:\n              - name: ONEPANEL_RESOURCE_UID\n                value: '{{workflow.parameters.sys-uid}}'\n              - name: ONEPANEL_RESOURCE_NAMESPACE\n                value: '{{workflow.namespace}}'\n              - name: ONEPANEL_PROVIDER\n                value: aks\n              - name: ONEPANEL_DOMAIN\n                value: alex002.onepanel.io\n              - name: ONEPANEL_FQDN\n                value: app.alex002.onepanel.io\n              - name: ONEPANEL_API_URL\n                value: https://app.alex002.onepanel.io/api\n              - name: FS_PATH\n                value: /mnt/share\n              - name: FS_PREFIX\n                value: '{{workflow.namespace}}/{{workflow.parameters.sync-directory}}'\n              envFrom:\n              - secretRef:\n                  name: onepanel-default-env\n                  optional: true\n              image: onepanel/filesyncer:s3\n              imagePullPolicy: Always\n              name: filesyncer\n              resources: {}\n              volumeMounts:\n              - mountPath: /mnt/share\n                name: share\n              - mountPath: /etc/onepanel\n                name: sys-namespace-config\n                readOnly: true\n              - mountPath: /dev/shm\n                name: sys-dshm\n            nodeSelector:\n              '{{workflow.parameters.sys-node-pool-label}}': '{{workflow.parameters.sys-node-pool}}'\n            volumes:\n            - emptyDir:\n                medium: Memory\n              name: sys-dshm\n            - name: sys-namespace-config\n              projected:\n                sources:\n                - configMap:\n                    name: onepanel\n                - secret:\n                    name: onepanel\n        volumeClaimTemplates:\n        - metadata:\n            creationTimestamp: null\n            name: db\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: 20Gi\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: cvat-data\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-cvat-data-volume-size}}Mi'\n            storageClassName: onepanel\n        - metadata:\n            creationTimestamp: null\n            name: share\n          spec:\n            accessModes:\n            - ReadWriteOnce\n            resources:\n              requests:\n                storage: '{{workflow.parameters.sys-share-volume-size}}Mi'\n            storageClassName: onepanel\n- arguments: {}\n  inputs: {}\n  metadata: {}\n  name: workspace-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: onepanel.io/v1alpha1\n      kind: Workspace\n      metadata:\n        creationTimestamp: null\n        name: '{{workflow.parameters.sys-uid}}'\n- arguments: {}\n  inputs:\n    parameters:\n    - name: sys-pvc-name\n  metadata: {}\n  name: delete-pvc-resource\n  outputs: {}\n  resource:\n    action: '{{workflow.parameters.sys-resource-action}}'\n    manifest: |\n      apiVersion: v1\n      kind: PersistentVolumeClaim\n      metadata:\n        name: {{inputs.parameters.sys-pvc-name}}-{{workflow.parameters.sys-uid}}-0\n- arguments: {}\n  container:\n    args:\n    - 'SERVICE_ACCOUNT_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\n      && curl -X PUT -s -o /dev/null -w ''%{http_code}'' --connect-timeout 10 --retry\n      5 --retry-delay 5 ''http://onepanel-core.onepanel.svc.cluster.local/apis/v1beta1/{{workflow.namespace}}/workspaces/{{workflow.parameters.sys-uid}}/status''\n      -H \"Content-Type: application/json\" -H ''Connection: keep-alive'' -H ''Accept:\n      application/json'' -H ''Authorization: Bearer ''\"$SERVICE_ACCOUNT_TOKEN\"''''\n      --data ''{\"phase\":\"{{workflow.status}}\"}'' --compressed'\n    command:\n    - sh\n    - -c\n    image: curlimages/curl\n    name: curl\n    resources: {}\n  inputs: {}\n  metadata: {}\n  name: sys-update-workspace-status\n  outputs: {}\n- arguments: {}\n  container:\n    args:\n    - 'SERVICE_ACCOUNT_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\n      && curl -X PUT -s -o /dev/null -w ''%{http_code}'' --connect-timeout 10 --retry\n      5 --retry-delay 5 ''http://onepanel-core.onepanel.svc.cluster.local/apis/v1beta1/{{workflow.namespace}}/workspaces/{{workflow.parameters.sys-uid}}/status''\n      -H \"Content-Type: application/json\" -H ''Connection: keep-alive'' -H ''Accept:\n      application/json'' -H ''Authorization: Bearer ''\"$SERVICE_ACCOUNT_TOKEN\"''''\n      --data ''{\"phase\":\"{{inputs.parameters.sys-workspace-phase}}\"}'' --compressed'\n    command:\n    - sh\n    - -c\n    image: curlimages/curl\n    name: curl\n    resources: {}\n  inputs:\n    parameters:\n    - name: sys-workspace-phase\n  metadata: {}\n  name: sys-update-status\n  outputs: {}\n 0 0 false false false nil map[] <nil> <nil> 55 <nil> <nil> []}"
2020-12-02T20:53:31.342148256Z time="2020-12-02T20:53:31Z" level=fatal msg="Failed to run database go migrations: failed to run Go migration \"20201115133046_update_cvat_env_vars.go\": not found"

@aleksandrmelnikov Ah, good catch. I'll add a migration to update the old names.

Vafilor and others added 27 commits December 17, 2020 15:46
…les into their own subdirectory for easier separation of files.
… sure they don't allow sys- prefixed names.

Also updated workspace creation so that the workflow templates created by workspace templates have a sys- prefix.
…afilor/core into fix/onepanelio.core.256-reserved.names
@rushtehrani rushtehrani modified the milestones: v0.17.0, v0.18.0 Jan 5, 2021
@rushtehrani rushtehrani removed this from the v0.18.0 milestone Feb 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Can a workflow template name be taken by a workspace template?
4 participants