From 0886f8ef6a2b480cc1170d69965f8a89575f0ce9 Mon Sep 17 00:00:00 2001
From: Rui Vieira <ruidevieira@googlemail.com>
Date: Tue, 6 Aug 2024 09:29:42 +0100
Subject: [PATCH 1/3] feat: Remove TLS cert mounting

---
 controllers/inference_services.go             | 47 -------------------
 .../templates/service/deployment.tmpl.yaml    |  7 ++-
 .../service/service-internal.tmpl.yaml        |  5 +-
 3 files changed, 10 insertions(+), 49 deletions(-)

diff --git a/controllers/inference_services.go b/controllers/inference_services.go
index b49a52677..4f68b2629 100644
--- a/controllers/inference_services.go
+++ b/controllers/inference_services.go
@@ -33,30 +33,8 @@ func (r *TrustyAIServiceReconciler) patchEnvVarsForDeployments(ctx context.Conte
 			return false, nil
 		}
 
-		// If the secret volume doesn't exist, add it
-		volumeExists := false
-		for _, vol := range deployment.Spec.Template.Spec.Volumes {
-			if vol.Name == instance.Name+"-internal" {
-				volumeExists = true
-				break
-			}
-		}
-		if !volumeExists {
-			deployment.Spec.Template.Spec.Volumes = append(deployment.Spec.Template.Spec.Volumes, certVolumes.volume)
-		}
-
 		// Loop over all containers in the Deployment's Pod template
 		for i := range deployment.Spec.Template.Spec.Containers {
-			mountExists := false
-			for _, mount := range deployment.Spec.Template.Spec.Containers[i].VolumeMounts {
-				if mount.Name == instance.Name+"-internal" {
-					mountExists = true
-					break
-				}
-			}
-			if !mountExists {
-				deployment.Spec.Template.Spec.Containers[i].VolumeMounts = append(deployment.Spec.Template.Spec.Containers[i].VolumeMounts, certVolumes.volumeMount)
-			}
 
 			// Store the original environment variable list
 			// Get the existing env var
@@ -107,31 +85,6 @@ func (r *TrustyAIServiceReconciler) patchEnvVarsForDeployments(ctx context.Conte
 				log.FromContext(ctx).Info("Updating Deployment " + deployment.Name + ", container spec " + deployment.Spec.Template.Spec.Containers[i].Name + ", env var " + envVarName + " to " + url)
 			}
 
-			// Check TLS environment variable on ModelMesh
-			if deployment.Spec.Template.Spec.Containers[i].Name == mmContainerName {
-				tlsKeyCertPathEnvValue := tlsMountPath + "/tls.crt"
-				tlsKeyCertPathExists := false
-				for _, envVar := range deployment.Spec.Template.Spec.Containers[i].Env {
-					if envVar.Name == tlsKeyCertPathName {
-						tlsKeyCertPathExists = true
-						break
-					}
-				}
-
-				// Doesn't exist, so we can add
-				if !tlsKeyCertPathExists {
-					deployment.Spec.Template.Spec.Containers[i].Env = append(deployment.Spec.Template.Spec.Containers[i].Env, corev1.EnvVar{
-						Name:  tlsKeyCertPathName,
-						Value: tlsKeyCertPathEnvValue,
-					})
-
-					if err := r.Update(ctx, &deployment); err != nil {
-						log.FromContext(ctx).Error(err, "Could not update Deployment", "Deployment", deployment.Name)
-						return false, err
-					}
-					log.FromContext(ctx).Info("Added environment variable " + tlsKeyCertPathName + " to deployment " + deployment.Name + " for container " + mmContainerName)
-				}
-			}
 		}
 	}
 
diff --git a/controllers/templates/service/deployment.tmpl.yaml b/controllers/templates/service/deployment.tmpl.yaml
index da69b24e1..d11623e3b 100644
--- a/controllers/templates/service/deployment.tmpl.yaml
+++ b/controllers/templates/service/deployment.tmpl.yaml
@@ -43,6 +43,11 @@ spec:
         - name: trustyai-service
           image: {{ .ServiceImage }}
           env:
+            - name: KUBERNETES_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
             - name: SERVICE_STORAGE_FORMAT
               value: {{ .Instance.Spec.Storage.Format }}
             {{ if eq .Instance.Spec.Storage.Format "PVC" }}
@@ -216,7 +221,7 @@ spec:
             defaultMode: 420
         - name: {{ .Instance.Name}}-internal
           secret:
-            secretName: {{ .Instance.Name }}-internal
+            secretName: trustyai-certificate
             defaultMode: 420
         {{ if .UseDBTLSCerts }}
         - name: db-tls-certs
diff --git a/controllers/templates/service/service-internal.tmpl.yaml b/controllers/templates/service/service-internal.tmpl.yaml
index 7b719205f..9de412c06 100644
--- a/controllers/templates/service/service-internal.tmpl.yaml
+++ b/controllers/templates/service/service-internal.tmpl.yaml
@@ -5,7 +5,6 @@ metadata:
         prometheus.io/path: /q/metrics
         prometheus.io/scheme: http
         prometheus.io/scrape: 'true'
-        service.beta.openshift.io/serving-cert-secret-name: {{ .Name }}-internal
     name: {{ .Name }}
     namespace: {{ .Namespace }}
     labels:
@@ -20,6 +19,10 @@ spec:
           protocol: TCP
           port: 80
           targetPort: 8080
+        - name: http-event
+          protocol: TCP
+          port: 8080
+          targetPort: 8080
         - name: https
           protocol: TCP
           port: 443

From 1c06baf182947bf0c3e9426a2047e9a2250f7606 Mon Sep 17 00:00:00 2001
From: Rui Vieira <ruidevieira@googlemail.com>
Date: Tue, 6 Aug 2024 11:31:39 +0100
Subject: [PATCH 2/3] Update images for testing

---
 config/base/params.env | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/base/params.env b/config/base/params.env
index a0f5419bf..8819ae233 100644
--- a/config/base/params.env
+++ b/config/base/params.env
@@ -1,4 +1,4 @@
-trustyaiServiceImage=quay.io/trustyai/trustyai-service:latest
-trustyaiOperatorImage=quay.io/trustyai/trustyai-service-operator:latest
+trustyaiServiceImage=quay.io/trustyai/trustyai-service:RHOAIENG-10876
+trustyaiOperatorImage=quay.io/trustyai/trustyai-service-operator:RHOAIENG-10876
 oauthProxyImage=quay.io/openshift/origin-oauth-proxy:4.14.0
 kServeServerless=disabled
\ No newline at end of file

From 95b3768eb63d54e19488a836ed435f4bd5e74926 Mon Sep 17 00:00:00 2001
From: Rui Vieira <ruidevieira@googlemail.com>
Date: Tue, 6 Aug 2024 12:14:29 +0100
Subject: [PATCH 3/3] Update images for testing

---
 config/base/params.env | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/base/params.env b/config/base/params.env
index 8819ae233..958f664f2 100644
--- a/config/base/params.env
+++ b/config/base/params.env
@@ -1,4 +1,4 @@
-trustyaiServiceImage=quay.io/trustyai/trustyai-service:RHOAIENG-10876
-trustyaiOperatorImage=quay.io/trustyai/trustyai-service-operator:RHOAIENG-10876
+trustyaiServiceImage=quay.io/ruimvieira/trustyai-service:RHOAIENG-10876
+trustyaiOperatorImage=quay.io/ruimvieira/trustyai-service-operator:RHOAIENG-10876
 oauthProxyImage=quay.io/openshift/origin-oauth-proxy:4.14.0
 kServeServerless=disabled
\ No newline at end of file