DEV-23991-watcher-ns: add missing ns parameter, fixing redirect URLs …

…composition logic
AccessibleAI · Sep 29, 2024 · ca1a066 · ca1a066
1 parent f1b879a
commit ca1a066
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 8 deletions.
diff --git a/charts/mlops/templates/cap.yml b/charts/mlops/templates/cap.yml
@@ -104,6 +104,11 @@ spec:
     baseConfig:
       jobsStorageClass: {{.Values.controlPlane.baseConfig.jobsStorageClass}}
       featureFlags:
+      {{- if eq .Values.platform "ocp"}}
+        OCP_ENABLED: "true"
+      {{- else }}
+        OCP_ENABLED: "false"
+      {{- end }}
       {{- range $fk, $fv := .Values.controlPlane.baseConfig.featureFlags }}
         {{$fk}}: "{{$fv}}"
       {{- end }}
@@ -284,7 +289,11 @@ spec:
         credsRef: {{.Values.dbs.prom.grafana.credsRef}}
   networking:
     ingress:
+      {{- if eq .Values.platform "ocp"}}
+      type: "openshift"
+      {{- else}}
       type: {{.Values.networking.ingress.type}}
+      {{- end }}
       timeout: {{.Values.networking.ingress.timeout}}
       retriesAttempts: {{.Values.networking.ingress.retriesAttempts}}
       perTryTimeout: {{.Values.networking.ingress.perTryTimeout}}
@@ -311,16 +320,16 @@ spec:
     enabled: {{.Values.sso.enabled}}
     version: {{.Values.sso.version}}
     pki:
-      enabled: {{.Values.sso.pki.enabled}}
+      enabled: {{.Values.sso.enabled}}
       rootCaSecret: {{.Values.sso.pki.rootCaSecret}}
       privateKeySecret: {{.Values.sso.pki.privateKeySecret}}
       publicKeySecret: {{.Values.sso.pki.publicKeySecret}}
     jwks:
-      enabled: {{.Values.sso.jwks.enabled}}
+      enabled: {{.Values.sso.enabled}}
       image: {{.Values.sso.jwks.image}}
       cacheImage: {{.Values.sso.jwks.cacheImage}}
     central:
-      enabled: {{.Values.sso.central.enabled}}
+      enabled: {{.Values.sso.enabled}}
       publicUrl: {{.Values.sso.central.publicUrl}}
       oauthProxyImage: {{.Values.sso.central.oauthProxyImage}}
       centralUiImage: {{.Values.sso.central.centralUiImage}}
@@ -344,7 +353,7 @@ spec:
         cpu: "{{.Values.sso.central.limits.cpu}}"
         memory: "{{.Values.sso.central.limits.memory}}"
     proxy:
-      enabled: {{.Values.sso.proxy.enabled}}
+      enabled: {{.Values.sso.enabled}}
       image: {{.Values.sso.proxy.image}}
       address: {{.Values.sso.proxy.address}}
       readiness: {{.Values.sso.proxy.readiness}}

diff --git a/charts/mlops/values.yaml b/charts/mlops/values.yaml
@@ -103,7 +103,6 @@ controlPlane:
       CNVRG_ENABLE_MOUNT_FOLDERS: false
       CNVRG_MOUNT_HOST_FOLDERS: false
       CNVRG_PROMETHEUS_METRICS: true
-      OCP_ENABLED: false
     sentryUrl: ''
     runJobsOnSelfCluster: ''
     agentCustomTag: ''
@@ -340,7 +339,7 @@ sso:
       memory: 4Gi
   proxy:
     enabled: false
-    image: cnvrg-proxy:ns-watch-scope
+    image: cnvrg-proxy:4d10ded
     address: ""
     readiness: true
     requests:

diff --git a/pkg/app/sso/central.go b/pkg/app/sso/central.go
@@ -64,7 +64,11 @@ func (c *CentralStateManager) depData() map[string]interface{} {
 		"Namespace":   c.app.Namespace,
 		"SsoDomainId": strings.Split(c.app.Spec.ClusterDomain, ".")[0],
 		"Spec":        c.app.Spec,
-		"AppUrl":      fmt.Sprintf("%s://%s.%s", c.schema(), c.app.Spec.ControlPlane.WebApp.SvcName, c.app.Spec.ClusterDomain),
+		"AppUrl": fmt.Sprintf("%s://%s%s.%s", c.schema(),
+			c.app.Spec.Networking.ClusterDomainPrefix.Prefix,
+			c.app.Spec.ControlPlane.WebApp.SvcName,
+			c.app.Spec.ClusterDomain,
+		),
 	}
 }
 
@@ -79,9 +83,10 @@ func (c *CentralStateManager) proxyCfgData() map[string]interface{} {
 		"Provider":     c.app.Spec.SSO.Central.Provider,
 		"ClientId":     c.app.Spec.SSO.Central.ClientID,
 		"ClientSecret": c.app.Spec.SSO.Central.ClientSecret,
-		"RedirectUrl": fmt.Sprintf("%s://%s.%s/oauth2/callback",
+		"RedirectUrl": fmt.Sprintf("%s://%s%s.%s/oauth2/callback",
 			c.schema(),
 			c.app.Spec.SSO.Central.SvcName,
+			c.app.Spec.Networking.ClusterDomainPrefix.Prefix,
 			c.app.Spec.ClusterDomain),
 		"OidcIssuerURL":                    c.app.Spec.SSO.Central.OidcIssuerURL,
 		"Scope":                            c.app.Spec.SSO.Central.Scope,

diff --git a/pkg/app/sso/tmpl/proxy/dep.tpl b/pkg/app/sso/tmpl/proxy/dep.tpl
@@ -66,6 +66,7 @@ spec:
           - start
           - --authz-addr=127.0.0.1:50052
           - --ingress-type={{.Spec.Networking.Ingress.Type}}
+          - --namespace={{.Namespace }}
         ports:
           - containerPort: 8888
         {{- if isTrue .Spec.SSO.Proxy.Readiness }}
@@ -90,6 +91,7 @@ spec:
           - /opt/app-root/authz
           - start
           - --ingress-type={{.Spec.Networking.Ingress.Type}}
+          - --namespace={{.Namespace }}
         resources:
           limits:
             cpu: {{ .Spec.SSO.Proxy.Limits.Cpu }}