Skip to content

Commit b32e0a9

Browse files
VanillaSpoonVanillaSpoon
committed
update: placement of cookie secret in the mutating webhook for rayclusters
1 parent cd5396f commit b32e0a9

File tree

1 file changed

+17
-13
lines changed

1 file changed

+17
-13
lines changed

pkg/controllers/raycluster_webhook.go

+17-13
Original file line numberDiff line numberDiff line change
@@ -87,19 +87,6 @@ func (r *RayClusterDefaulter) Default(ctx context.Context, obj runtime.Object) e
8787
"--cookie-secret=$(COOKIE_SECRET)",
8888
"--openshift-delegate-urls={\"/\":{\"resource\":\"pods\",\"namespace\":\"default\",\"verb\":\"get\"}}",
8989
},
90-
Env: []corev1.EnvVar{
91-
{
92-
Name: "COOKIE_SECRET",
93-
ValueFrom: &corev1.EnvVarSource{
94-
SecretKeyRef: &corev1.SecretKeySelector{
95-
LocalObjectReference: corev1.LocalObjectReference{
96-
Name: raycluster.Name + "-oauth-config",
97-
},
98-
Key: "cookie_secret",
99-
},
100-
},
101-
},
102-
},
10390
VolumeMounts: []corev1.VolumeMount{
10491
{
10592
Name: "proxy-tls-secret",
@@ -112,6 +99,23 @@ func (r *RayClusterDefaulter) Default(ctx context.Context, obj runtime.Object) e
11299
// Adding the new OAuth sidecar container
113100
raycluster.Spec.HeadGroupSpec.Template.Spec.Containers = append(raycluster.Spec.HeadGroupSpec.Template.Spec.Containers, newOAuthSidecar)
114101

102+
cookieSecret := corev1.EnvVar{
103+
Name: "COOKIE_SECRET",
104+
ValueFrom: &corev1.EnvVarSource{
105+
SecretKeyRef: &corev1.SecretKeySelector{
106+
LocalObjectReference: corev1.LocalObjectReference{
107+
Name: raycluster.Name + "-oauth-config",
108+
},
109+
Key: "cookie_secret",
110+
},
111+
},
112+
}
113+
114+
raycluster.Spec.HeadGroupSpec.Template.Spec.Containers[0].Env = append(
115+
raycluster.Spec.HeadGroupSpec.Template.Spec.Containers[0].Env,
116+
cookieSecret,
117+
)
118+
115119
tlsSecretVolume := corev1.Volume{
116120
Name: "proxy-tls-secret",
117121
VolumeSource: corev1.VolumeSource{

0 commit comments

Comments
 (0)