From c5055db128ba6c76c275ee755e35211d2e13a9cd Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 23 Oct 2025 18:43:31 +0000 Subject: [PATCH 1/3] Initial plan From f3a331b2a1d9a5a1a563b672a6e94402fe53ec2a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 23 Oct 2025 18:49:43 +0000 Subject: [PATCH 2/3] Implement CIFS encryption key reading from environment variable with base64 decoding Co-authored-by: SimoneBendazzoli93 <25175838+SimoneBendazzoli93@users.noreply.github.com> --- MAIA/maia_admin.py | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/MAIA/maia_admin.py b/MAIA/maia_admin.py index 15a4b805..ffaa649a 100644 --- a/MAIA/maia_admin.py +++ b/MAIA/maia_admin.py @@ -429,15 +429,29 @@ def create_maia_namespace_values(namespace_config, cluster_config, config_folder if mlflow_configs: maia_namespace_values["mlflow"] = { "enabled": True, - #"user": base64.b64decode(mlflow_configs["mlflow_user"]).decode("ascii"), + # "user": base64.b64decode(mlflow_configs["mlflow_user"]).decode("ascii"), "user": mlflow_configs["mlflow_user"], - "password": mlflow_configs["mlflow_password"] - #"password": base64.b64decode(mlflow_configs["mlflow_password"]).decode("ascii"), + "password": mlflow_configs["mlflow_password"], + # "password": base64.b64decode(mlflow_configs["mlflow_password"]).decode("ascii"), } enable_cifs = namespace_config.get("extra_configs", {}).get("enable_cifs", False) if enable_cifs: - maia_namespace_values["cifs"] = {"enabled": True, "encryption": {"publicKey": ""}} # base64 encoded} + # Read and decode CIFS encryption key from environment variable + cifs_encryption_key_b64 = os.environ.get("CIFS_ENCRYPTION_KEY", "") + public_key = "" + + if cifs_encryption_key_b64: + try: + public_key = base64.b64decode(cifs_encryption_key_b64).decode("utf-8") + except Exception as e: + print(f"⚠️ Warning: Failed to decode CIFS_ENCRYPTION_KEY: {e}") + print(" Using empty public key as fallback.") + else: + print("⚠️ Warning: CIFS_ENCRYPTION_KEY environment variable is not set.") + print(" Using empty public key as fallback.") + + maia_namespace_values["cifs"] = {"enabled": True, "encryption": {"publicKey": public_key}} namespace_id = namespace_config["group_ID"].lower().replace("_", "-") Path(config_folder).joinpath(namespace_config["group_ID"], "maia_namespace_values").mkdir(parents=True, exist_ok=True) with open( @@ -1253,7 +1267,7 @@ def create_maia_dashboard_values(config_folder, project_id, cluster_config_dict, if "discord_url" in maia_config_dict: maia_dashboard_values["dashboard"]["discord_url"] = maia_config_dict["discord_url"] - #if "discord_signup_url" in maia_config_dict: + # if "discord_signup_url" in maia_config_dict: # maia_dashboard_values["dashboard"]["discord_signup_url"] = maia_config_dict["discord_signup_url"] if "discord_support_url" in maia_config_dict: maia_dashboard_values["dashboard"]["discord_support_url"] = maia_config_dict["discord_support_url"] From 04f7cf883381172d0d742c92e9afd9cf35cf5bea Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 23 Oct 2025 18:52:27 +0000 Subject: [PATCH 3/3] Address code review: use specific exceptions and ascii encoding Co-authored-by: SimoneBendazzoli93 <25175838+SimoneBendazzoli93@users.noreply.github.com> --- MAIA/maia_admin.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/MAIA/maia_admin.py b/MAIA/maia_admin.py index ffaa649a..49b353a6 100644 --- a/MAIA/maia_admin.py +++ b/MAIA/maia_admin.py @@ -2,6 +2,7 @@ import asyncio import base64 +import binascii import json import os import subprocess @@ -443,8 +444,8 @@ def create_maia_namespace_values(namespace_config, cluster_config, config_folder if cifs_encryption_key_b64: try: - public_key = base64.b64decode(cifs_encryption_key_b64).decode("utf-8") - except Exception as e: + public_key = base64.b64decode(cifs_encryption_key_b64).decode("ascii") + except (binascii.Error, UnicodeDecodeError) as e: print(f"⚠️ Warning: Failed to decode CIFS_ENCRYPTION_KEY: {e}") print(" Using empty public key as fallback.") else: