Adjust test cases and unit tests

Author: ChristianZaccaria

src/codeflare_sdk/templates/base-template.yaml

@@ -121,6 +121,11 @@ spec:
                     valueFrom:
                       fieldRef:
                         fieldPath: status.podIP
+                  - name: COOKIE_SECRET
+                    valueFrom:
+                      secretKeyRef:
+                        key: cookie_secret
+                        name: jobtest-oauth-config
                   - name: RAY_USE_TLS
                     value: "0"
                   - name: RAY_TLS_SERVER_CERT
@@ -171,12 +176,6 @@ spec:
                   - mountPath: /etc/ssl/certs/odh-ca-bundle.crt
                     name: odh-ca-cert
                     subPath: odh-ca-bundle.crt
-                  env:
-                  - name: COOKIE_SECRET
-                    valueFrom:
-                      secretKeyRef:
-                        name: jobtest-oauth-config
-                        key: cookie_secret
                 initContainers:
                 - command:
                   - sh

src/codeflare_sdk/utils/generate_yaml.py

@@ -226,12 +226,15 @@ def update_names(yaml, item, appwrapper_name, cluster_name, namespace, openshift
     lower_meta = item.get("generictemplate", {}).get("metadata")
     lower_meta["labels"]["workload.codeflare.dev/appwrapper"] = appwrapper_name
     lower_meta["annotations"]["codeflare.dev/oauth"] = f"{openshift_oauth}"
-    lower_spec = item.get("generictemplate", {}).get("spec")
-    lower_spec["headGroupSpec"]["template"]["spec"]["containers"][0]["env"][-1][
-        "valueFrom"
-    ]["secretKeyRef"]["name"] = f"{cluster_name}-oauth-config"
     lower_meta["name"] = cluster_name
     lower_meta["namespace"] = namespace
+    lower_spec = item.get("generictemplate", {}).get("spec")
+    if openshift_oauth:
+        lower_spec["headGroupSpec"]["template"]["spec"]["containers"][0]["env"][1][
+            "valueFrom"
+        ]["secretKeyRef"]["name"] = f"{cluster_name}-oauth-config"
+    if not openshift_oauth:
+        del lower_spec["headGroupSpec"]["template"]["spec"]["containers"][0]["env"][1]
 
 
 def update_labels(yaml, instascale, instance_types):
@@ -440,7 +443,7 @@ def enable_local_interactive(resources, cluster_name, namespace, ingress_domain)
     # update_tls_env
     item["generictemplate"]["spec"]["headGroupSpec"]["template"]["spec"]["containers"][
         0
-    ]["env"][1]["value"] = "1"
+    ]["env"][2]["value"] = "1"
     item["generictemplate"]["spec"]["workerGroupSpecs"][0]["template"]["spec"][
         "containers"
     ][0]["env"][1]["value"] = "1"
@@ -612,7 +615,7 @@ def _create_oauth_sidecar_object(
             "--upstream=http://localhost:8265",
             f"--tls-cert={tls_mount_location}/tls.crt",
             f"--tls-key={tls_mount_location}/tls.key",
-            f"--cookie-secret={b64encode(urandom(64)).decode('utf-8')}",  # create random string for encrypting cookie
+            "--cookie-secret=$(COOKIE_SECRET)",
             f'--openshift-delegate-urls={{"/":{{"resource":"pods","namespace":"{namespace}","verb":"get"}}}}',
         ],
         image="registry.redhat.io/openshift4/ose-oauth-proxy@sha256:1ea6a01bf3e63cdcf125c6064cbd4a4a270deaf0f157b3eabb78f60556840366",

tests/test-case-no-mcad.yamls

@@ -2,6 +2,8 @@
 apiVersion: ray.io/v1
 kind: RayCluster
 metadata:
+  annotations:
+    codeflare.dev/oauth: 'False'
   labels:
     controller-tools.k8s.io: '1.0'
     workload.codeflare.dev/appwrapper: unit-test-cluster-ray

tests/test-case-prio.yaml

@@ -32,6 +32,8 @@ spec:
         apiVersion: ray.io/v1
         kind: RayCluster
         metadata:
+          annotations:
+            codeflare.dev/oauth: 'False'
           labels:
             controller-tools.k8s.io: '1.0'
             workload.codeflare.dev/appwrapper: prio-test-cluster

tests/test-case.yaml

@@ -31,6 +31,8 @@ spec:
         apiVersion: ray.io/v1
         kind: RayCluster
         metadata:
+          annotations:
+            codeflare.dev/oauth: 'False'
           labels:
             controller-tools.k8s.io: '1.0'
             workload.codeflare.dev/appwrapper: unit-test-cluster

tests/test-default-appwrapper.yaml

@@ -29,6 +29,8 @@ spec:
         apiVersion: ray.io/v1
         kind: RayCluster
         metadata:
+          annotations:
+            codeflare.dev/oauth: 'False'
           labels:
             controller-tools.k8s.io: '1.0'
             workload.codeflare.dev/appwrapper: unit-test-default-cluster

tests/unit_test.py

@@ -2793,11 +2793,11 @@ def test_enable_local_interactive(mocker):
     # 3. Required Envs to enable TLS encryption between head and workers
     for i in range(len(tls_env)):
         assert (
-            head_group_spec["template"]["spec"]["containers"][0]["env"][i + 1]["name"]
+            head_group_spec["template"]["spec"]["containers"][0]["env"][i + 2]["name"]
             == tls_env[i]["name"]
         )
         assert (
-            head_group_spec["template"]["spec"]["containers"][0]["env"][i + 1]["value"]
+            head_group_spec["template"]["spec"]["containers"][0]["env"][i + 2]["value"]
             == tls_env[i]["value"]
         )
         assert (