From 87b6529177a1578a01e65b88278818411f111963 Mon Sep 17 00:00:00 2001 From: Neil South Date: Tue, 30 Aug 2022 17:30:28 +0100 Subject: [PATCH 1/4] updates to helm files Signed-off-by: Neil South --- deploy/helm/Gateway.yaml | 7 +++- deploy/helm/MTM.yaml | 54 +++++++++++++++++++++++++++ deploy/helm/MWM.yaml | 5 ++- deploy/helm/templates/deployment.yaml | 2 +- deploy/helm/templates/volume.yml | 2 +- deploy/helm/templates/volumeclaim.yml | 2 +- 6 files changed, 66 insertions(+), 6 deletions(-) create mode 100644 deploy/helm/MTM.yaml diff --git a/deploy/helm/Gateway.yaml b/deploy/helm/Gateway.yaml index 3e7eb6dfb..7f3634f65 100644 --- a/deploy/helm/Gateway.yaml +++ b/deploy/helm/Gateway.yaml @@ -16,7 +16,10 @@ replicaCount: 1 image: repository: registry.gitlab.com/answerdigital/londonai/aide/workflow-manager-images/infomatics-gateway pullPolicy: IfNotPresent - tag: 2022-08-01 + tag: 2022-08-30-01 + +imagePullSecrets: + - name: gitlab-image-pull enviromentVariables: InformaticsGateway__messaging__publisherSettings__endpoint: "rabbitmq-monai" @@ -29,6 +32,8 @@ enviromentVariables: InformaticsGateway__storage__settings__accessKey: "rootminio" InformaticsGateway__storage__settings__accessToken: "rootminio" InformaticsGateway__dicom__scp__rejectUnknownSources: false + Kestrel__EndPoints__Http__Url: "http://::5000" + InformaticsGateway__storage__watermarkPercent: 95 service: diff --git a/deploy/helm/MTM.yaml b/deploy/helm/MTM.yaml new file mode 100644 index 000000000..c2f08a14c --- /dev/null +++ b/deploy/helm/MTM.yaml @@ -0,0 +1,54 @@ +# Copyright 2022 MONAI Consortium +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +replicaCount: 1 + +image: + repository: registry.gitlab.com/answerdigital/londonai/aide/workflow-manager-images/task-manager + pullPolicy: IfNotPresent + tag: 2022-08-22-02 + +imagePullSecrets: + - name: gitlab-image-pull + +enviromentVariables: + WorkflowManager__storage__settings__endpoint: "minio.monai:9000" + WorkflowManager__storage__settings__accessKey: "rootminio" + WorkflowManager__storage__settings__accessToken: "rootminio" + WorkflowManager__storage__settings__executableLocation: "mc" + WorkflowManager__messaging__publisherSettings__endpoint: "rabbitmq.monai" + WorkflowManager__messaging__subscriberSettings__endpoint: "rabbitmq.monai" + +enviromentVariablesFromSecrets: + secrets: + - name: WorkflowManager__messaging__subscriberSettings__username + secretName: rabbit-secret-master + secretKey: username + - name: WorkflowManager__messaging__subscriberSettings__password + secretName: rabbit-secret-master + secretKey: password + - name: WorkflowManager__messaging__publisherSettings__username + secretName: rabbit-secret-master + secretKey: username + - name: WorkflowManager__messaging__publisherSettings__password + secretName: rabbit-secret-master + secretKey: password + +service: + type: ClusterIP + port: 5000 + + + + diff --git a/deploy/helm/MWM.yaml b/deploy/helm/MWM.yaml index 31b88e673..f7dabd782 100644 --- a/deploy/helm/MWM.yaml +++ b/deploy/helm/MWM.yaml @@ -27,9 +27,10 @@ enviromentVariables: WorkflowManager__storage__settings__accessKey: "rootminio" WorkflowManager__storage__settings__accessToken: "rootminio" WorkflowManager__storage__settings__executableLocation: "mc" - WorkflowManager__messaging__publisherSettings__endpoint: "rabbitmq.monai" - WorkflowManager__messaging__subscriberSettings__endpoint: "rabbitmq.monai" + WorkflowManager__messaging__publisherSettings__endpoint: "rabbitmq-monai.monai" + WorkflowManager__messaging__subscriberSettings__endpoint: "rabbitmq-monai.monai" WorkloadManagerDatabase__ConnectionString: "mongodb://root:rootpassword@mongo-monai.monai:27017" + Kestrel__EndPoints__Http__Url: "http://::5000" enviromentVariablesFromSecrets: secrets: diff --git a/deploy/helm/templates/deployment.yaml b/deploy/helm/templates/deployment.yaml index 75a4f7261..29eb73a8e 100644 --- a/deploy/helm/templates/deployment.yaml +++ b/deploy/helm/templates/deployment.yaml @@ -63,7 +63,7 @@ spec: value: {{ $value | quote }} {{- end }} - {{- range .Values.enviromentVariablesFromSecrets.secrets }} + {{- range (.Values.enviromentVariablesFromSecrets).secrets }} - name: {{ .name }} valueFrom: secretKeyRef: diff --git a/deploy/helm/templates/volume.yml b/deploy/helm/templates/volume.yml index 2c894e0c6..939459536 100644 --- a/deploy/helm/templates/volume.yml +++ b/deploy/helm/templates/volume.yml @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -{{- if .Values.volumeMounts -}} +{{- if .Values.volumeMounts }} apiVersion: v1 kind: PersistentVolume metadata: diff --git a/deploy/helm/templates/volumeclaim.yml b/deploy/helm/templates/volumeclaim.yml index 6f1afd762..934c4468d 100644 --- a/deploy/helm/templates/volumeclaim.yml +++ b/deploy/helm/templates/volumeclaim.yml @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -{{- if .Values.volumeMounts -}} +{{- if .Values.volumeMounts }} apiVersion: v1 kind: PersistentVolumeClaim metadata: From a6ad884ddc2c2d98f1946a08c926c6c4b7d21ac2 Mon Sep 17 00:00:00 2001 From: Neil South Date: Tue, 6 Sep 2022 12:02:31 +0100 Subject: [PATCH 2/4] fix for running argo Signed-off-by: Neil South --- .gitignore | 2 ++ deploy/helm/MTM.yaml | 13 ++++++++++++- src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs | 15 +++++++++++++++ .../TaskManager/appsettings.Local.json | 2 +- .../WorkflowManager/appsettings.Local.json | 2 +- 5 files changed, 31 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index c0184ee48..290b2da19 100644 --- a/.gitignore +++ b/.gitignore @@ -577,3 +577,5 @@ GitExtensions.settings.backup *.AssemblyHooks.vb /src/WorkflowManager/mc.exe *.lutconfig +/src/TaskManager/TaskManager/Properties/launchSettings.json +/src/WorkflowManager/WorkflowManager/Properties/launchSettings.json diff --git a/deploy/helm/MTM.yaml b/deploy/helm/MTM.yaml index c2f08a14c..5020d89bf 100644 --- a/deploy/helm/MTM.yaml +++ b/deploy/helm/MTM.yaml @@ -17,7 +17,7 @@ replicaCount: 1 image: repository: registry.gitlab.com/answerdigital/londonai/aide/workflow-manager-images/task-manager pullPolicy: IfNotPresent - tag: 2022-08-22-02 + tag: 2022-09-05-01 imagePullSecrets: - name: gitlab-image-pull @@ -29,6 +29,7 @@ enviromentVariables: WorkflowManager__storage__settings__executableLocation: "mc" WorkflowManager__messaging__publisherSettings__endpoint: "rabbitmq.monai" WorkflowManager__messaging__subscriberSettings__endpoint: "rabbitmq.monai" + WorkloadManagerDatabase__ConnectionString: "mongodb://root:rootpassword@mongo-monai.monai:27017" enviromentVariablesFromSecrets: secrets: @@ -49,6 +50,16 @@ service: type: ClusterIP port: 5000 +serviceAccount: + create: true + name: mtm + namespace: monai + clusterrole: + name: clusterrole-taskmanager-argo-secret-master + rules: + apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] diff --git a/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs b/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs index 7af916ed2..e1eb29fee 100644 --- a/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs +++ b/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs @@ -486,6 +486,21 @@ private async Task CopyWorkflowTemplateToWorkflow(WorkflowTemplate workflowTempl await CopyTemplateSteps(template.Steps, workflowTemplate, name, workflow, cancellationToken).ConfigureAwait(false); await CopyTemplateDags(template.Dag, workflowTemplate, name, workflow, cancellationToken).ConfigureAwait(false); + CopyImagePullSecrets(workflowTemplate, workflow); + } + + private void CopyImagePullSecrets(WorkflowTemplate workflowTemplate, Workflow workflow) + { + Guard.Against.Null(workflowTemplate.Spec.ImagePullSecrets); + + if (workflowTemplate.Spec.ImagePullSecrets.Any()) + { + workflow.Spec.ImagePullSecrets = new List(); + foreach (var secret in workflowTemplate.Spec.ImagePullSecrets) + { + workflow.Spec.ImagePullSecrets.Add(secret); + } + } } /// diff --git a/src/TaskManager/TaskManager/appsettings.Local.json b/src/TaskManager/TaskManager/appsettings.Local.json index 5b064b104..dd755db63 100644 --- a/src/TaskManager/TaskManager/appsettings.Local.json +++ b/src/TaskManager/TaskManager/appsettings.Local.json @@ -1,6 +1,6 @@ { "WorkloadManagerDatabase": { - "ConnectionString": "mongodb://root:rootpassword@localhost:27017", + "ConnectionString": "mongodb://root:rootpassword@localhost:30017", "DatabaseName": "WorkloadManager", "WorkflowCollectionName": "Workflows", "WorkflowInstanceCollectionName": "WorkflowInstances", diff --git a/src/WorkflowManager/WorkflowManager/appsettings.Local.json b/src/WorkflowManager/WorkflowManager/appsettings.Local.json index 81442f4f6..0232dd3a3 100644 --- a/src/WorkflowManager/WorkflowManager/appsettings.Local.json +++ b/src/WorkflowManager/WorkflowManager/appsettings.Local.json @@ -1,6 +1,6 @@ { "WorkloadManagerDatabase": { - "ConnectionString": "mongodb://root:rootpassword@localhost:27017", + "ConnectionString": "mongodb://root:rootpassword@localhost:30017", "DatabaseName": "WorkloadManager", "WorkflowCollectionName": "Workflows", "WorkflowInstanceCollectionName": "WorkflowInstances", From c097d86d53774a76f6961d694d7e0f29f18d07f0 Mon Sep 17 00:00:00 2001 From: Neil South Date: Tue, 6 Sep 2022 15:25:56 +0100 Subject: [PATCH 3/4] fix for tests Signed-off-by: Neil South --- src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs b/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs index e1eb29fee..be7a0a53e 100644 --- a/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs +++ b/src/TaskManager/Plug-ins/Argo/ArgoPlugin.cs @@ -491,9 +491,7 @@ private async Task CopyWorkflowTemplateToWorkflow(WorkflowTemplate workflowTempl private void CopyImagePullSecrets(WorkflowTemplate workflowTemplate, Workflow workflow) { - Guard.Against.Null(workflowTemplate.Spec.ImagePullSecrets); - - if (workflowTemplate.Spec.ImagePullSecrets.Any()) + if (workflowTemplate.Spec.ImagePullSecrets?.Any() is true) { workflow.Spec.ImagePullSecrets = new List(); foreach (var secret in workflowTemplate.Spec.ImagePullSecrets) From 01176ac577d494f6e6e3e0148599c23e0a4ffdbe Mon Sep 17 00:00:00 2001 From: Neil South Date: Tue, 6 Sep 2022 16:00:40 +0100 Subject: [PATCH 4/4] added test for imagepullsecrets Signed-off-by: Neil South --- .../TaskManager.Argo.Tests/ArgoPluginTest.cs | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/tests/UnitTests/TaskManager.Argo.Tests/ArgoPluginTest.cs b/tests/UnitTests/TaskManager.Argo.Tests/ArgoPluginTest.cs index c738a16bc..30d5fcd55 100644 --- a/tests/UnitTests/TaskManager.Argo.Tests/ArgoPluginTest.cs +++ b/tests/UnitTests/TaskManager.Argo.Tests/ArgoPluginTest.cs @@ -17,6 +17,7 @@ using System; using System.Collections.Generic; using System.IO; +using System.IO.Abstractions; using System.Linq; using System.Net.Http; using System.Threading; @@ -586,6 +587,46 @@ public async Task ArgoPlugin_GetStatus_ReturnsExecutionStatusOnFailure() _argoClient.Verify(p => p.WorkflowService_GetWorkflowAsync(It.Is(p => p.Equals("namespace", StringComparison.OrdinalIgnoreCase)), It.Is(p => p.Equals("identity", StringComparison.OrdinalIgnoreCase)), It.IsAny(), It.IsAny(), It.IsAny()), Times.Once()); } + [Fact(DisplayName = "ImagePullSecrets - get copied accross")] + public async Task ArgoPlugin_Copies_ImagePullSecrets() + { + var argoTemplate = LoadArgoTemplate("SimpleTemplate.yml"); + + Assert.NotNull(argoTemplate); + var secret = new LocalObjectReference() { Name = "ImagePullSecret" }; + argoTemplate.Spec.ImagePullSecrets = new List() { secret }; + + var message = GenerateTaskDispatchEventWithValidArguments(); + message.TaskPluginArguments["resources"] = "{\"memory_reservation\": \"string\",\"cpu_reservation\": \"string\",\"gpu_limit\": 1,\"memory_limit\": \"string\",\"cpu_limit\": \"string\"}"; + message.TaskPluginArguments["priorityClass"] = "Helo"; + Workflow? submittedArgoTemplate = null; + + _argoClient.Setup(p => p.WorkflowTemplateService_GetWorkflowTemplateAsync(It.IsAny(), It.IsAny(), It.IsAny())) + .ReturnsAsync(argoTemplate); + _argoClient.Setup(p => p.WorkflowService_CreateWorkflowAsync(It.IsAny(), It.IsAny(), It.IsAny())) + .Callback((string ns, WorkflowCreateRequest body, CancellationToken cancellationToken) => + { + submittedArgoTemplate = body.Workflow; + }) + .ReturnsAsync((string ns, WorkflowCreateRequest body, CancellationToken cancellationToken) => + { + return new Workflow { Metadata = new ObjectMeta { Name = "workflow" } }; + }); + + SetupKubbernetesSecrets() + .ReturnsAsync((V1Secret body, string ns, string dr, string fm, string fv, bool? pretty, IReadOnlyDictionary> headers, CancellationToken ct) => + { + return new HttpOperationResponse { Body = body, Response = new HttpResponseMessage { } }; + }); + SetupKubernetesDeleteSecret(); + + var runner = new ArgoPlugin(_serviceScopeFactory.Object, _logger.Object, message); + var result = await runner.ExecuteTask(CancellationToken.None).ConfigureAwait(false); + + Assert.Equal(TaskExecutionStatus.Accepted, result.Status); + Assert.Equal(secret, submittedArgoTemplate?.Spec.ImagePullSecrets.First()); + } + private static TaskDispatchEvent GenerateTaskDispatchEventWithValidArguments() { var message = GenerateTaskDispatchEvent();