[pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

.dockerignore

@@ -1 +1 @@
-**/node_modules
+**/node_modules

.github/workflows/publish-autopilot-utils.yaml

@@ -2,7 +2,7 @@ name: Publish Autopilot Utils to PyPI
 
 on:
   workflow_dispatch:
-    
+
 env:
   PYTHON_APPS_FOLDER: yaku-apps-python
 
@@ -13,25 +13,25 @@ jobs:
       - uses: actions/checkout@v4
         with:
           sparse-checkout: ${{ env.PYTHON_APPS_FOLDER }}
-      
+
       - name: Put all files from ${{ env.PYTHON_APPS_FOLDER }} in cwd
         run: |
           mv ${{ env.PYTHON_APPS_FOLDER }}/* .
-      
+
       - uses: actions/setup-python@v5
         with:
           python-version: "3.10"
-      
+
       - name: Setup pants
         uses: pantsbuild/actions/init-pants@v8
         with:
           gha-cache-key: cache0
           named-caches-hash: ${{ hashFiles('/3rdparty/*.txt') }}
-      
+
       - name: Build wheel
         run: |
           pants package ./packages/autopilot-utils/::
-      
+
       - name: Store the distribution packages
         uses: actions/upload-artifact@v4
         with:
@@ -57,4 +57,4 @@ jobs:
       - name: Publish to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          verify-metadata: false
+          verify-metadata: false

README.md

@@ -3,7 +3,7 @@
 
 !! THIS PROJECT IS UNDER CONSTRUCTION !!
 
-<img src="./misc/under-construction.jpg" alt="Under Construction" width="300"/>  
+<img src="./misc/under-construction.jpg" alt="Under Construction" width="300"/>
 <figcaption>
 Foto from Mabel Amber from <a href="https://www.pexels.com/de-de/foto/nahaufnahme-fotografie-der-roten-und-weissen-strassenbeschilderung-117602/" target="_blank" style="color: #555;">Pexels</a>
 </figcaption>

chart/HELM_CHANGELOG.md

@@ -125,4 +125,4 @@ When a new official version is created to be delivered to external customers, th
 
 
 ### Changed
-- Updated db_cacert_secret_name to cacert_secret_name in sandbox-migration-job
+- Updated db_cacert_secret_name to cacert_secret_name in sandbox-migration-job

chart/README.md

@@ -1 +1 @@
-# yaku-helm-chart
+# yaku-helm-chart

chart/charts/yaku-core-api/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v2
 name: yaku-core-api
 description: Yaku core api
 type: application
-version: 0.1.0
+version: 0.1.0

chart/charts/yaku-core-api/templates/api-deployment.yaml

@@ -57,7 +57,7 @@ spec:
           {{- with .Values.securityContext }}
           securityContext:
             {{- toYaml . | nindent 12 }}
-          {{- end }}       
+          {{- end }}
           image: {{ .Values.global.images.yakuCoreApi }}
           imagePullPolicy: {{ .Values.imagePullPolicy | default "IfNotPresent" }}
           ports:
@@ -86,8 +86,8 @@ spec:
             timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
             successThreshold: {{ .Values.livenessProbe.successThreshold }}
             failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
-          {{- end }}  
-          env: 
+          {{- end }}
+          env:
             - name: NODE_TLS_REJECT_UNAUTHORIZED
               value: {{ .Values.env.node_tls_reject_unauthorized | default "0" | quote }}
             - name: PATH_PREFIX
@@ -330,4 +330,3 @@ spec:
               path: cacert.crt
         {{- end }}
       {{- end }}
-

chart/charts/yaku-core-api/templates/api-encryption-key-secret.yaml

@@ -12,4 +12,4 @@ data:
   {{ else }}
   default_key:  {{ index (lookup "v1" "Secret" .Release.Namespace "yaku-default-key").data "default_key" }}
   {{ end }}
-{{- end }}
+{{- end }}

chart/charts/yaku-core-api/templates/api-service.yaml

@@ -21,4 +21,4 @@ spec:
     {{- include "yaku.selectorLabels" . | nindent 4 }}
     {{- with .Values.additionalSelectorLabels}}
     {{- toYaml . | nindent 4 }}
-    {{- end }}
+    {{- end }}

chart/charts/yaku-core-api/templates/minio-secret.yaml

@@ -9,4 +9,4 @@ metadata:
 data:
   rootUser: bWluaW9hZG1pbg==
   rootPassword: bWluaW9hZG1pbg==
-{{- end }}
+{{- end }}

chart/charts/yaku-core-api/templates/sandbox-db-migration-config.yaml

@@ -18,4 +18,4 @@ data:
 
     PGPASSWORD=$SANDBOX_DB_PASS pg_dump -d {{ .Values.env.db_name }} -h {{ .Values.global.database.db_host }} -U $SANDBOX_DB_USER --schema-only -O -x > /tmp/database-sandbox.db
     cat /tmp/database-sandbox.db
-{{- end }}
+{{- end }}

chart/charts/yaku-core-api/templates/sandbox-db-migration-job.yaml

@@ -70,4 +70,4 @@ spec:
             - key: {{ .Values.env.cacert_key_name | quote }}
               path: postgres.crt
         {{- end }}
-{{- end }}
+{{- end }}

chart/charts/yaku-core-api/templates/yaku-postgres.yaml

@@ -60,7 +60,7 @@ spec:
             - SELECT 1
           initialDelaySeconds: 15
           timeoutSeconds: 2
-      volumes: 
+      volumes:
       - name: pvc-data
         persistentVolumeClaim:
           claimName: {{ .Values.postgres.persistence.name }}
@@ -78,4 +78,4 @@ spec:
     targetPort: 5432
   selector:
     app: {{ include "yaku.name" . }}-postgres-db
-{{- end }}
+{{- end }}

chart/charts/yaku-core-api/values.yaml

@@ -1 +1 @@
-# Default values for yaku-core-api
+# Default values for yaku-core-api

chart/charts/yaku-labs/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v2
 name: yaku-labs
 description: Yaku Labs
 type: application
-version: 0.1.0
+version: 0.1.0

chart/charts/yaku-labs/templates/labs-configmap.yaml

@@ -9,4 +9,4 @@ data:
   probe.sh: |
     #!/bin/sh
     curl -X POST -d "{\"model\":\"llama3\"}" http://yaku-labs:11434/api/chat
-{{- end }}
+{{- end }}

chart/charts/yaku-labs/templates/labs-deployment.yaml

@@ -6,7 +6,7 @@ metadata:
   labels:
     {{- include "yaku.labels" . | nindent 4 }}
 spec:
-  replicas: {{ .Values.replicaCount | default 1 }} 
+  replicas: {{ .Values.replicaCount | default 1 }}
   selector:
     matchLabels:
       {{- include "yaku.selectorLabels" . | nindent 6 }}
@@ -79,12 +79,12 @@ spec:
           volumeMounts:
           - name: probe-script
             mountPath: /tmp/probe.sh
-            subPath: probe.sh     
+            subPath: probe.sh
       volumes:
       - name: pvc-data
         persistentVolumeClaim:
           claimName: labs-pvc
       - name: probe-script
         configMap:
           name: yaku-probe-config
-{{- end }}
+{{- end }}

chart/charts/yaku-labs/templates/labs-ingress.yaml

@@ -59,4 +59,3 @@ spec:
           {{- end }}
     {{- end }}
 {{- end }}
-

chart/charts/yaku-labs/templates/labs-service.yaml

@@ -23,4 +23,4 @@ spec:
     {{- with .Values.additionalSelectorLabels}}
     {{- toYaml . | nindent 4 }}
     {{- end }}
-{{- end }}
+{{- end }}

chart/charts/yaku-labs/values.yaml

@@ -1 +1 @@
-# Default values for yaku-ui
+# Default values for yaku-ui

chart/charts/yaku-ui/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v2
 name: yaku-ui
 description: Yaku ui
 type: application
-version: 0.1.0
+version: 0.1.0

chart/charts/yaku-ui/templates/ui-configmap.yaml

@@ -8,4 +8,4 @@ metadata:
 data:
   ui-config.json: |
 {{ .Values.config.backendEnvironments | indent 4 -}}
-{{- end }}
+{{- end }}

chart/charts/yaku-ui/templates/ui-deployment.yaml

@@ -6,7 +6,7 @@ metadata:
   labels:
     {{- include "yaku.labels" . | nindent 4 }}
 spec:
-  replicas: {{ .Values.replicaCount | default 1 }} 
+  replicas: {{ .Values.replicaCount | default 1 }}
   selector:
     matchLabels:
       {{- include "yaku.selectorLabels" . | nindent 6 }}
@@ -74,4 +74,4 @@ spec:
           configMap:
             name: {{ .Chart.Name }}
       {{- end }}
-{{- end }}
+{{- end }}

chart/charts/yaku-ui/templates/ui-ingress.yaml

@@ -59,4 +59,3 @@ spec:
           {{- end }}
     {{- end }}
 {{- end }}
-

chart/charts/yaku-ui/templates/ui-service.yaml

@@ -23,4 +23,4 @@ spec:
     {{- with .Values.additionalSelectorLabels}}
     {{- toYaml . | nindent 4 }}
     {{- end }}
-{{- end }}
+{{- end }}

chart/charts/yaku-ui/values.yaml

@@ -1 +1 @@
-# Default values for yaku-ui
+# Default values for yaku-ui

chart/crds/argo-workflows-crds.yaml

@@ -871,4 +871,4 @@ spec:
         - spec
         type: object
     served: true
-    storage: true
+    storage: true

chart/documentation/configure-keycloak.md

@@ -26,7 +26,7 @@ Based on your used Keycloak instance, please follow one of the option below.
 
   1. Login with a user that have admin access to your realm `kcadm.sh config credentials --server <keycloak server> --realm <realm name> --user admin `
 
-  2. Run `./tools/setup-realm.sh` 
+  2. Run `./tools/setup-realm.sh`
 
   3. Go to `Client scopes`, change `global` Assigned type to `optional` and `namespace_1`  Assigned type to `Default`
 
@@ -36,7 +36,7 @@ Based on your used Keycloak instance, please follow one of the option below.
 
      Under (Choose the resources you want to import:), check: Clients, Realm roles and client roles.
 
-     Under (If a resource already exists, specify what should be done:) check: skip 
+     Under (If a resource already exists, specify what should be done:) check: skip
 
 You will then need to perform some manual steps to customize it and get the configuration working with your Yaku instance.
 
@@ -50,7 +50,7 @@ The pre-configured realm imported from [yaku-realm-configmap.yaml file](./tools/
 A users in Keycloak is any entity that can login into your system. Yaku access is based on two users groups:
 - **Admin users**
 
-  Admins have permissions to create and modify namespaces in a Yaku instance. 
+  Admins have permissions to create and modify namespaces in a Yaku instance.
 - **Namespace users**
 
   Normal users that have access to one or multiple namespaces and can run Yaku assessments
@@ -61,7 +61,7 @@ After configuring your identity provider in Keycloak, users will be able to logi
 ### Configure Identity Provider
 
 Keycloak acts as an Identity Broker to connect Yaku services with identity providers. It uses the provider’s identities to access Yaku services.
-Keycloak bases identity providers on SAML v2.0, OpenID Connect v1.0 and OAuth v2.0 protocols. You can configure Keycloak to use any of these protocols to connect with your identity provider. 
+Keycloak bases identity providers on SAML v2.0, OpenID Connect v1.0 and OAuth v2.0 protocols. You can configure Keycloak to use any of these protocols to connect with your identity provider.
 
 To add an identity provider, click on the `Identity Providers` tab in the left side menu and select the identity provider type you want to add. Keycloak displays the configuration page for the identity provider you selected.
 
@@ -70,7 +70,7 @@ We provide below two configuration examples for OpenID Connect and SAML.
 #### OpenID Connect
 
 
-This identity provider uses an Azure Entra ID OpenID Connect app registration created and configured in an Azure subscription. 
+This identity provider uses an Azure Entra ID OpenID Connect app registration created and configured in an Azure subscription.
 
 1. Fill up the configuration page of the OpenID connect identity provider with the following values. You can find the `clientId` and `clientSecret` in your App registration details.
 
@@ -124,7 +124,7 @@ You can find more information about configuring OpenID Connect identity provider
 
 #### SAML
 
-This identity provider uses an Azure Entra ID SAML app registration created and configured in an Azure subscription. 
+This identity provider uses an Azure Entra ID SAML app registration created and configured in an Azure subscription.
 
 1. Fill up the configuration page of the OpenID connect identity provider with the following values. You can find the `clientId` and `clientSecret` in your App registration details.
 

chart/documentation/core-api.md

@@ -6,13 +6,13 @@ Yaku uses Argo Workflows workflow engine for orchestrating qg assessment jobs on
 
 With Yaku helm chart, we ship Argo Workflows public helm chart as a sub chart. To get you started, we have configured Argo Workflows default values. In your production environment, you can tweak the Argo values based on your requirements.
 
-A MinIO helm chart is also included as a sub chart to start Minio as an S3 artifact storage for Argo workflows. 
+A MinIO helm chart is also included as a sub chart to start Minio as an S3 artifact storage for Argo workflows.
 
 Out of the box, the Minio deployment uses default credentials that are stored in a Kubernetes secret called **minio-creds**. To use different credentials, you need to create a new secret with your own credentials and add the secret name in the helm chart value _credentialsSecretName_. Read the variables documentation in the **values.yaml** file.
 
 ## Encryption Keys
 
-**Important Notes** 
+**Important Notes**
 
 The API has an internal mechanism to encrypt user sensitive data (yaku secrets) before storing them in tha database. You need to set up your own encryption key and create a Kubernetes secret that contains this key. The secret name and key should then be added in the following helm chart values:
 
@@ -37,7 +37,7 @@ The values in the helm chart should be:
 - `encryption_secret_name: "my_yaku_encryption_secret"`
 - `encryption_secret_key: "my_yaku_encryption_key"`
 
-Out of the box, for trying Yaku in a playground setup, a predefined encryption key is generated that you can use. We recommend that you create your own value and deploy it as kuberenets secret, then add the kubernetes secret info in values file under `encryption_secret_name` and `encryption_secret_key` 
+Out of the box, for trying Yaku in a playground setup, a predefined encryption key is generated that you can use. We recommend that you create your own value and deploy it as kuberenets secret, then add the kubernetes secret info in values file under `encryption_secret_name` and `encryption_secret_key`
 
 ## Database
 

chart/documentation/deploy-keycloak.md

@@ -2,7 +2,7 @@
 
 Yaku depends on Keycloak for the management of user authentication and authorization. Keycloak is a an open-source Identity and Access Management (IAM) solution that supports various protocols such as OpenID Connect, OAuth 2.0, and SAML. Official documentation for Keycloak can be found [here](https://www.keycloak.org/documentation.html).
 
-In this document, we will provide you with a step-by-step guide on how to deploy a Keycloak instance on a Kubernetes cluster and how to configure the instance for Yaku. 
+In this document, we will provide you with a step-by-step guide on how to deploy a Keycloak instance on a Kubernetes cluster and how to configure the instance for Yaku.
 
 ## Deploying Keycloak
 
@@ -91,7 +91,7 @@ spec:
           mountPath: /var/lib/postgresql/data
         ports:
         - containerPort: 5432
-      volumes: 
+      volumes:
       - name: pvc-data
         persistentVolumeClaim:
           claimName: keycloak-postgres
@@ -200,7 +200,7 @@ spec:
 `KC_HOSTNAME_URL` and `KC_HOSTNAME_ADMIN_URL` need to be changed based on the hostname you have in your ingress resource.
 
 #### service.yml
-    
+
 ```yaml
 apiVersion: v1
 kind: Service
@@ -247,9 +247,3 @@ spec:
 
 
 If the pod is up and running, you can access keycloak on: https://your-domain.com/keycloak/auth/
-
-
-
-
-
-

chart/documentation/get-started.md

@@ -37,6 +37,5 @@ Before you start, you need:
     - Free storage if you'll be using persistent storage
 - A namespace where you'll deploy Yaku.
 - A Docker pull Kubernetes secret, with the value of the access token to Yaku's Azure container registry, created in the namespace.
-- A Kubernetes secret for yaku service secret objects encryption is created. This value is needed to encrypt sensitive data stored in the db. Learn [here](./core-api.md#encryption-keys) why you need that. If you want to try Yaku in a playground setup, you can skip this requirement. This will generate a predefined encryption key which you can use. We recommend that you create your own value and deploy it as kuberenets secret, then add the kubernetes secret info in values file under `encryption_secret_name` and `encryption_secret_key` 
+- A Kubernetes secret for yaku service secret objects encryption is created. This value is needed to encrypt sensitive data stored in the db. Learn [here](./core-api.md#encryption-keys) why you need that. If you want to try Yaku in a playground setup, you can skip this requirement. This will generate a predefined encryption key which you can use. We recommend that you create your own value and deploy it as kuberenets secret, then add the kubernetes secret info in values file under `encryption_secret_name` and `encryption_secret_key`
 - Helm deployment values are configured. All configurations are documented in the **values.yaml** file.
-