Hello!
I am working on implementing preflights that are checking connectivity to S3 buckets before an app version is deployed/updated. I am using runPod collectors in combination with textAnalyzers.
I can see the runPods being executed in the cluster, they terminate quickly, but I could verify the result of checks by querying their logs while they were present.
I have 4 buckets for which I have 4 runPod collectors and 4 textAnalyzers.
RunPods return 0 if the connection could be established or another exit code if it fails.
One of these runPods look like:
- runPod:
name: "aws-credentials-check-accounts-service"
timeout: 15s
exclude: '{{repl not ( and ( ConfigOption "offload_s3" | ParseBool ) ( not ( ConfigOption "secrets_provided" | ParseBool ))) }}'
namespace: default
podSpec:
containers:
- name: aws-credentials-check-accounts-service
image: amazon/aws-cli:2.27.46
command: ["/bin/sh"]
args:
- -c
- >
aws s3 ls "s3://{{repl ConfigOption "dummy" | TrimSpace | ToLower }}" --no-verify-ssl > /dev/null 2>&1; echo $?
env:
- name: AWS_ACCESS_KEY_ID
value: '{{repl ConfigOption "external_s3_accounts_access_key_id" }}'
- name: AWS_SECRET_ACCESS_KEY
value: '{{repl ConfigOption "external_s3_accounts_access_secret" }}'
while the textAnalyzer that should check for the result looks like:
- textAnalyze:
exclude: '{{repl not ( and ( ConfigOption "offload_s3" | ParseBool ) ( not ( ConfigOption "secrets_provided" | ParseBool ))) }}'
checkName: "S3 Storage Credentials - Accounts Service (Direct Credentials)"
fileName: "aws-credentials-check-accounts-service/aws-credentials-check-accounts-service.log"
regex: '^0$'
strict: false
outcomes:
- pass:
when: "true"
message: "The credentials you provided can access the right bucket."
- fail:
when: "false"
message: "We could not access the dummy bucket with the given account service credentials."
In my setup all checks are always failing, while only 2 of them should fail and 2 pass (according to test cases and outputs from the runPods).
Can you please assist if it is the correct usage of textAnalyzers with the output of runPods and point me to the issue? If not, what other collector+analyzer configuration could help?
Thanks!