fix: use secretKeyRef for VLLM tokens and AWS credentials to prevent credential leaks in logs (#1248)

Move VLLM_API_TOKEN and VLLM_EMBEDDING_API_TOKEN from plain env var
values to K8s secretKeyRef, matching the existing pattern used for
POSTGRES_PASSWORD. Add both tokens to
LLAMA_STACK_DISTRIBUTION_SECRET_DATA
and relocate the dict after all secret variables are defined.

Add AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to the
llamastack-distribution-secret and reference them via secretKeyRef
instead of passing plaintext values, consistent with the VLLM token
handling.

Signed-off-by: Ignas Baranauskas <ibaranau@redhat.com>
Co-authored-by: Jorge <jgarciao@users.noreply.github.com>

Author: Ygnas

tests/fixtures/files.py

@@ -63,11 +63,13 @@ def _factory(provider_name: str) -> list[Dict[str, str]]:
             })
             env_vars.append({
                 "name": "AWS_ACCESS_KEY_ID",
-                "value": request.getfixturevalue(argname="aws_access_key_id"),
+                "valueFrom": {"secretKeyRef": {"name": "llamastack-distribution-secret", "key": "aws-access-key-id"}},
             })
             env_vars.append({
                 "name": "AWS_SECRET_ACCESS_KEY",
-                "value": request.getfixturevalue(argname="aws_secret_access_key"),
+                "valueFrom": {
+                    "secretKeyRef": {"name": "llamastack-distribution-secret", "key": "aws-secret-access-key"}
+                },
             })
             env_vars.append({"name": "S3_AUTO_CREATE_BUCKET", "value": S3_AUTO_CREATE_BUCKET})
 

tests/llama_stack/conftest.py

@@ -44,11 +44,6 @@
 POSTGRESQL_USER = os.getenv("LLS_VECTOR_IO_POSTGRESQL_USER", "ps_user")
 POSTGRESQL_PASSWORD = os.getenv("LLS_VECTOR_IO_POSTGRESQL_PASSWORD", "ps_password")
 
-LLAMA_STACK_DISTRIBUTION_SECRET_DATA = {
-    "postgres-user": POSTGRESQL_USER,
-    "postgres-password": POSTGRESQL_PASSWORD,
-}
-
 LLS_CORE_INFERENCE_MODEL = os.getenv("LLS_CORE_INFERENCE_MODEL", "")
 LLS_CORE_VLLM_URL = os.getenv("LLS_CORE_VLLM_URL", "")
 LLS_CORE_VLLM_API_TOKEN = os.getenv("LLS_CORE_VLLM_API_TOKEN", "")
@@ -64,6 +59,18 @@
 LLS_CORE_VLLM_EMBEDDING_MAX_TOKENS = os.getenv("LLS_CORE_VLLM_EMBEDDING_MAX_TOKENS", "8192")
 LLS_CORE_VLLM_EMBEDDING_TLS_VERIFY = os.getenv("LLS_CORE_VLLM_EMBEDDING_TLS_VERIFY", "true")
 
+LLS_CORE_AWS_ACCESS_KEY_ID = os.getenv("AWS_ACCESS_KEY_ID", "")
+LLS_CORE_AWS_SECRET_ACCESS_KEY = os.getenv("AWS_SECRET_ACCESS_KEY", "")
+
+LLAMA_STACK_DISTRIBUTION_SECRET_DATA = {
+    "postgres-user": POSTGRESQL_USER,
+    "postgres-password": POSTGRESQL_PASSWORD,
+    "vllm-api-token": LLS_CORE_VLLM_API_TOKEN,
+    "vllm-embedding-api-token": LLS_CORE_VLLM_EMBEDDING_API_TOKEN,
+    "aws-access-key-id": LLS_CORE_AWS_ACCESS_KEY_ID,
+    "aws-secret-access-key": LLS_CORE_AWS_SECRET_ACCESS_KEY,
+}
+
 IBM_EARNINGS_DOC_URL = "https://www.ibm.com/downloads/documents/us-en/1550f7eea8c0ded6"
 
 UPGRADE_DISTRIBUTION_NAME = "llama-stack-distribution-upgrade"
@@ -167,11 +174,12 @@ def test_with_remote_milvus(llama_stack_server_config):
         inference_model = LLS_CORE_INFERENCE_MODEL
     env_vars.append({"name": "INFERENCE_MODEL", "value": inference_model})
 
-    if params.get("vllm_api_token"):
-        vllm_api_token = str(params.get("vllm_api_token"))
-    else:
-        vllm_api_token = LLS_CORE_VLLM_API_TOKEN
-    env_vars.append({"name": "VLLM_API_TOKEN", "value": vllm_api_token})
+    env_vars.append(
+        {
+            "name": "VLLM_API_TOKEN",
+            "valueFrom": {"secretKeyRef": {"name": "llamastack-distribution-secret", "key": "vllm-api-token"}},
+        },
+    )
 
     if params.get("vllm_url_fixture"):
         vllm_url = str(request.getfixturevalue(argname=params.get("vllm_url_fixture")))
@@ -196,7 +204,14 @@ def test_with_remote_milvus(llama_stack_server_config):
         env_vars.append({"name": "EMBEDDING_MODEL", "value": LLS_CORE_EMBEDDING_MODEL})
         env_vars.append({"name": "EMBEDDING_PROVIDER_MODEL_ID", "value": LLS_CORE_EMBEDDING_PROVIDER_MODEL_ID})
         env_vars.append({"name": "VLLM_EMBEDDING_URL", "value": LLS_CORE_VLLM_EMBEDDING_URL})
-        env_vars.append({"name": "VLLM_EMBEDDING_API_TOKEN", "value": LLS_CORE_VLLM_EMBEDDING_API_TOKEN})
+        env_vars.append(
+            {
+                "name": "VLLM_EMBEDDING_API_TOKEN",
+                "valueFrom": {
+                    "secretKeyRef": {"name": "llamastack-distribution-secret", "key": "vllm-embedding-api-token"}
+                },
+            },
+        )
         env_vars.append({"name": "VLLM_EMBEDDING_MAX_TOKENS", "value": LLS_CORE_VLLM_EMBEDDING_MAX_TOKENS})
         env_vars.append({"name": "VLLM_EMBEDDING_TLS_VERIFY", "value": LLS_CORE_VLLM_EMBEDDING_TLS_VERIFY})
     elif embedding_provider == "sentence-transformers":