Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const vname = "build-storage";
this.runner.spec.volumes.push({
name: vname,
persistentVolumeClaim: { claimName: e.workerID.toLowerCase() }
} as kubernetes.V1Volume);
let mnt = volumeMount(vname, job.storage.path);
this.runner.spec.containers[0].volumeMounts.push(mnt);
}
// If the job needs access to a docker daemon, mount in the host's docker socket
if (job.docker.enabled && project.allowHostMounts) {
var dockerVol = new kubernetes.V1Volume();
var dockerMount = new kubernetes.V1VolumeMount();
var hostPath = new kubernetes.V1HostPathVolumeSource();
hostPath.path = jobs.dockerSocketMountPath;
dockerVol.name = jobs.dockerSocketMountName;
dockerVol.hostPath = hostPath;
dockerMount.name = jobs.dockerSocketMountName;
dockerMount.mountPath = jobs.dockerSocketMountPath;
this.runner.spec.volumes.push(dockerVol);
for (let i = 0; i < this.runner.spec.containers.length; i++) {
this.runner.spec.containers[i].volumeMounts.push(dockerMount);
}
}
// If the job defines volumes, add them to the pod's volume list.
// If the volume type is `hostPath`, first check if the project allows host mounts
// and throw an error if it it does not.
for (let v of job.volumes) {
if (v.hostPath != undefined && !project.allowHostMounts) {
throw new Error(`allowHostMounts is false in this project, not mounting ${v.hostPath.path}`);
}
name: vname,
persistentVolumeClaim: { claimName: e.workerID.toLowerCase() }
} as kubernetes.V1Volume);
let mnt = volumeMount(vname, job.storage.path);
this.runner.spec.containers[0].volumeMounts.push(mnt);
}
// If the job needs access to a docker daemon, mount in the host's docker socket
if (job.docker.enabled && project.allowHostMounts) {
var dockerVol = new kubernetes.V1Volume();
var dockerMount = new kubernetes.V1VolumeMount();
var hostPath = new kubernetes.V1HostPathVolumeSource();
hostPath.path = jobs.dockerSocketMountPath;
dockerVol.name = jobs.dockerSocketMountName;
dockerVol.hostPath = hostPath;
dockerMount.name = jobs.dockerSocketMountName;
dockerMount.mountPath = jobs.dockerSocketMountPath;
this.runner.spec.volumes.push(dockerVol);
for (let i = 0; i < this.runner.spec.containers.length; i++) {
this.runner.spec.containers[i].volumeMounts.push(dockerMount);
}
}
// If the job defines volumes, add them to the pod's volume list.
// If the volume type is `hostPath`, first check if the project allows host mounts
// and throw an error if it it does not.
for (let v of job.volumes) {
if (v.hostPath != undefined && !project.allowHostMounts) {
throw new Error(`allowHostMounts is false in this project, not mounting ${v.hostPath.path}`);
}
this.runner.spec.volumes.push(v);
}