[RHOAIENG-4191] - odh-model-controller should tolerate missing Authorino

config/rbac/role.yaml

@@ -45,6 +45,14 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - datasciencecluster.opendatahub.io
+  resources:
+  - datascienceclusters
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - extensions
   resources:

controllers/inferenceservice_controller.go

@@ -17,7 +17,6 @@ package controllers
 
 import (
 	"context"
-
 	"github.com/go-logr/logr"
 	kservev1alpha1 "github.com/kserve/kserve/pkg/apis/serving/v1alpha1"
 	kservev1beta1 "github.com/kserve/kserve/pkg/apis/serving/v1beta1"
@@ -122,7 +121,6 @@ func (r *OpenshiftInferenceServiceReconciler) SetupWithManager(mgr ctrl.Manager)
 		Owns(&networkingv1.NetworkPolicy{}).
 		Owns(&monitoringv1.ServiceMonitor{}).
 		Owns(&monitoringv1.PodMonitor{}).
-		Owns(&authorinov1beta2.AuthConfig{}).
 		Watches(&source.Kind{Type: &kservev1alpha1.ServingRuntime{}},
 			handler.EnqueueRequestsFromMapFunc(func(o client.Object) []reconcile.Request {
 				r.log.Info("Reconcile event triggered by serving runtime: " + o.GetName())
@@ -152,7 +150,22 @@ func (r *OpenshiftInferenceServiceReconciler) SetupWithManager(mgr ctrl.Manager)
 				}
 				return reconcileRequests
 			}))
-	err := builder.Complete(r)
+
+	// check if kserve is enabled, otherwise don't require Authorino.
+	enabled, err := utils.VerifyIfComponentIsEnabled(context.TODO(), r.client, "kserve")
+	if err != nil {
+		r.log.V(1).Error(err, "could not determine if kserve is enabled, default is enabled")
+		enabled = true
+	}
+
+	if enabled {
+		builder.Owns(&authorinov1beta2.AuthConfig{})
+		r.log.Info("kserve component is enabled, Authorino is required")
+	} else {
+		r.log.Info("kserve component is disabled, ignoring Authorino requirement")
+	}
+
+	err = builder.Complete(r)
 	if err != nil {
 		return err
 	}

controllers/utils/utils.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"os"
 	"reflect"
 
@@ -23,6 +24,8 @@ var (
 const (
 	inferenceServiceDeploymentModeAnnotation = "serving.kserve.io/deploymentMode"
 	KserveConfigMapName                      = "inferenceservice-config"
+	dataScienceClusterKind                   = "DataScienceCluster"
+	dataScienceClusterApiVersion             = "datasciencecluster.opendatahub.io/v1"
 )
 
 func GetDeploymentModeForIsvc(ctx context.Context, cli client.Client, isvc *kservev1beta1.InferenceService) (IsvcDeploymentMode, error) {
@@ -69,6 +72,31 @@ func GetDeploymentModeForIsvc(ctx context.Context, cli client.Client, isvc *kser
 	}
 }
 
+// VerifyIfComponentIsEnabled will query the DCS in the cluster and see if the desired componentName is enabled
+func VerifyIfComponentIsEnabled(ctx context.Context, cli client.Client, componentName string) (bool, error) {
+	// Query the custom object
+	objectList := &unstructured.UnstructuredList{}
+	objectList.SetAPIVersion(dataScienceClusterApiVersion)
+	objectList.SetKind(dataScienceClusterKind)
+
+	if err := cli.List(ctx, objectList); err != nil {
+		return false, fmt.Errorf("not able to read %s: %w", objectList, err)
+	}
+
+	// there must be only one dsc
+	if len(objectList.Items) == 1 {
+		fields := []string{"spec", "components", componentName, "managementState"}
+		val, _, err := unstructured.NestedString(objectList.Items[0].Object, fields...)
+		if err != nil {
+			return false, fmt.Errorf("failed to retrieve the component [%s] status from %+v",
+				componentName, objectList.Items[0])
+		}
+		return val == "Managed", nil
+	} else {
+		return false, fmt.Errorf("there is no %s available in the cluster", dataScienceClusterKind)
+	}
+}
+
 func IsNil(i any) bool {
 	return reflect.ValueOf(i).IsNil()
 }

main.go

@@ -68,6 +68,7 @@ func init() { //nolint:gochecknoinits //reason this way we ensure schemes are al
 // +kubebuilder:rbac:groups="",resources=namespaces;pods;services;endpoints,verbs=get;list;watch;create;update;patch
 // +kubebuilder:rbac:groups="",resources=secrets;configmaps;serviceaccounts,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=authorino.kuadrant.io,resources=authconfigs,verbs=get;list;watch;create;update;patch;delete
+// +kubebuilder:rbac:groups=datasciencecluster.opendatahub.io,resources=datascienceclusters,verbs=get;list;watch
 
 func getEnvAsBool(name string, defaultValue bool) bool {
 	valStr := os.Getenv(name)