Merge branch 'main' into standardfix

Author: mwaykole

.pre-commit-config.yaml

@@ -36,13 +36,13 @@ repos:
         exclude: .*/__snapshots__/.*|.*-input\.json$|^semgrep\.yaml$
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.15.6
+    rev: v0.15.7
     hooks:
       - id: ruff
       - id: ruff-format
 
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.30.1
+    rev: v8.30.0
     hooks:
       - id: gitleaks
 
@@ -90,7 +90,7 @@ repos:
       - id: actionlint
 
   - repo: https://github.com/DavidAnson/markdownlint-cli2
-    rev: v0.21.0
+    rev: v0.22.0
     hooks:
       - id: markdownlint-cli2
         args:

docs/GETTING_STARTED.md

@@ -135,11 +135,30 @@ To skip RHOAI/ODH-related tests (for example when running in upstream), pass `--
 
 To run tests with admin client only, pass `--tc=use_unprivileged_client:False` to pytest.
 
-### jira integration
 
-To skip running tests which have open bugs, [pytest_jira](https://github.com/rhevm-qe-automation/pytest_jira) plugin is used.
-To run tests with jira integration, you need to set `PYTEST_JIRA_URL`, `PYTEST_JIRA_USERNAME` and `PYTEST_JIRA_TOKEN` environment variables.
-To make a test with jira marker, add: `@pytest.mark.jira(jira_id="RHOAIENG-0000", run=False)` to the test.
+### Skipping tests for known Jira issues
+
+To skip a test that is affected by a known Jira bug, use `pytest.mark.xfail` with `is_jira_issue_open` as the condition:
+
+```python
+from utilities.jira import is_jira_issue_open
+
+@pytest.mark.xfail(condition=is_jira_issue_open(jira_id="RHOAIENG-12345"), reason="RHOAIENG-12345", run=False)
+def test_example(self):
+    ...
+```
+
+- `condition=is_jira_issue_open(...)` checks the Jira issue status at collection time. If the issue is open, the test is marked as xfail.
+- `run=False` skips execution entirely while the issue is open. Once the issue is closed/resolved, the test runs normally.
+- If Jira is unreachable, the issue is assumed open and the test is skipped.
+
+The following environment variables must be set for Jira connectivity:
+
+```bash
+export PYTEST_JIRA_URL=<your_jira_url>
+export PYTEST_JIRA_USERNAME=<username>
+export PYTEST_JIRA_TOKEN=<token>
+```
 
 ### Running containerized tests
 

pyproject.toml

@@ -61,7 +61,7 @@ dependencies = [
     "grpcio-reflection",
     "portforward>=0.7.1",
     "pytest-testconfig>=0.2.0",
-    "pytest-jira>=0.3.21",
+
     "pygithub>=2.5.0",
     "timeout-sampler>=1.0.6",
     "shortuuid>=1.0.13",

pytest.ini

@@ -5,7 +5,7 @@ testpaths = tests
 markers =
     # General
     polarion: Store polarion test ID
-    jira: Store jira bug ID
+
     skip_on_disconnected: Mark tests that can only be run in deployments with Internet access i.e. not on disconnected clusters.
     parallel: marks tests that can run in parallel along with pytest-xdist
 
@@ -63,6 +63,3 @@ addopts =
     --show-progress
     --tc-file=tests/global_config.py
     --tc-format=python
-    --jira
-    --jira-connection-error-strategy=skip
-    --jira-disable-docs-search

tests/model_registry/model_catalog/db_constants.py

@@ -191,11 +191,12 @@
 }
 
 # SQL query for accuracy sorting database validation
-# Returns an ordered list of model names (context names) that have accuracy metrics.
+# Returns an ordered list of model display names that have accuracy metrics.
+# Context names are stored as "source_id:display_name", so we strip the prefix
+# using SUBSTRING to match the display names returned by the API.
 # Models are ordered by their overall_average (accuracy) value from artifact properties.
-# Only returns the model name column for easy comparison with API results.
 GET_MODELS_BY_ACCURACY_DB_QUERY = """
-SELECT c.name
+SELECT SUBSTRING(c.name FROM STRPOS(c.name, ':') + 1) AS display_name
 FROM "ArtifactProperty" ap
 JOIN "Artifact" a ON a.id = ap.artifact_id
 JOIN "Attribution" attr ON attr.artifact_id = a.id
@@ -205,12 +206,14 @@
 """
 
 # SQL query for accuracy sorting with task filter database validation
-# Returns an ordered list of model names (context names) that have accuracy metrics
+# Returns an ordered list of model display names that have accuracy metrics
 # and match the specified task filter.
+# Context names are stored as "source_id:display_name", so we strip the prefix
+# using SUBSTRING to match the display names returned by the API.
 # Models are ordered by their overall_average (accuracy) value from artifact properties.
 # The tasks field is stored as a JSON array, so we use LIKE pattern matching
 GET_MODELS_BY_ACCURACY_WITH_TASK_FILTER_DB_QUERY = """
-SELECT c.name
+SELECT SUBSTRING(c.name FROM STRPOS(c.name, ':') + 1) AS display_name
 FROM "ArtifactProperty" ap
 JOIN "Artifact" a ON a.id = ap.artifact_id
 JOIN "Attribution" attr ON attr.artifact_id = a.id

tests/model_registry/model_catalog/huggingface/test_huggingface_model_sorting.py

@@ -28,8 +28,8 @@ class TestHuggingFaceModelsSorting:
         [
             ("ID", "ASC"),
             ("ID", "DESC"),
-            pytest.param("NAME", "ASC", marks=pytest.mark.xfail(reason="RHOAIENG-54579")),
-            pytest.param("NAME", "DESC", marks=pytest.mark.xfail(reason="RHOAIENG-54579")),
+            ("NAME", "ASC"),
+            ("NAME", "DESC"),
             ("CREATE_TIME", "ASC"),
             ("CREATE_TIME", "DESC"),
             ("LAST_UPDATE_TIME", "ASC"),

tests/model_registry/model_catalog/sorting/test_model_sorting.py

@@ -32,7 +32,6 @@ class TestAccuracySorting:
         ],
     )
     @pytest.mark.tier1
-    @pytest.mark.xfail(reason="RHOAIENG-54579")
     def test_accuracy_sorting_works_correctly(
         self: Self,
         admin_client: DynamicClient,

tests/model_serving/maas_billing/maas_subscription/conftest.py

@@ -24,21 +24,25 @@
 from tests.model_serving.maas_billing.maas_subscription.utils import (
     MAAS_DB_NAMESPACE,
     MAAS_SUBSCRIPTION_NAMESPACE,
+    create_and_yield_api_key_id,
     create_api_key,
     create_maas_subscription,
     get_maas_postgres_resources,
     patch_llmisvc_with_maas_router_and_tiers,
+    resolve_api_key_username,
     revoke_api_key,
+    wait_for_auth_ready,
     wait_for_postgres_connection_log,
     wait_for_postgres_deployment_ready,
 )
 from tests.model_serving.maas_billing.utils import build_maas_headers
 from utilities.constants import DscComponents
 from utilities.general import generate_random_name
-from utilities.infra import create_inference_token, create_ns, login_with_user_password
+from utilities.infra import create_inference_token, create_ns, get_openshift_token, login_with_user_password
 from utilities.llmd_constants import ContainerImages, ModelStorage
 from utilities.llmd_utils import create_llmisvc
 from utilities.plugins.constant import OpenAIEnpoints
+from utilities.resources.auth import Auth
 
 LOGGER = get_logger(name=__name__)
 
@@ -662,22 +666,91 @@ def active_api_key_id(
     """
     Create a single active API key and return its ID for revoke tests.
     """
-    key_name = f"e2e-fixture-key-{generate_random_name()}"
-    _, body = create_api_key(
+    yield from create_and_yield_api_key_id(
+        request_session_http=request_session_http,
         base_url=base_url,
         ocp_user_token=ocp_token_for_actor,
-        request_session_http=request_session_http,
-        api_key_name=key_name,
+        key_name_prefix="e2e-fixture-key",
     )
-    LOGGER.info(f"active_api_key_id: created key id={body['id']}")
-    yield body["id"]
-    LOGGER.info(f"Fixture teardown: revoking key {body['id']}")
-    revoke_api_key(
+
+
+@pytest.fixture(scope="function")
+def free_user_username(
+    request_session_http: requests.Session,
+    base_url: str,
+    ocp_token_for_actor: str,
+    active_api_key_id: str,
+) -> str:
+    """Resolve and return the free (non-admin) actor's username from their active API key."""
+    username = resolve_api_key_username(
         request_session_http=request_session_http,
         base_url=base_url,
-        key_id=body["id"],
+        key_id=active_api_key_id,
         ocp_user_token=ocp_token_for_actor,
     )
+    LOGGER.info(f"free_user_username: resolved username from key id={active_api_key_id}")
+    return username
+
+
+@pytest.fixture(scope="function")
+def admin_username(
+    request_session_http: requests.Session,
+    base_url: str,
+    admin_ocp_token: str,
+    admin_active_api_key_id: str,
+) -> str:
+    """Resolve and return the admin actor's username from their active API key."""
+    username = resolve_api_key_username(
+        request_session_http=request_session_http,
+        base_url=base_url,
+        key_id=admin_active_api_key_id,
+        ocp_user_token=admin_ocp_token,
+    )
+    LOGGER.info(f"admin_username: resolved username from key id={admin_active_api_key_id}")
+    return username
+
+
+@pytest.fixture(scope="function")
+def admin_active_api_key_id(
+    request_session_http: requests.Session,
+    base_url: str,
+    admin_ocp_token: str,
+) -> Generator[str, Any, Any]:
+    """Create an active API key as the admin user, yield its ID, and revoke on teardown."""
+    yield from create_and_yield_api_key_id(
+        request_session_http=request_session_http,
+        base_url=base_url,
+        ocp_user_token=admin_ocp_token,
+        key_name_prefix="e2e-authz-admin",
+    )
+
+
+@pytest.fixture(scope="class")
+def admin_ocp_token(admin_client: DynamicClient) -> Generator[str, Any, Any]:
+    """Temporarily adds dedicated-admins to Auth CR adminGroups so the admin token is recognised by MaaS."""
+    auth = Auth(client=admin_client, name="auth")
+    current_groups: list[str] = list(auth.instance.spec.adminGroups or [])
+    patched_groups = list(set(current_groups + ["dedicated-admins"]))
+
+    auth_conditions = (auth.instance.status or {}).get("conditions") or []
+    ready_before = next(
+        (condition for condition in auth_conditions if condition.get("type") == "Ready"),
+        {},
+    )
+    baseline_time: str = ready_before.get("lastTransitionTime", "")
+
+    LOGGER.info(f"admin_ocp_token: patching Auth CR adminGroups to {patched_groups}")
+    with ResourceEditor(patches={auth: {"spec": {"adminGroups": patched_groups}}}):
+        wait_for_auth_ready(auth=auth, baseline_time=baseline_time)
+        auth_conditions_after = (auth.instance.status or {}).get("conditions") or []
+        ready_after = next(
+            (condition for condition in auth_conditions_after if condition.get("type") == "Ready"),
+            {},
+        )
+        cleanup_baseline_time: str = ready_after.get("lastTransitionTime", "")
+        yield get_openshift_token(client=admin_client)
+
+    wait_for_auth_ready(auth=auth, baseline_time=cleanup_baseline_time)
 
 
 @pytest.fixture(scope="function")