addressed comments

Author: jrobertboos

docker-compose-library.yaml

@@ -30,8 +30,6 @@ services:
         condition: service_healthy
       mock-mcp:
         condition: service_healthy
-      mock-tls-inference:
-        condition: service_healthy
     networks:
       - lightspeednet
     volumes:
@@ -42,7 +40,6 @@ services:
       - ./tests/e2e/rag:/opt/app-root/src/.llama/storage/rag:Z
       - ./tests/e2e/secrets/mcp-token:/tmp/mcp-token:ro
       - ./tests/e2e/secrets/invalid-mcp-token:/tmp/invalid-mcp-token:ro
-      - mock-tls-certs:/certs:ro
     environment:
       # LLM Provider API Keys
       - BRAVE_SEARCH_API_KEY=${BRAVE_SEARCH_API_KEY:-}
@@ -116,31 +113,9 @@ services:
       retries: 3
       start_period: 2s
 
-  # Mock TLS inference server for TLS E2E tests
-  mock-tls-inference:
-    build:
-      context: ./tests/e2e/mock_tls_inference_server
-      dockerfile: Dockerfile
-    container_name: mock-tls-inference
-    ports:
-      - "8443:8443"
-      - "8444:8444"
-      - "8445:8445"
-    networks:
-      - lightspeednet
-    volumes:
-      - mock-tls-certs:/certs
-    healthcheck:
-      test: ["CMD", "python", "-c", "import urllib.request,ssl;c=ssl.create_default_context();c.check_hostname=False;c.verify_mode=ssl.CERT_NONE;urllib.request.urlopen('https://localhost:8443/health',context=c)"]
-      interval: 5s
-      timeout: 3s
-      retries: 3
-      start_period: 5s
-
 
 networks:
   lightspeednet:
     driver: bridge
 
-volumes:
-  mock-tls-certs:
+volumes: {}

tests/e2e/configuration/library-mode/lightspeed-stack-tls.yaml

@@ -14,7 +14,6 @@
 import datetime
 import json
 import ssl
-import sys
 import threading
 import time
 from http.server import BaseHTTPRequestHandler, ThreadingHTTPServer
@@ -26,6 +25,9 @@
 from cryptography.x509 import CertificateBuilder, random_serial_number
 
 MODEL_ID = "mock-tls-model"
+TLS_PORT = 8443
+MTLS_PORT = 8444
+HOSTNAME_MISMATCH_PORT = 8445
 
 
 class OpenAIHandler(BaseHTTPRequestHandler):
@@ -199,9 +201,6 @@ def main() -> None:
     Generates certificates on-the-fly using trustme and exports the CA cert
     to /certs/ca.crt and client cert to /certs/client.* for use by tests.
     """
-    tls_port = int(sys.argv[1]) if len(sys.argv) > 1 else 8443
-    mtls_port = int(sys.argv[2]) if len(sys.argv) > 2 else 8444
-
     print("=" * 60)
     print("Generating TLS certificates with trustme...")
     print("=" * 60)
@@ -262,20 +261,18 @@ def main() -> None:
     print("Starting servers...")
     print("=" * 60)
 
-    hostname_mismatch_port = int(sys.argv[3]) if len(sys.argv) > 3 else 8445
-
     # Create TLS server (no client cert required)
-    tls_server = ThreadingHTTPServer(("", tls_port), OpenAIHandler)
+    tls_server = ThreadingHTTPServer(("", TLS_PORT), OpenAIHandler)
     tls_ctx = _make_tls_context(ca, server_cert, require_client_cert=False)
     tls_server.socket = tls_ctx.wrap_socket(tls_server.socket, server_side=True)
 
     # Create mTLS server (client cert required)
-    mtls_server = ThreadingHTTPServer(("", mtls_port), OpenAIHandler)
+    mtls_server = ThreadingHTTPServer(("", MTLS_PORT), OpenAIHandler)
     mtls_ctx = _make_tls_context(ca, server_cert, require_client_cert=True)
     mtls_server.socket = mtls_ctx.wrap_socket(mtls_server.socket, server_side=True)
 
     # Create hostname-mismatch TLS server (cert SAN ≠ connecting hostname)
-    mismatch_server = ThreadingHTTPServer(("", hostname_mismatch_port), OpenAIHandler)
+    mismatch_server = ThreadingHTTPServer(("", HOSTNAME_MISMATCH_PORT), OpenAIHandler)
     mismatch_ctx = _make_tls_context(
         ca, hostname_mismatch_cert, require_client_cert=False
     )
@@ -286,30 +283,25 @@ def main() -> None:
     print("=" * 60)
     print("Mock TLS Inference Server")
     print("=" * 60)
-    print(f"  TLS      : https://localhost:{tls_port}  (no client cert)")
-    print(f"  mTLS     : https://localhost:{mtls_port}  (client cert required)")
+    print(f"  TLS      : https://localhost:{TLS_PORT}  (no client cert)")
+    print(f"  mTLS     : https://localhost:{MTLS_PORT}  (client cert required)")
     print(
-        f"  Mismatch : https://localhost:{hostname_mismatch_port}"
+        f"  Mismatch : https://localhost:{HOSTNAME_MISMATCH_PORT}"
         "  (hostname-mismatch cert)"
     )
     print(f"  Model: {MODEL_ID}")
     print("=" * 60)
 
     for srv, label in [
-        (tls_server, f"TLS  :{tls_port}"),
-        (mtls_server, f"mTLS :{mtls_port}"),
-        (mismatch_server, f"Mismatch :{hostname_mismatch_port}"),
+        (tls_server, f"TLS  :{TLS_PORT}"),
+        (mtls_server, f"mTLS :{MTLS_PORT}"),
+        (mismatch_server, f"Mismatch :{HOSTNAME_MISMATCH_PORT}"),
     ]:
         t = threading.Thread(target=_run_server, args=(srv, label), daemon=True)
         t.start()
 
-    try:
-        while True:
-            time.sleep(3600)
-    except KeyboardInterrupt:
-        print("\nShutting down...")
-        tls_server.shutdown()
-        mtls_server.shutdown()
+    # Keep main thread alive (daemon threads run until container stops)
+    threading.Event().wait()
 
 
 if __name__ == "__main__":

tests/e2e/mock_tls_inference_server/server.py

@@ -1,23 +1 @@
-features/faiss.feature
-features/inline_rag.feature
-features/smoketests.feature
-features/authorized_noop.feature
-features/authorized_noop_token.feature
-features/authorized_rh_identity.feature
-features/rbac.feature
-features/conversations.feature
-features/conversation_cache_v2.feature
-features/feedback.feature
-features/health.feature
-features/info.feature
-features/responses.feature
-features/responses_streaming.feature
-features/query.feature
-features/rlsapi_v1.feature
-features/rlsapi_v1_errors.feature
-features/streaming_query.feature
-features/rest_api.feature
-features/mcp.feature
-features/models.feature
-features/proxy.feature
 features/tls.feature