From e0d33d5d1585c21b211ace3da0e07b307834c1b6 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 09:26:02 -0600 Subject: [PATCH 01/11] fix: Local auth fix --- charts/operator-wandb/Chart.yaml | 2 +- charts/operator-wandb/charts/app/templates/deployment.yaml | 3 +++ charts/operator-wandb/charts/app/templates/service.yaml | 3 +++ charts/operator-wandb/templates/session-key.yaml | 1 + 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/charts/operator-wandb/Chart.yaml b/charts/operator-wandb/Chart.yaml index bcdac359..c53990c9 100644 --- a/charts/operator-wandb/Chart.yaml +++ b/charts/operator-wandb/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: operator-wandb description: A Helm chart for deploying W&B to Kubernetes type: application -version: 0.24.8 +version: 0.24.9 appVersion: 1.0.0 icon: https://wandb.ai/logo.svg diff --git a/charts/operator-wandb/charts/app/templates/deployment.yaml b/charts/operator-wandb/charts/app/templates/deployment.yaml index 46d20846..a6adc6f8 100644 --- a/charts/operator-wandb/charts/app/templates/deployment.yaml +++ b/charts/operator-wandb/charts/app/templates/deployment.yaml @@ -93,6 +93,9 @@ spec: - name: anaconda containerPort: 8082 protocol: TCP + - name: auth + containerPort: 8083 + protocol: TCP - name: gorilla-statsd containerPort: 8125 protocol: TCP diff --git a/charts/operator-wandb/charts/app/templates/service.yaml b/charts/operator-wandb/charts/app/templates/service.yaml index 26516e1a..f3d58fcd 100644 --- a/charts/operator-wandb/charts/app/templates/service.yaml +++ b/charts/operator-wandb/charts/app/templates/service.yaml @@ -46,5 +46,8 @@ spec: - port: 8082 protocol: TCP name: anaconda + - port: 8083 + protocol: TCP + name: auth selector: {{- include "app.labels" . | nindent 4 }} diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index 885599fc..fb9340a2 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,3 +14,4 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} + GORILLA_AUTH_JWK_URL: "{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) }}" From 6119dc43ce11e900fbe3b7b6c6e072515c6f144c Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 09:36:55 -0600 Subject: [PATCH 02/11] fix --- charts/operator-wandb/templates/session-key.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index fb9340a2..75256ae9 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,4 +14,5 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} - GORILLA_AUTH_JWK_URL: "{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) }}" + {{- $jwkUrl := ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | b64enc }} + GORILLA_AUTH_JWK_URL: {{ $jwkUrl | quote }} From 7e177a15e5f577aa4beec33af016a6554746d02c Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 09:54:17 -0600 Subject: [PATCH 03/11] fix --- charts/operator-wandb/templates/session-key.yaml | 2 -- charts/operator-wandb/values.yaml | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index 75256ae9..885599fc 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,5 +14,3 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} - {{- $jwkUrl := ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | b64enc }} - GORILLA_AUTH_JWK_URL: {{ $jwkUrl | quote }} diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index a0704b2d..5171c038 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -91,6 +91,7 @@ global: auth: sessionLengthHours: 720 + jwkUrl: "" oidc: clientId: "" secret: "" From 25bbcf7f1373ac72cf460e2b8603359884967678 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 09:54:29 -0600 Subject: [PATCH 04/11] fix --- charts/operator-wandb/templates/gorilla.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/operator-wandb/templates/gorilla.yaml b/charts/operator-wandb/templates/gorilla.yaml index 68073690..a4ec90df 100644 --- a/charts/operator-wandb/templates/gorilla.yaml +++ b/charts/operator-wandb/templates/gorilla.yaml @@ -55,6 +55,7 @@ data: {{- end }} GORILLA_SWEEP_PROVIDER: "{{ .Values.global.sweepProvider | default (printf "http://%s-app:8082" .Release.Name) }}" WANDB_BASE_URL: "{{ .Values.global.baseUrl | default (printf "http://%s-app:8081" .Release.Name) }}" + GORILLA_AUTH_JWK_URL: {{ ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | quote }} GORILLA_VIEW_SPEC_UPDATER_EXECUTABLE: "/usr/local/bin/view-spec-updater-linux" GORILLA_LIMITER: "noop://" GORILLA_PARQUET_RPC_PATH: "/_goRPC_" From 69773b04cbd92c7321a2346dd89f45eb26acb360 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 09:57:14 -0600 Subject: [PATCH 05/11] retry the build --- charts/operator-wandb/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 5171c038..5a71deaa 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -91,7 +91,7 @@ global: auth: sessionLengthHours: 720 - jwkUrl: "" + jwkUrl: "" # Internal URL for the auth service oidc: clientId: "" secret: "" From b92523844ab8df27a78d0dbe4fd7364013c93597 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 10:07:28 -0600 Subject: [PATCH 06/11] fix --- charts/operator-wandb/templates/gorilla.yaml | 1 - charts/operator-wandb/templates/session-key.yaml | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/operator-wandb/templates/gorilla.yaml b/charts/operator-wandb/templates/gorilla.yaml index a4ec90df..68073690 100644 --- a/charts/operator-wandb/templates/gorilla.yaml +++ b/charts/operator-wandb/templates/gorilla.yaml @@ -55,7 +55,6 @@ data: {{- end }} GORILLA_SWEEP_PROVIDER: "{{ .Values.global.sweepProvider | default (printf "http://%s-app:8082" .Release.Name) }}" WANDB_BASE_URL: "{{ .Values.global.baseUrl | default (printf "http://%s-app:8081" .Release.Name) }}" - GORILLA_AUTH_JWK_URL: {{ ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | quote }} GORILLA_VIEW_SPEC_UPDATER_EXECUTABLE: "/usr/local/bin/view-spec-updater-linux" GORILLA_LIMITER: "noop://" GORILLA_PARQUET_RPC_PATH: "/_goRPC_" diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index 885599fc..75256ae9 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,3 +14,5 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} + {{- $jwkUrl := ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | b64enc }} + GORILLA_AUTH_JWK_URL: {{ $jwkUrl | quote }} From 7e2d4fe3748034932b95796dd57367018caa1bc9 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Fri, 31 Jan 2025 14:18:39 -0600 Subject: [PATCH 07/11] fix --- charts/operator-wandb/templates/session-key.yaml | 2 -- charts/operator-wandb/values.yaml | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index 75256ae9..885599fc 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,5 +14,3 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} - {{- $jwkUrl := ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | b64enc }} - GORILLA_AUTH_JWK_URL: {{ $jwkUrl | quote }} diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 5a71deaa..77cbb952 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -678,6 +678,8 @@ api: value: 'http://{{ .Release.Name }}-parquet:8087/_goRPC_,{{ include "wandb.mysql" . | trim }}' GORILLA_FILE_STORE: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' + GORILLA_AUTH_JWK_URL: + value: '{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) | quote }}' GORILLA_STORAGE_BUCKET: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' A_KAFKA_CLIENT_PASSWORD: From f212b063257d22d4ee16b880a5e2f2fb718f10d7 Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Tue, 4 Feb 2025 14:40:24 -0600 Subject: [PATCH 08/11] rename --- charts/operator-wandb/charts/app/templates/service.yaml | 2 +- charts/operator-wandb/values.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/operator-wandb/charts/app/templates/service.yaml b/charts/operator-wandb/charts/app/templates/service.yaml index 5352d8a0..c4fda660 100644 --- a/charts/operator-wandb/charts/app/templates/service.yaml +++ b/charts/operator-wandb/charts/app/templates/service.yaml @@ -50,6 +50,6 @@ spec: name: anaconda - port: 8083 protocol: TCP - name: auth + name: local selector: {{- include "app.labels" . | nindent 4 }} diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 1b9d3737..3827ea33 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -73,9 +73,9 @@ global: otel: traces: - host: "" # defaults to the otel-daemonset service - port: 4317 # grpc default is 4317, http default is 4318 - proto: "grpc" # grpc, http + host: "" # defaults to the otel-daemonset service + port: 4317 # grpc default is 4317, http default is 4318 + proto: "grpc" # grpc, http clickhouse: install: false @@ -97,7 +97,7 @@ global: auth: sessionLengthHours: 720 - jwkUrl: "" # Internal URL for the auth service + jwkUrl: "" # Internal URL for the auth service should be using oidc or auth0 oidc: clientId: "" secret: "" From 261d00b5730e51096ca705c71cea32d097f2860f Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Tue, 4 Feb 2025 14:41:52 -0600 Subject: [PATCH 09/11] adding to glue --- charts/operator-wandb/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 3827ea33..58738cca 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -515,6 +515,8 @@ glue: value: 'http://{{ .Release.Name }}-parquet:8087/_goRPC_,{{ include "wandb.mysql" . | trim }}' GORILLA_FILE_STORE: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' + GORILLA_AUTH_JWK_URL: + value: '{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) | quote }}' GORILLA_STORAGE_BUCKET: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' AZURE_STORAGE_KEY: From 914a9e31e066e0c1d81898c53593626337f0a41e Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Wed, 5 Feb 2025 11:02:06 -0600 Subject: [PATCH 10/11] fix port name and chart version --- charts/operator-wandb/Chart.lock | 10 +++++----- .../charts/app/templates/deployment.yaml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/operator-wandb/Chart.lock b/charts/operator-wandb/Chart.lock index 4b9beee2..c426b9e8 100644 --- a/charts/operator-wandb/Chart.lock +++ b/charts/operator-wandb/Chart.lock @@ -4,7 +4,7 @@ dependencies: version: 0.1.0 - name: wandb-base repository: file://../wandb-base - version: 0.4.0 + version: 0.4.1 - name: console repository: file://charts/console version: 0.1.0 @@ -58,9 +58,9 @@ dependencies: version: 0.1.0 - name: wandb-base repository: file://../wandb-base - version: 0.4.0 + version: 0.4.1 - name: wandb-base repository: file://../wandb-base - version: 0.4.0 -digest: sha256:d9e104084992aaca36330a56d4a5b825fd20f0bdf995070bf93f46a883375169 -generated: "2025-01-29T12:38:09.214239-06:00" + version: 0.4.1 +digest: sha256:d6b5ef46b80814179a954ed674dc248c65cdc8192ead7a11f1df3861da29feed +generated: "2025-02-05T11:01:36.930465-06:00" diff --git a/charts/operator-wandb/charts/app/templates/deployment.yaml b/charts/operator-wandb/charts/app/templates/deployment.yaml index 71cdafe2..c0028d15 100644 --- a/charts/operator-wandb/charts/app/templates/deployment.yaml +++ b/charts/operator-wandb/charts/app/templates/deployment.yaml @@ -93,7 +93,7 @@ spec: - name: anaconda containerPort: 8082 protocol: TCP - - name: auth + - name: local containerPort: 8083 protocol: TCP - name: gorilla-statsd From b98dd8d48cef87a18abcfaeaa9882d75e4f3bdbd Mon Sep 17 00:00:00 2001 From: Zachary Blasczyk Date: Wed, 5 Feb 2025 12:41:26 -0600 Subject: [PATCH 11/11] set the GORILLA_AUTH_JWK_URL in the session key --- charts/operator-wandb/templates/session-key.yaml | 2 ++ charts/operator-wandb/values.yaml | 4 ---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/operator-wandb/templates/session-key.yaml b/charts/operator-wandb/templates/session-key.yaml index 885599fc..75256ae9 100644 --- a/charts/operator-wandb/templates/session-key.yaml +++ b/charts/operator-wandb/templates/session-key.yaml @@ -14,3 +14,5 @@ data: # Set $gorillaSessionKey to existing secret data or generate a random one when not exists {{- $gorillaSessionKey := (get $secretData "GORILLA_SESSION_KEY") | default (randAlphaNum 32 | b64enc) }} GORILLA_SESSION_KEY: {{ $gorillaSessionKey | quote }} + {{- $jwkUrl := ( .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name)) | b64enc }} + GORILLA_AUTH_JWK_URL: {{ $jwkUrl | quote }} diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 58738cca..107c9683 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -515,8 +515,6 @@ glue: value: 'http://{{ .Release.Name }}-parquet:8087/_goRPC_,{{ include "wandb.mysql" . | trim }}' GORILLA_FILE_STORE: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' - GORILLA_AUTH_JWK_URL: - value: '{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) | quote }}' GORILLA_STORAGE_BUCKET: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' AZURE_STORAGE_KEY: @@ -690,8 +688,6 @@ api: value: 'http://{{ .Release.Name }}-parquet:8087/_goRPC_,{{ include "wandb.mysql" . | trim }}' GORILLA_FILE_STORE: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' - GORILLA_AUTH_JWK_URL: - value: '{{ .Values.global.auth.jwkUrl | default (printf "http://%s-app:8083/api/jwks.json" .Release.Name) | quote }}' GORILLA_STORAGE_BUCKET: value: '{{ (include "wandb.bucket" . | fromYaml).url }}' A_KAFKA_CLIENT_PASSWORD: