Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def renku_secret(global_config):
config = pulumi.Config()
notebooks_values = pulumi.Config('notebooks')
notebooks_values = notebooks_values.require_object('values')
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
k8s_config = pulumi.Config('kubernetes')
gitlab_client_secret = notebooks_values['jupyterhub']['auth']['gitlab']['clientSecret']
if not gitlab_client_secret:
gitlab_client_secret = RandomPassword(
'keycloak_db_password',
length=64,
special=True,
number=True,
upper=True)
gateway_gitlab_client_secret = global_values['gateway']['gitlabClientSecret']
if not gateway_gitlab_client_secret:
gateway_gitlab_client_secret = RandomPassword(
'keycloak_db_password',
import pulumi
from pulumi import ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_azure.core import ResourceGroup
from pulumi_azure.containerservice import KubernetesCluster
from pulumi_azuread import Application, ServicePrincipal, ServicePrincipalPassword
# read and set config values
config = pulumi.Config("azure-py-aks")
PASSWORD = config.require_secret("password")
SSHKEY = config.require("sshkey")
LOCATION = config.get("location") or "east us"
# create a Resource Group and Network for all resources
resource_group = ResourceGroup("aks-rg")
# create Azure AD Application for AKS
app = Application("aks-app")
# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal(
"aks-app-sp",
application_id=app.application_id,
)
import pulumi
from pulumi import Output
from pulumi_azure import core, compute, network
config = pulumi.Config("azure-web")
username = config.require("username")
password = config.require("password")
resource_group = core.ResourceGroup("server", location="West US")
net = network.VirtualNetwork(
"server-network",
resource_group_name=resource_group.name,
location=resource_group.location,
address_spaces=["10.0.0.0/16"],
subnets=[{
"name": "default",
"address_prefix": "10.0.1.0/24",
}])
subnet = network.Subnet(
"server-subnet",
def deploy():
config = pulumi.Config()
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
# global config is used to propagate dynamic values
global_config = {}
global_config['http'] = 'https' if global_values['useHTTPS'] else 'http'
global_config['global'] = global_values
if config.require_bool('gitlab_enabled'):
gps, gss = gitlab_secrets()
g = gitlab(config, global_config)
gitlab_postinstall_job(global_config, gps, [g, gss])
renku_secret(global_config)
def renku_graph(config, global_config, postgres_secret, token_secret):
graph_config = pulumi.Config('graph')
values = graph_config.require_object('values')
k8s_config = pulumi.Config("kubernetes")
global_config = pulumi.Config('global')
global_values = global_config.require_object('values')
values['global'] = global_values
#generate passwords
# admin_password = RandomPassword("admin_password", length=8, special=True, number=True, upper=True)
# values.jena.users.admin['password'] = admin_password.result.apply(lambda p: b64encode(p.encode()).decode('ascii'))
# renku_password = RandomPassword("renku_password", length=8, special=True, number=True, upper=True)
# values.jena.users.renku['password'] = renku_password.result.apply(lambda p: b64encode(p.encode()).decode('ascii'))
# hook_token = RandomPassword("hook_token", length=8, special=True, number=True, upper=True)
# values.webhookService.hookToken.secret = hook_token.result.apply(lambda p: b64encode(p.encode()).decode('ascii'))
import pulumi
from pulumi_kubernetes.helm.v2 import Chart, ChartOpts
config = pulumi.Config()
def minio(config, global_config):
minio_config = pulumi.Config('minio')
values = minio_config.require_object('values')
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
values['global'] = global_values
return Chart(
'{}-minio'.format(pulumi.get_stack()),
config=ChartOpts(
chart='minio',
repo='stable',
version='1.6.0',
values=values
import pulumi_digitalocean as do
from pulumi import Config, export, Output, ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
config = Config()
node_count = config.get_float("nodeCount") or 3
app_replica_count = config.get_float("appReplicaCount") or 5
domain_name = config.get("domainName")
cluster = do.KubernetesCluster(
"do-cluster",
region="sfo2",
version="latest",
node_pool={
"name": "default",
"size": "s-2vcpu-2gb",
"node_count": node_count
})
k8s_provider = Provider("do-k8s", kubeconfig=cluster.kube_configs[0]["rawConfig"] )
def configmaps(global_config):
config = pulumi.Config('gateway')
gateway_values = config.require_object('values')
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
k8s_config = pulumi.Config('kubernetes')
stack = pulumi.get_stack()
gateway_name = "{}-{}-gateway".format(stack, pulumi.get_project())
gateway_metadata = {
'labels':
{
'app': gateway_name,
'release': stack
}
}
template_values = {
'release_name': stack,
'fullname': gateway_name,
def services(global_config, gateway_auth_depl, gateway_depl):
config = pulumi.Config('gateway')
gateway_values = config.require_object('values')
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
k8s_config = pulumi.Config('kubernetes')
stack = pulumi.get_stack()
gateway_name = "{}-{}-gateway".format(stack, pulumi.get_project())
gateway_metadata = {
'labels':
{
'app': gateway_name,
'release': stack
def gitlab_postinstall_job(global_config, postgres_secret, dependencies=[]):
config = pulumi.Config()
global_values = pulumi.Config('global')
global_values = global_values.require_object('values')
k8s_config = pulumi.Config('kubernetes')
stack = pulumi.get_stack()
project = pulumi.get_project()
renku_name = '{}-{}'.format(stack, project)
name = '{}-post-install-gitlab'.format(stack)
return Job(
name,
metadata={
'labels':