update auth to allow for skip_tls

MichaelClifford · MichaelClifford · commit 2fe430cffeef · 2023-01-19T16:55:07.000-05:00
diff --git a/src/codeflare_sdk/cluster/auth.py b/src/codeflare_sdk/cluster/auth.py
@@ -21,6 +21,7 @@
 
 import abc
 import openshift as oc
+from openshift import OpenShiftPythonException
 
 
 class Authentication(metaclass=abc.ABCMeta):
@@ -61,13 +62,25 @@ def __init__(
         self.token = token
         self.server = server
 
-    def login(self):
+    def login(self, skip_tls=False):
         """
         This function is used to login to an OpenShift cluster using the user's API token and API server address.
+        Depending on the cluster, a user can choose to login in with "--insecure-skip-tls-verify` by setting `skip_tls`
+        to `True`.
         """
         token = self.token
         server = self.server
-        response = oc.invoke("login", [f"--token={token}", f"--server={server}:6443"])
+        args = [f"--token={token}", f"--server={server}:6443"]
+        if skip_tls:
+            args.append("--insecure-skip-tls-verify")
+        try:
+            response = oc.invoke("login", args)
+        except OpenShiftPythonException as osp:
+            error_msg = osp.result.err()
+            if "The server uses a certificate signed by unknown authority" in error_msg:
+                return "Error: certificate auth failure, please set `skip_tls=True` in your cluster config"
+            else:
+                return error_msg
         return response.out()
 
     def logout(self):
diff --git a/src/codeflare_sdk/cluster/cluster.py b/src/codeflare_sdk/cluster/cluster.py
@@ -95,7 +95,7 @@ def up(self):
         Applies the AppWrapper yaml, pushing the resource request onto
         the MCAD queue.
         """
-        self.config.auth.login()
+        self.config.auth.login(self.config.skip_tls)
         namespace = self.config.namespace
         with oc.project(namespace):
             oc.invoke("apply", ["-f", self.app_wrapper_yaml])
diff --git a/src/codeflare_sdk/cluster/config.py b/src/codeflare_sdk/cluster/config.py
@@ -48,3 +48,4 @@ class ClusterConfiguration:
     envs: dict = field(default_factory=dict)
     image: str = "ghcr.io/foundation-model-stack/base:ray2.1.0-py38-gpu-pytorch1.12.0cu116-20221213-193103"
     auth: Authentication = Authentication()
+    skip_tls = False
