From c9c80ad9b9f9e814fed24877d175e790999e08db Mon Sep 17 00:00:00 2001
From: Sandro La Bruzzo <sandro.labruzzo@isti.cnr.it>
Date: Thu, 2 May 2024 11:31:17 +0200
Subject: [PATCH] updated airflow roles

---
 envs/local/airflow.yaml    |  2 +-
 modules/airflow/airflow.tf | 82 +++++++++++++++++++-------------------
 2 files changed, 42 insertions(+), 42 deletions(-)

diff --git a/envs/local/airflow.yaml b/envs/local/airflow.yaml
index aa83a13..2eb8c99 100644
--- a/envs/local/airflow.yaml
+++ b/envs/local/airflow.yaml
@@ -42,7 +42,7 @@ config:
   logging:
     remote_logging: "True"
     logging_level: "INFO"
-    remote_base_log_folder: "s3://lot1-airflow/logs"
+    remote_base_log_folder: "s3://dnet-airflow/logs"
     remote_log_conn_id: "s3_conn"
     encrypt_s3_logs: "False"
 
diff --git a/modules/airflow/airflow.tf b/modules/airflow/airflow.tf
index 0bc369e..fada7c8 100644
--- a/modules/airflow/airflow.tf
+++ b/modules/airflow/airflow.tf
@@ -13,47 +13,47 @@ resource "kubernetes_namespace" "spark_jobs_namespace" {
 #   }
 # }
 #
-# resource "kubernetes_role" "airflow_spark_role" {
-#   depends_on = [kubernetes_namespace.spark_jobs_namespace]
-#   metadata {
-#     name      = "airflow-spark-role"
-#     namespace = "${var.namespace_prefix}spark-jobs"
-#   }
-#
-#   rule {
-#     api_groups = ["sparkoperator.k8s.io"]
-#     resources  = ["sparkapplications", "sparkapplications/status",
-#         "scheduledsparkapplications", "scheduledsparkapplications/status"]
-#     verbs      = ["*"]
-#   }
-#
-#   rule {
-#     api_groups = [""]
-#     resources  = ["pods/log"]
-#     verbs      = ["*"]
-#   }
-# }
-#
-# resource "kubernetes_role_binding_v1" "airflow_spark_role_binding" {
-#   depends_on = [kubernetes_namespace.spark_jobs_namespace]
-#   metadata {
-#     name      = "airflow-spark-role-binding"
-#     namespace = "${var.namespace_prefix}spark-jobs"
-#   }
-#
-#   subject {
-#     kind      = "ServiceAccount"
-#     name      = "airflow-worker"
-#     namespace = "${var.namespace_prefix}airflow"
-#   }
-#
-#   role_ref {
-#     api_group = "rbac.authorization.k8s.io"
-#     kind      = "Role"
-#     name      = "airflow-spark-role"
-#   }
-# }
-#
+resource "kubernetes_role" "airflow_spark_role" {
+  depends_on = [kubernetes_namespace.spark_jobs_namespace]
+  metadata {
+    name      = "airflow-spark-role"
+    namespace = "${var.namespace_prefix}spark-jobs"
+  }
+
+  rule {
+    api_groups = ["sparkoperator.k8s.io"]
+    resources  = ["sparkapplications", "sparkapplications/status",
+        "scheduledsparkapplications", "scheduledsparkapplications/status"]
+    verbs      = ["*"]
+  }
+
+  rule {
+    api_groups = [""]
+    resources  = ["pods/log"]
+    verbs      = ["*"]
+  }
+}
+
+resource "kubernetes_role_binding_v1" "airflow_spark_role_binding" {
+  depends_on = [kubernetes_namespace.spark_jobs_namespace]
+  metadata {
+    name      = "airflow-spark-role-binding"
+    namespace = "${var.namespace_prefix}spark-jobs"
+  }
+
+  subject {
+    kind      = "ServiceAccount"
+    name      = "airflow-worker"
+    namespace = "${var.namespace_prefix}airflow"
+  }
+
+  role_ref {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "Role"
+    name      = "airflow-spark-role"
+  }
+}
+
 resource "kubernetes_role_binding_v1" "airflow_spark_role_binding2" {
  depends_on = [kubernetes_namespace.spark_jobs_namespace]
  metadata {