adding a deployment ansible script for hpcs server and bumping server…

… version

k8s/hpcs-server-statefulset.yaml

@@ -21,20 +21,20 @@ spec:
       shareProcessNamespace: true
       containers:
         - name: hpcs-server
-          image: ghcr.io/cscfi/hpcs/server:k8s_plan
+          image: ghcr.io/cscfi/hpcs/server:0.1.1
           ports:
             - containerPort: 10080
               name: hpcs-server
           volumeMounts:
-          - name: hpcs-server-configs
-            mountPath: /tmp/
-            readOnly: false
-          - name: hpcs-spire-sockets
-            mountPath: /var/run/sockets
-            readOnly: false
-          - name: hpcs-spire-agent-token
-            mountPath: /var/run/secrets/tokens
-            readOnly: true
+            - name: hpcs-server-configs
+              mountPath: /tmp/
+              readOnly: false
+            - name: hpcs-spire-sockets
+              mountPath: /var/run/sockets
+              readOnly: false
+            - name: hpcs-spire-agent-token
+              mountPath: /var/run/secrets/tokens
+              readOnly: true
       volumes:
         - name: hpcs-server-configs
           configMap:
@@ -46,10 +46,10 @@ spec:
         - name: hpcs-spire-agent-token
           projected:
             sources:
-            - serviceAccountToken:
-                path: spire-agent
-                expirationSeconds: 7200
-                audience: spire-server
+              - serviceAccountToken:
+                  path: spire-agent
+                  expirationSeconds: 7200
+                  audience: spire-server
   volumeClaimTemplates:
     - metadata:
         name: spire-agent-data

server/app.py

@@ -6,7 +6,7 @@
     get_server_identity_JWT,
     validate_client_JWT_SVID,
 )
-from lib  import spire_interactions
+from lib import spire_interactions
 from tools.docker_utils import get_build_env_image_digests
 from pyspiffe.spiffe_id.spiffe_id import SpiffeId
 from pyspiffe.workloadapi import default_jwt_source
@@ -31,16 +31,13 @@
         "spire-server-bin"
     ]
 
-if configuration["spire-server"].get("pre-command"):
-    spire_interactions.pre_command = configuration["spire-server"]["pre-command"]
-    if configuration["spire-server"]["pre-command"] == '""':
-
 if configuration["spire-agent"].get("spire-agent-socket"):
     spire_interactions.jwt_workload_api = default_jwt_source.DefaultJwtSource(
         workload_api_client=None,
         spiffe_socket_path=f"unix://{configuration['spire-agent'].get('spire-agent-socket')}",
         timeout_in_seconds=None,
     )
+
 else:
     spire_interactions.jwt_workload_api = default_jwt_source.DefaultJwtSource(
         workload_api_client=None,