Skip to content

Commit

Permalink
chore update func tests for tls changes
Browse files Browse the repository at this point in the history 
chore: convert interpod tls field to bool

Signed-off-by: Humair Khan <[email protected]>
  • Loading branch information
@HumairAK
HumairAK committed May 27, 2024
1 parent 70dba66 commit b61ae67
Show file tree
Hide file tree
Showing 22 changed files with 165 additions and 200 deletions.
6 changes: 3 additions & 3 deletions api/v1alpha1/dspipeline_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,9 @@ type DSPASpec struct {
// +kubebuilder:default:="v1"
DSPVersion string `json:"dspVersion,omitempty"`

// InterPodTLS Set to "enable" or "disable" tls communication between DSPA components. Default to "enable". Only supported in OpenShift.
// +kubebuilder:default:="enabled"
InterPodTLS string `json:"InterPodTLS,omitempty"`
// InterPodTLS Set to "true" or "false" tls communication between DSPA components. Default to enable Inter-Pod tls by setting to "true". Only supported in OpenShift.
// +kubebuilder:default:=true
InterPodTLS bool `json:"interPodTLS,omitempty"`

// WorkflowController is an argo-specific component that manages a DSPA's Workflow objects and handles the orchestration of them with the central Argo server
// +kubebuilder:validation:Optional
Expand Down
12 changes: 6 additions & 6 deletions ...ses/datasciencepipelinesapplications.opendatahub.io_datasciencepipelinesapplications.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,12 +35,6 @@ spec:
type: object
spec:
properties:
InterPodTLS:
default: enabled
description: InterPodTLS Set to "enable" or "disable" tls communication
between DSPA components. Default to "enable". Only supported in
OpenShift.
type: string
apiServer:
default:
deploy: true
Expand Down Expand Up @@ -347,6 +341,12 @@ spec:
dspVersion:
default: v1
type: string
interPodTLS:
default: true
description: InterPodTLS Set to "true" or "false" tls communication
between DSPA components. Default to enable Inter-Pod tls by setting
to "true". Only supported in OpenShift.
type: boolean
mlmd:
properties:
deploy:
Expand Down
4 changes: 2 additions & 2 deletions config/internal/mlpipelines-ui/deployment.yaml.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,6 @@ spec:
value: "true"
- name: ML_PIPELINE_SERVICE_HOST
value: {{.APIServerServiceDNSName}}
- name: DISABLE_GKE_METADATA
value: 'true'
- name: ML_PIPELINE_SERVICE_PORT
value: '8888'
{{ if .InterPodTLS }}
Expand Down Expand Up @@ -78,6 +76,8 @@ spec:
- name: AWS_SSL
value: "false"
{{ end }}
- name: DISABLE_GKE_METADATA
value: 'true'
image: {{.MlPipelineUI.Image}}
imagePullPolicy: IfNotPresent
livenessProbe:
Expand Down
2 changes: 1 addition & 1 deletion controllers/dspipeline_params.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ type DSPAParams struct {
CustomCABundle *dspa.CABundle
DSPONamespace string
// Use to enable tls communication between component pods.
InterPodTLS string
InterPodTLS bool

APIServerServiceDNSName string
}
Expand Down
37 changes: 14 additions & 23 deletions controllers/testdata/declarative/case_0/expected/created/apiserver_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ spec:
- --config=/config
- -logtostderr=true
- --sampleconfig=/config/sample_config.json
- --tlsCertPath=/etc/tls/private/tls.crt
- --tlsCertKeyPath=/etc/tls/private/tls.key
ports:
- containerPort: 8888
name: http
Expand All @@ -126,29 +128,15 @@ spec:
name: grpc
protocol: TCP
livenessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
readinessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
resources:
requests:
cpu: 250m
Expand All @@ -160,6 +148,8 @@ spec:
- name: server-config
mountPath: /config/config.json
subPath: config.json
- mountPath: /etc/tls/private
name: proxy-tls
- mountPath: /config/sample_config.json
name: sample-config
subPath: sample_config.json
Expand All @@ -170,7 +160,8 @@ spec:
- --https-address=:8443
- --provider=openshift
- --openshift-service-account=ds-pipeline-testdsp0
- --upstream=http://localhost:8888
- --upstream=https://ds-pipeline-testdsp0.default.svc.cluster.local:8888
- --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- --tls-cert=/etc/tls/private/tls.crt
- --tls-key=/etc/tls/private/tls.key
- --cookie-secret=SECRET
Expand Down
4 changes: 4 additions & 0 deletions controllers/testdata/declarative/case_0/expected/created/persistence-agent_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ spec:
value: ""
- name: EXECUTIONTYPE
value: PipelineRun
- name: SSL_CERT_DIR
value: "/etc/pki/tls/certs:/var/run/secrets/kubernetes.io/serviceaccount/"
image: persistenceagent:test0
imagePullPolicy: IfNotPresent
name: ds-pipeline-persistenceagent
Expand All @@ -48,6 +50,8 @@ spec:
- "--namespace=default"
- "--mlPipelineServiceHttpPort=8888"
- "--mlPipelineServiceGRPCPort=8887"
- "--mlPipelineAPIServerName=https://ds-pipeline-testdsp0.default.svc.cluster.local:8888"
- "--mlPipelineServiceTLSEnabled=true"
livenessProbe:
exec:
command:
Expand Down
37 changes: 14 additions & 23 deletions controllers/testdata/declarative/case_2/expected/created/apiserver_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ spec:
- --config=/config
- -logtostderr=true
- --sampleconfig=/config/sample_config.json
- --tlsCertPath=/etc/tls/private/tls.crt
- --tlsCertKeyPath=/etc/tls/private/tls.key
ports:
- containerPort: 8888
name: http
Expand All @@ -126,29 +128,15 @@ spec:
name: grpc
protocol: TCP
livenessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
readinessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
resources:
requests:
cpu: 1231m
Expand All @@ -160,6 +148,8 @@ spec:
- name: server-config
mountPath: /config/config.json
subPath: testserverconfigmapkeydspa2
- mountPath: /etc/tls/private
name: proxy-tls
- mountPath: /config/sample_config.json
name: sample-config
subPath: sample_config.json
Expand All @@ -170,7 +160,8 @@ spec:
- --https-address=:8443
- --provider=openshift
- --openshift-service-account=ds-pipeline-testdsp2
- --upstream=http://localhost:8888
- --upstream=https://ds-pipeline-testdsp2.default.svc.cluster.local:8888
- --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- --tls-cert=/etc/tls/private/tls.crt
- --tls-key=/etc/tls/private/tls.key
- --cookie-secret=SECRET
Expand Down
8 changes: 7 additions & 1 deletion controllers/testdata/declarative/case_2/expected/created/mlpipelines-ui_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,13 @@ spec:
- name: ARGO_ARCHIVE_LOGS
value: "true"
- name: ML_PIPELINE_SERVICE_HOST
value: ds-pipeline-testdsp2
value: ds-pipeline-testdsp2.default.svc.cluster.local
- name: ML_PIPELINE_SERVICE_PORT
value: '8888'
- name: ML_PIPELINE_SERVICE_SCHEME
value: 'https'
- name: NODE_EXTRA_CA_CERTS
value: '/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt'
- name: METADATA_ENVOY_SERVICE_SERVICE_HOST
value: ds-pipeline-md-testdsp2
- name: METADATA_ENVOY_SERVICE_SERVICE_PORT
Expand All @@ -69,6 +73,8 @@ spec:
value: "minio-testdsp2.default.svc.cluster.local"
- name: AWS_SSL
value: "false"
- name: DISABLE_GKE_METADATA
value: 'true'
image: frontend:test2
imagePullPolicy: IfNotPresent
livenessProbe:
Expand Down
2 changes: 2 additions & 0 deletions controllers/testdata/declarative/case_2/expected/created/persistence-agent_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ spec:
value: ""
- name: EXECUTIONTYPE
value: PipelineRun
- name: SSL_CERT_DIR
value: "/etc/pki/tls/certs:/var/run/secrets/kubernetes.io/serviceaccount/"
image: persistenceagent:test2
imagePullPolicy: IfNotPresent
name: ds-pipeline-persistenceagent
Expand Down
37 changes: 14 additions & 23 deletions controllers/testdata/declarative/case_3/expected/created/apiserver_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,8 @@ spec:
args:
- --config=/config
- -logtostderr=true
- --tlsCertPath=/etc/tls/private/tls.crt
- --tlsCertKeyPath=/etc/tls/private/tls.key
ports:
- containerPort: 8888
name: http
Expand All @@ -125,33 +127,21 @@ spec:
name: grpc
protocol: TCP
livenessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
readinessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
volumeMounts:
- name: server-config
mountPath: /config/config.json
subPath: config.json
- mountPath: /etc/tls/private
name: proxy-tls
resources:
requests:
cpu: 250m
Expand All @@ -164,7 +154,8 @@ spec:
- --https-address=:8443
- --provider=openshift
- --openshift-service-account=ds-pipeline-testdsp3
- --upstream=http://localhost:8888
- --upstream=https://ds-pipeline-testdsp3.default.svc.cluster.local:8888
- --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- --tls-cert=/etc/tls/private/tls.crt
- --tls-key=/etc/tls/private/tls.key
- --cookie-secret=SECRET
Expand Down
37 changes: 14 additions & 23 deletions controllers/testdata/declarative/case_4/expected/created/apiserver_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,9 +118,13 @@ spec:
- name: server-config
mountPath: /config/config.json
subPath: config.json
- mountPath: /etc/tls/private
name: proxy-tls
args:
- --config=/config
- -logtostderr=true
- --tlsCertPath=/etc/tls/private/tls.crt
- --tlsCertKeyPath=/etc/tls/private/tls.key
ports:
- containerPort: 8888
name: http
Expand All @@ -129,29 +133,15 @@ spec:
name: grpc
protocol: TCP
livenessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
readinessProbe:
exec:
command:
- wget
- -q
- -S
- -O
- '-'
- http://localhost:8888/apis/v1beta1/healthz
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
httpGet:
path: /apis/v1beta1/healthz
port: http
scheme: HTTPS
resources:
requests:
cpu: 1231m
Expand All @@ -164,7 +154,8 @@ spec:
- --https-address=:8443
- --provider=openshift
- --openshift-service-account=ds-pipeline-testdsp4
- --upstream=http://localhost:8888
- --upstream=https://ds-pipeline-testdsp4.default.svc.cluster.local:8888
- --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- --tls-cert=/etc/tls/private/tls.crt
- --tls-key=/etc/tls/private/tls.key
- --cookie-secret=SECRET
Expand Down
8 changes: 7 additions & 1 deletion controllers/testdata/declarative/case_4/expected/created/mlpipelines-ui_deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,13 @@ spec:
- name: ARGO_ARCHIVE_LOGS
value: "true"
- name: ML_PIPELINE_SERVICE_HOST
value: ds-pipeline-testdsp4
value: ds-pipeline-testdsp4.default.svc.cluster.local
- name: ML_PIPELINE_SERVICE_PORT
value: '8888'
- name: ML_PIPELINE_SERVICE_SCHEME
value: 'https'
- name: NODE_EXTRA_CA_CERTS
value: '/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt'
- name: METADATA_ENVOY_SERVICE_SERVICE_HOST
value: ds-pipeline-md-testdsp4
- name: METADATA_ENVOY_SERVICE_SERVICE_PORT
Expand All @@ -69,6 +73,8 @@ spec:
value: "minio-testdsp4.default.svc.cluster.local"
- name: AWS_SSL
value: "false"
- name: DISABLE_GKE_METADATA
value: 'true'
image: this-frontend-image-from-cr-should-be-used:test4
imagePullPolicy: IfNotPresent
livenessProbe:
Expand Down
Loading

0 comments on commit b61ae67

Please sign in to comment.