From df47c3363ba10b00f36c31b6edaa767ae8317033 Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Thu, 28 Nov 2024 09:55:24 +0100
Subject: [PATCH 1/6] feat: make the session secret mount location configurable

---
 .../SessionSecrets/ProjectSessionSecrets.tsx        | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
index 2f0565979..4a5bf3609 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
@@ -22,6 +22,7 @@ import { useMemo } from "react";
 import { Key, Lock, ShieldLock } from "react-bootstrap-icons";
 import {
   Badge,
+  Button,
   Card,
   CardBody,
   CardHeader,
@@ -99,7 +100,7 @@ export default function ProjectSessionSecrets() {
           )}
         >
           <div className={cx("align-items-center", "d-flex")}>
-            <h4 className={cx("m-0", "me-2")}>
+            <h4 className="me-2">
               <ShieldLock className={cx("me-1", "bi")} />
               Session Secrets
             </h4>
@@ -116,10 +117,18 @@ export default function ProjectSessionSecrets() {
           </div>
         </div>
 
-        <p className="mb-0">
+        <p className="mb-1">
           Use session secrets to connect to resources from inside a session that
           require a password or credential.
         </p>
+        <div className={cx("align-items-center", "d-flex", "gap-2")}>
+          <p className="mb-0">
+            Session secrets will be mounted at <code>{"/secrets"}</code>.
+          </p>
+          <Button color="outline-primary" size="sm">
+            Update the secrets mount location
+          </Button>
+        </div>
 
         {!userLogged && (
           <InfoAlert

From 6af564bb5f542c80a9c15a5633d1ebce821c5951 Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Thu, 28 Nov 2024 11:11:34 +0100
Subject: [PATCH 2/6] wip: configure secrets location

---
 .../SessionSecrets/AddSessionSecretButton.tsx |  10 +-
 .../SessionSecrets/ProjectSessionSecrets.tsx  |  37 ++--
 .../SessionSecrets/SessionSecretActions.tsx   |  11 +-
 .../UpdateSecretsMountDirectoryButton.tsx     | 158 ++++++++++++++++++
 .../SessionSecrets/fields/FilenameField.tsx   |  23 ++-
 .../features/projectsV2/api/projectV2.api.ts  |   5 +
 .../projectsV2/api/projectV2.openapi.json     |  26 ++-
 .../fields/SecretsMountDirectoryField.tsx     |  69 ++++++++
 8 files changed, 319 insertions(+), 20 deletions(-)
 create mode 100644 client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
 create mode 100644 client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx

diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/AddSessionSecretButton.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/AddSessionSecretButton.tsx
index 78f7b6d71..1fb3e71a3 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/AddSessionSecretButton.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/AddSessionSecretButton.tsx
@@ -65,7 +65,8 @@ interface AddSessionSecretModalProps {
 
 function AddSessionSecretModal({ isOpen, toggle }: AddSessionSecretModalProps) {
   const { project } = useProject();
-  const { id: projectId } = project;
+  const { id: projectId, secrets_mount_directory: secretsMountDirectory } =
+    project;
 
   const [postSessionSecretSlot, result] = usePostSessionSecretSlotsMutation();
 
@@ -132,7 +133,12 @@ function AddSessionSecretModal({ isOpen, toggle }: AddSessionSecretModalProps) {
             errors={errors}
             name="description"
           />
-          <FilenameField control={control} errors={errors} name="filename" />
+          <FilenameField
+            control={control}
+            errors={errors}
+            name="filename"
+            secretsMountDirectory={secretsMountDirectory}
+          />
         </ModalBody>
         <ModalFooter>
           <Button color="outline-primary" onClick={toggle}>
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
index 4a5bf3609..d78cd76fb 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
@@ -22,7 +22,6 @@ import { useMemo } from "react";
 import { Key, Lock, ShieldLock } from "react-bootstrap-icons";
 import {
   Badge,
-  Button,
   Card,
   CardBody,
   CardHeader,
@@ -33,8 +32,8 @@ import {
 } from "reactstrap";
 
 import { InfoAlert } from "../../../../components/Alert";
-import { Loader } from "../../../../components/Loader";
 import { RtkOrNotebooksError } from "../../../../components/errors/RtkErrorAlert";
+import { Loader } from "../../../../components/Loader";
 import useLegacySelector from "../../../../utils/customHooks/useLegacySelector.hook";
 import PermissionsGuard from "../../../permissionsV2/PermissionsGuard";
 import type {
@@ -51,6 +50,7 @@ import AddSessionSecretButton from "./AddSessionSecretButton";
 import SessionSecretActions from "./SessionSecretActions";
 import type { SessionSecretSlotWithSecret } from "./sessionSecrets.types";
 import { getSessionSecretSlotsWithSecrets } from "./sessionSecrets.utils";
+import UpdateSecretsMountDirectoryButton from "./UpdateSecretsMountDirectoryButton";
 
 export default function ProjectSessionSecrets() {
   const userLogged = useLegacySelector<boolean>(
@@ -58,7 +58,8 @@ export default function ProjectSessionSecrets() {
   );
 
   const { project } = useProject();
-  const { id: projectId } = project;
+  const { id: projectId, secrets_mount_directory: secretsMountDirectory } =
+    project;
   const permissions = useProjectPermissions({ projectId });
   const {
     data: sessionSecretSlots,
@@ -84,6 +85,7 @@ export default function ProjectSessionSecrets() {
     </>
   ) : (
     <ProjectSessionSecretsContent
+      secretsMountDirectory={secretsMountDirectory}
       sessionSecretSlots={sessionSecretSlots}
       sessionSecrets={sessionSecrets ?? []}
     />
@@ -96,11 +98,12 @@ export default function ProjectSessionSecrets() {
           className={cx(
             "align-items-center",
             "d-flex",
-            "justify-content-between"
+            "justify-content-between",
+            "mb-2"
           )}
         >
           <div className={cx("align-items-center", "d-flex")}>
-            <h4 className="me-2">
+            <h4 className={cx("m-0", "me-2")}>
               <ShieldLock className={cx("me-1", "bi")} />
               Session Secrets
             </h4>
@@ -123,11 +126,15 @@ export default function ProjectSessionSecrets() {
         </p>
         <div className={cx("align-items-center", "d-flex", "gap-2")}>
           <p className="mb-0">
-            Session secrets will be mounted at <code>{"/secrets"}</code>.
+            Session secrets will be mounted at{" "}
+            <code>{secretsMountDirectory}</code>.
           </p>
-          <Button color="outline-primary" size="sm">
-            Update the secrets mount location
-          </Button>
+          <PermissionsGuard
+            disabled={null}
+            enabled={<UpdateSecretsMountDirectoryButton />}
+            requestedPermission="write"
+            userPermissions={permissions}
+          />
         </div>
 
         {!userLogged && (
@@ -150,11 +157,13 @@ export default function ProjectSessionSecrets() {
 }
 
 interface ProjectSessionSecretsContentProps {
+  secretsMountDirectory: string;
   sessionSecretSlots: SessionSecretSlot[];
   sessionSecrets: SessionSecret[];
 }
 
 function ProjectSessionSecretsContent({
+  secretsMountDirectory,
   sessionSecretSlots,
   sessionSecrets,
 }: ProjectSessionSecretsContentProps) {
@@ -173,6 +182,7 @@ function ProjectSessionSecretsContent({
       {sessionSecretSlotsWithSecrets.map((secretSlot) => (
         <SessionSecretSlotItem
           key={secretSlot.secretSlot.id}
+          secretsMountDirectory={secretsMountDirectory}
           secretSlot={secretSlot}
         />
       ))}
@@ -181,11 +191,16 @@ function ProjectSessionSecretsContent({
 }
 
 interface SessionSecretSlotItemProps {
+  secretsMountDirectory: string;
   secretSlot: SessionSecretSlotWithSecret;
 }
 
-function SessionSecretSlotItem({ secretSlot }: SessionSecretSlotItemProps) {
+function SessionSecretSlotItem({
+  secretsMountDirectory,
+  secretSlot,
+}: SessionSecretSlotItemProps) {
   const { filename, name, description } = secretSlot.secretSlot;
+  const fullPath = `${secretsMountDirectory}/${filename}`;
 
   return (
     <ListGroupItem action data-cy="session-secret-slot-item">
@@ -222,7 +237,7 @@ function SessionSecretSlotItem({ secretSlot }: SessionSecretSlotItemProps) {
             )}
           </div>
           <div>
-            filename: <code>{filename}</code>
+            Location in sessions: <code>{fullPath}</code>
           </div>
           {description && <p className="mb-0">{description}</p>}
         </Col>
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretActions.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretActions.tsx
index 76738f051..2a635e9bb 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretActions.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretActions.tsx
@@ -52,6 +52,7 @@ import {
   usePatchProjectsByProjectIdSessionSecretsMutation,
   usePatchSessionSecretSlotsBySlotIdMutation,
 } from "../../../projectsV2/api/projectV2.enhanced-api";
+import { useProject } from "../../ProjectPageContainer/ProjectPageContainer";
 import useProjectPermissions from "../../utils/useProjectPermissions.hook";
 import DescriptionField from "./fields/DescriptionField";
 import FilenameField from "./fields/FilenameField";
@@ -242,6 +243,9 @@ function EditSessionSecretModal({
 }: EditSessionSecretModalProps) {
   const { id: slotId } = secretSlot;
 
+  const { project } = useProject();
+  const { secrets_mount_directory: secretsMountDirectory } = project;
+
   const [patchSessionSecretSlot, result] =
     usePatchSessionSecretSlotsBySlotIdMutation();
 
@@ -321,7 +325,12 @@ function EditSessionSecretModal({
             errors={errors}
             name="description"
           />
-          <FilenameField control={control} errors={errors} name="filename" />
+          <FilenameField
+            control={control}
+            errors={errors}
+            name="filename"
+            secretsMountDirectory={secretsMountDirectory}
+          />
         </ModalBody>
         <ModalFooter>
           <Button color="outline-primary" onClick={toggle}>
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
new file mode 100644
index 000000000..6154020d2
--- /dev/null
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
@@ -0,0 +1,158 @@
+/*!
+ * Copyright 2024 - Swiss Data Science Center (SDSC)
+ * A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and
+ * Eidgenössische Technische Hochschule Zürich (ETHZ).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import cx from "classnames";
+import { useCallback, useEffect, useMemo, useState } from "react";
+import { Pencil, XLg } from "react-bootstrap-icons";
+import { useForm } from "react-hook-form";
+import { Button, Form, ModalBody, ModalFooter, ModalHeader } from "reactstrap";
+import { RtkOrNotebooksError } from "../../../../components/errors/RtkErrorAlert";
+import { Loader } from "../../../../components/Loader";
+import ScrollableModal from "../../../../components/modal/ScrollableModal";
+import { usePatchProjectsByProjectIdMutation } from "../../../projectsV2/api/projectV2.enhanced-api";
+import { useProject } from "../../ProjectPageContainer/ProjectPageContainer";
+import SecretsMountDirectoryField from "../../../projectsV2/fields/SecretsMountDirectoryField";
+
+export default function UpdateSecretsMountDirectoryButton() {
+  const [isOpen, setIsOpen] = useState(false);
+  const toggle = useCallback(() => setIsOpen((isOpen) => !isOpen), []);
+
+  return (
+    <>
+      <Button color="outline-primary" onClick={toggle} size="sm">
+        <Pencil className={cx("bi", "me-1")} />
+        Update the secrets mount location
+      </Button>
+      <UpdateSecretsMountDirectoryModal isOpen={isOpen} toggle={toggle} />
+    </>
+  );
+}
+
+interface UpdateSecretsMountDirectoryModalProps {
+  isOpen: boolean;
+  toggle: () => void;
+}
+
+function UpdateSecretsMountDirectoryModal({
+  isOpen,
+  toggle,
+}: UpdateSecretsMountDirectoryModalProps) {
+  const { project } = useProject();
+  const { id: projectId } = project;
+
+  const [patchProject, result] = usePatchProjectsByProjectIdMutation();
+
+  const {
+    control,
+    formState: { errors, isDirty },
+    handleSubmit,
+    reset,
+  } = useForm<UpdateSecretsMountDirectoryFrom>({
+    defaultValues: {
+      secretsMountDirectory: project.secrets_mount_directory,
+    },
+  });
+
+  const submitHandler = useCallback(
+    (data: UpdateSecretsMountDirectoryFrom) => {
+      patchProject({
+        "If-Match": project.etag ?? "",
+        projectId,
+        projectPatch: {
+          secrets_mount_directory: data.secretsMountDirectory,
+        },
+      });
+    },
+    [patchProject, project.etag, projectId]
+  );
+  const onSubmit = useMemo(
+    () => handleSubmit(submitHandler),
+    [handleSubmit, submitHandler]
+  );
+
+  useEffect(() => {
+    reset({
+      secretsMountDirectory: project.secrets_mount_directory,
+    });
+  }, [project, reset]);
+
+  useEffect(() => {
+    if (!isOpen) {
+      reset();
+      result.reset();
+    }
+  }, [isOpen, reset, result]);
+
+  useEffect(() => {
+    if (result.isSuccess) {
+      toggle();
+    }
+  }, [result.isSuccess, toggle]);
+
+  return (
+    <ScrollableModal
+      backdrop="static"
+      centered
+      isOpen={isOpen}
+      size="lg"
+      toggle={toggle}
+    >
+      <Form noValidate onSubmit={onSubmit}>
+        <ModalHeader toggle={toggle}>Update secrets mount location</ModalHeader>
+        <ModalBody>
+          <p>
+            Change the location where secrets will be mounted in sessions. Note
+            that the change will only apply to new sessions.
+          </p>
+
+          {result.error && (
+            <RtkOrNotebooksError error={result.error} dismissible={false} />
+          )}
+
+          <SecretsMountDirectoryField
+            control={control}
+            errors={errors}
+            name="secretsMountDirectory"
+          />
+        </ModalBody>
+        <ModalFooter>
+          <Button color="outline-primary" onClick={toggle}>
+            <XLg className={cx("bi", "me-1")} />
+            Close
+          </Button>
+          <Button
+            color="primary"
+            disabled={!isDirty || result.isLoading}
+            type="submit"
+          >
+            {result.isLoading ? (
+              <Loader className="me-1" inline size={16} />
+            ) : (
+              <Pencil className={cx("bi", "me-1")} />
+            )}
+            Update secrets mount location
+          </Button>
+        </ModalFooter>
+      </Form>
+    </ScrollableModal>
+  );
+}
+
+interface UpdateSecretsMountDirectoryFrom {
+  secretsMountDirectory: string;
+}
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/fields/FilenameField.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/fields/FilenameField.tsx
index 8b4b71e5a..e58ee1d8b 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/fields/FilenameField.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/fields/FilenameField.tsx
@@ -17,21 +17,30 @@
  */
 
 import cx from "classnames";
-import { Controller, type FieldValues } from "react-hook-form";
+import { Controller, useWatch, type FieldValues } from "react-hook-form";
 import { FormText, Input, Label } from "reactstrap";
 
 import type { SessionSecretFormFieldProps } from "./fields.types";
 
-type FilenameFieldProps<T extends FieldValues> = SessionSecretFormFieldProps<T>;
+interface FilenameFieldProps<T extends FieldValues>
+  extends SessionSecretFormFieldProps<T> {
+  secretsMountDirectory: string;
+}
 
 export default function FilenameField<T extends FieldValues>({
   control,
   errors,
   name,
+  secretsMountDirectory,
 }: FilenameFieldProps<T>) {
   const fieldId = `session-secret-${name}`;
   const fieldHelpId = `${fieldId}-help`;
 
+  const watch = useWatch({ control, name });
+  const fullPath = watch
+    ? `${secretsMountDirectory}/${watch}`
+    : `${secretsMountDirectory}/<filename>`;
+
   return (
     <div className="mb-3">
       <Label for={fieldId}>Filename</Label>
@@ -66,8 +75,14 @@ export default function FilenameField<T extends FieldValues>({
         )}
       </div>
       <FormText id={fieldHelpId} tag="div">
-        This is the filename which will be used when mounting the secret inside
-        sessions.
+        <p className="mb-0">
+          This is the filename which will be used when mounting the secret
+          inside sessions.
+        </p>
+        <p className="mb-0">
+          The secret will be populated at:{" "}
+          <code className={cx("bg-secondary-subtle", "p-1")}>{fullPath}</code>.
+        </p>
       </FormText>
     </div>
   );
diff --git a/client/src/features/projectsV2/api/projectV2.api.ts b/client/src/features/projectsV2/api/projectV2.api.ts
index 00c99f683..9d79665a8 100644
--- a/client/src/features/projectsV2/api/projectV2.api.ts
+++ b/client/src/features/projectsV2/api/projectV2.api.ts
@@ -328,6 +328,7 @@ export type Keyword = string;
 export type KeywordsList = Keyword[];
 export type ProjectDocumentation = string;
 export type IsTemplate = boolean;
+export type SecretsMountDirectory = string;
 export type Project = {
   id: Ulid;
   name: ProjectName;
@@ -344,6 +345,7 @@ export type Project = {
   documentation?: ProjectDocumentation;
   template_id?: Ulid;
   is_template?: IsTemplate;
+  secrets_mount_directory: SecretsMountDirectory;
 };
 export type ProjectsList = Project[];
 export type ErrorResponse = {
@@ -374,8 +376,10 @@ export type ProjectPost = {
   description?: Description;
   keywords?: KeywordsList;
   documentation?: ProjectDocumentation;
+  secrets_mount_directory?: SecretsMountDirectory;
 };
 export type WithDocumentation = boolean;
+export type SecretsMountDirectoryPatch = string;
 export type ProjectPatch = {
   name?: ProjectName;
   namespace?: Slug;
@@ -387,6 +391,7 @@ export type ProjectPatch = {
   /** template_id is set when copying a project from a template project and it cannot be modified. This field can be either null or an empty string; a null value won't change it while an empty string value will delete it, meaning that the project is unlinked from its template */
   template_id?: string;
   is_template?: IsTemplate;
+  secrets_mount_directory?: SecretsMountDirectoryPatch;
 };
 export type UserFirstLastName = string;
 export type Role = "viewer" | "editor" | "owner";
diff --git a/client/src/features/projectsV2/api/projectV2.openapi.json b/client/src/features/projectsV2/api/projectV2.openapi.json
index 61937e8b9..fe8a71495 100644
--- a/client/src/features/projectsV2/api/projectV2.openapi.json
+++ b/client/src/features/projectsV2/api/projectV2.openapi.json
@@ -904,6 +904,9 @@
           "is_template": {
             "$ref": "#/components/schemas/IsTemplate",
             "default": false
+          },
+          "secrets_mount_directory": {
+            "$ref": "#/components/schemas/SecretsMountDirectory"
           }
         },
         "required": [
@@ -913,7 +916,8 @@
           "slug",
           "created_by",
           "creation_date",
-          "visibility"
+          "visibility",
+          "secrets_mount_directory"
         ],
         "example": {
           "id": "01AN4Z79ZS5XN0F25N3DB94T4R",
@@ -933,7 +937,8 @@
             }
           ],
           "keywords": ["keyword 1", "keyword 2"],
-          "template_id": "01JC3CB5426KC7P5STS5X3KSS8"
+          "template_id": "01JC3CB5426KC7P5STS5X3KSS8",
+          "secrets_mount_directory": "/secrets"
         }
       },
       "ProjectPost": {
@@ -964,6 +969,9 @@
           },
           "documentation": {
             "$ref": "#/components/schemas/ProjectDocumentation"
+          },
+          "secrets_mount_directory": {
+            "$ref": "#/components/schemas/SecretsMountDirectory"
           }
         },
         "required": ["name", "namespace"]
@@ -1002,6 +1010,9 @@
           },
           "is_template": {
             "$ref": "#/components/schemas/IsTemplate"
+          },
+          "secrets_mount_directory": {
+            "$ref": "#/components/schemas/SecretsMountDirectoryPatch"
           }
         }
       },
@@ -1105,6 +1116,17 @@
         "description": "Shows if a project is a template or not",
         "type": "boolean"
       },
+      "SecretsMountDirectory": {
+        "description": "The location where the secrets will be provided inside sessions, if left unset it will default to `/secrets`.",
+        "type": "string",
+        "minLength": 1,
+        "default": "/secrets",
+        "example": "/secrets"
+      },
+      "SecretsMountDirectoryPatch": {
+        "type": "string",
+        "example": "/secrets"
+      },
       "ProjectMemberListPatchRequest": {
         "description": "List of members and their access level to the project",
         "type": "array",
diff --git a/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx b/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx
new file mode 100644
index 000000000..867e611eb
--- /dev/null
+++ b/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx
@@ -0,0 +1,69 @@
+/*!
+ * Copyright 2024 - Swiss Data Science Center (SDSC)
+ * A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and
+ * Eidgenössische Technische Hochschule Zürich (ETHZ).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import cx from "classnames";
+import { Controller, type FieldValues } from "react-hook-form";
+import { FormText, Input, Label } from "reactstrap";
+
+import { GenericProjectFormFieldProps } from "./formField.types";
+
+type SecretsMountDirectoryFieldProps<T extends FieldValues> =
+  GenericProjectFormFieldProps<T>;
+
+export default function SecretsMountDirectoryField<T extends FieldValues>({
+  control,
+  errors,
+  name,
+}: SecretsMountDirectoryFieldProps<T>) {
+  const fieldId = `project-${name}`;
+  const fieldHelpId = `${fieldId}-help`;
+
+  return (
+    <div className="mb-3">
+      <Label for={fieldId}>Secrets mount location</Label>
+      <Controller
+        name={name}
+        control={control}
+        render={({ field: { ref, ...rest } }) => (
+          <Input
+            className={cx(errors.name && "is-invalid")}
+            id={fieldId}
+            innerRef={ref}
+            placeholder="Secret name, e.g., API Token"
+            type="text"
+            {...rest}
+          />
+        )}
+        rules={{
+          required: "Please provide a location for the secrets",
+        }}
+      />
+      <div className="invalid-feedback">
+        {errors[name]?.message ? (
+          <>{errors[name]?.message}</>
+        ) : (
+          <>Invalid location</>
+        )}
+      </div>
+      <FormText id={fieldHelpId} tag="div">
+        This is the location which will be used when mounting secrets inside
+        sessions.
+      </FormText>
+    </div>
+  );
+}

From f046dcd0a2462d68d51aef17ddd91f39ba2b7dec Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Thu, 28 Nov 2024 11:49:14 +0100
Subject: [PATCH 3/6] allow reset

---
 .../UpdateSecretsMountDirectoryButton.tsx        | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
index 6154020d2..9c82528f4 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/UpdateSecretsMountDirectoryButton.tsx
@@ -18,7 +18,7 @@
 
 import cx from "classnames";
 import { useCallback, useEffect, useMemo, useState } from "react";
-import { Pencil, XLg } from "react-bootstrap-icons";
+import { ArrowCounterclockwise, Pencil, XLg } from "react-bootstrap-icons";
 import { useForm } from "react-hook-form";
 import { Button, Form, ModalBody, ModalFooter, ModalHeader } from "reactstrap";
 import { RtkOrNotebooksError } from "../../../../components/errors/RtkErrorAlert";
@@ -85,6 +85,16 @@ function UpdateSecretsMountDirectoryModal({
     [handleSubmit, submitHandler]
   );
 
+  const onReset = useCallback(() => {
+    patchProject({
+      "If-Match": project.etag ?? "",
+      projectId,
+      projectPatch: {
+        secrets_mount_directory: "",
+      },
+    });
+  }, [patchProject, project.etag, projectId]);
+
   useEffect(() => {
     reset({
       secretsMountDirectory: project.secrets_mount_directory,
@@ -135,6 +145,10 @@ function UpdateSecretsMountDirectoryModal({
             <XLg className={cx("bi", "me-1")} />
             Close
           </Button>
+          <Button color="outline-primary" onClick={onReset}>
+            <ArrowCounterclockwise className={cx("bi", "me-1")} />
+            Reset to default value
+          </Button>
           <Button
             color="primary"
             disabled={!isDirty || result.isLoading}

From 00f26bb61d021a669a7efd5600622254d7af9e17 Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Thu, 28 Nov 2024 13:40:57 +0100
Subject: [PATCH 4/6] provide list of session secrets in launcher offcanvas

---
 .../SessionSecrets/ProjectSessionSecrets.tsx  |  91 +++---------
 .../SessionSecrets/SessionSecretSlotItem.tsx  | 106 ++++++++++++++
 .../SessionViewSessionSecrets.tsx             | 135 ++++++++++++++++++
 .../sessionSecrets.constants.ts               |  19 +++
 .../features/secretsV2/GeneralSecretItem.tsx  |   9 +-
 .../sessionsV2/SessionView/SessionView.tsx    |   5 +-
 6 files changed, 288 insertions(+), 77 deletions(-)
 create mode 100644 client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
 create mode 100644 client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionViewSessionSecrets.tsx
 create mode 100644 client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/sessionSecrets.constants.ts

diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
index d78cd76fb..46fab65f6 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
@@ -18,23 +18,15 @@
 
 import { skipToken } from "@reduxjs/toolkit/query";
 import cx from "classnames";
-import { useMemo } from "react";
-import { Key, Lock, ShieldLock } from "react-bootstrap-icons";
-import {
-  Badge,
-  Card,
-  CardBody,
-  CardHeader,
-  Col,
-  ListGroup,
-  ListGroupItem,
-  Row,
-} from "reactstrap";
+import { useEffect, useMemo, useRef } from "react";
+import { ShieldLock } from "react-bootstrap-icons";
+import { Badge, Card, CardBody, CardHeader, ListGroup } from "reactstrap";
 
 import { InfoAlert } from "../../../../components/Alert";
 import { RtkOrNotebooksError } from "../../../../components/errors/RtkErrorAlert";
 import { Loader } from "../../../../components/Loader";
 import useLegacySelector from "../../../../utils/customHooks/useLegacySelector.hook";
+import useLocationHash from "../../../../utils/customHooks/useLocationHash.hook";
 import PermissionsGuard from "../../../permissionsV2/PermissionsGuard";
 import type {
   SessionSecret,
@@ -47,9 +39,9 @@ import {
 import { useProject } from "../../ProjectPageContainer/ProjectPageContainer";
 import useProjectPermissions from "../../utils/useProjectPermissions.hook";
 import AddSessionSecretButton from "./AddSessionSecretButton";
-import SessionSecretActions from "./SessionSecretActions";
-import type { SessionSecretSlotWithSecret } from "./sessionSecrets.types";
+import { SESSION_SECRETS_CARD_ID } from "./sessionSecrets.constants";
 import { getSessionSecretSlotsWithSecrets } from "./sessionSecrets.utils";
+import SessionSecretSlotItem from "./SessionSecretSlotItem";
 import UpdateSecretsMountDirectoryButton from "./UpdateSecretsMountDirectoryButton";
 
 export default function ProjectSessionSecrets() {
@@ -91,8 +83,20 @@ export default function ProjectSessionSecrets() {
     />
   );
 
+  const ref = useRef<HTMLDivElement>(null);
+  const [hash] = useLocationHash();
+  useEffect(() => {
+    if (hash === SESSION_SECRETS_CARD_ID && !isLoading) {
+      ref.current?.scrollIntoView({ behavior: "smooth" });
+    }
+  }, [hash, isLoading]);
+
   return (
-    <Card data-cy="project-settings-session-secrets">
+    <Card
+      id={SESSION_SECRETS_CARD_ID}
+      data-cy="project-settings-session-secrets"
+      innerRef={ref}
+    >
       <CardHeader>
         <div
           className={cx(
@@ -189,60 +193,3 @@ function ProjectSessionSecretsContent({
     </ListGroup>
   );
 }
-
-interface SessionSecretSlotItemProps {
-  secretsMountDirectory: string;
-  secretSlot: SessionSecretSlotWithSecret;
-}
-
-function SessionSecretSlotItem({
-  secretsMountDirectory,
-  secretSlot,
-}: SessionSecretSlotItemProps) {
-  const { filename, name, description } = secretSlot.secretSlot;
-  const fullPath = `${secretsMountDirectory}/${filename}`;
-
-  return (
-    <ListGroupItem action data-cy="session-secret-slot-item">
-      <Row>
-        <Col>
-          <div className={cx("align-items-center", "d-flex")}>
-            <span className={cx("fw-bold", "me-2")}>{name}</span>
-            {secretSlot.secretId ? (
-              <Badge
-                className={cx(
-                  "border",
-                  "border-success",
-                  "bg-success-subtle",
-                  "text-success-emphasis"
-                )}
-                pill
-              >
-                <Key className={cx("bi", "me-1")} />
-                Secret saved
-              </Badge>
-            ) : (
-              <Badge
-                className={cx(
-                  "border",
-                  "border-dark-subtle",
-                  "bg-light",
-                  "text-dark-emphasis"
-                )}
-                pill
-              >
-                <Lock className={cx("bi", "me-1")} />
-                Secret not provided
-              </Badge>
-            )}
-          </div>
-          <div>
-            Location in sessions: <code>{fullPath}</code>
-          </div>
-          {description && <p className="mb-0">{description}</p>}
-        </Col>
-        <SessionSecretActions secretSlot={secretSlot} />
-      </Row>
-    </ListGroupItem>
-  );
-}
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
new file mode 100644
index 000000000..e00243acd
--- /dev/null
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
@@ -0,0 +1,106 @@
+/*!
+ * Copyright 2024 - Swiss Data Science Center (SDSC)
+ * A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and
+ * Eidgenössische Technische Hochschule Zürich (ETHZ).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import cx from "classnames";
+import { ArrowRight, Key, Lock } from "react-bootstrap-icons";
+import { Badge, Col, ListGroupItem, Row } from "reactstrap";
+
+import { useGetUserSecretByIdQuery } from "../../../usersV2/api/users.api";
+import SessionSecretActions from "./SessionSecretActions";
+import type { SessionSecretSlotWithSecret } from "./sessionSecrets.types";
+
+interface SessionSecretSlotItemProps {
+  secretsMountDirectory: string;
+  secretSlot: SessionSecretSlotWithSecret;
+  noActions?: boolean;
+}
+
+export default function SessionSecretSlotItem({
+  secretsMountDirectory,
+  secretSlot,
+  noActions,
+}: SessionSecretSlotItemProps) {
+  const { filename, name, description } = secretSlot.secretSlot;
+  const fullPath = `${secretsMountDirectory}/${filename}`;
+
+  return (
+    <ListGroupItem action={!noActions} data-cy="session-secret-slot-item">
+      <Row>
+        <Col>
+          <div className={cx("align-items-center", "d-flex")}>
+            <span className={cx("fw-bold", "me-2")}>{name}</span>
+            {secretSlot.secretId ? (
+              <Badge
+                className={cx(
+                  "border",
+                  "border-success",
+                  "bg-success-subtle",
+                  "text-success-emphasis"
+                )}
+                pill
+              >
+                <Key className={cx("bi", "me-1")} />
+                Secret saved
+                <ArrowRight className={cx("bi", "mx-1")} />
+                <SessionSecretSlotItemSecretReference
+                  userSecretId={secretSlot.secretId}
+                />
+              </Badge>
+            ) : (
+              <Badge
+                className={cx(
+                  "border",
+                  "border-dark-subtle",
+                  "bg-light",
+                  "text-dark-emphasis"
+                )}
+                pill
+              >
+                <Lock className={cx("bi", "me-1")} />
+                Secret not provided
+              </Badge>
+            )}
+          </div>
+          <div>
+            Location in sessions: <code>{fullPath}</code>
+          </div>
+          {description && <p className="mb-0">{description}</p>}
+        </Col>
+        {!noActions && <SessionSecretActions secretSlot={secretSlot} />}
+      </Row>
+    </ListGroupItem>
+  );
+}
+
+interface SessionSecretSlotItemSecretReferenceProps {
+  userSecretId: string;
+}
+
+function SessionSecretSlotItemSecretReference({
+  userSecretId,
+}: SessionSecretSlotItemSecretReferenceProps) {
+  const { data: userSecret, error } = useGetUserSecretByIdQuery({
+    secretId: userSecretId,
+  });
+
+  if (error || !userSecret) {
+    return null;
+  }
+
+  return <>{userSecret.name}</>;
+}
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionViewSessionSecrets.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionViewSessionSecrets.tsx
new file mode 100644
index 000000000..8e7108a9e
--- /dev/null
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionViewSessionSecrets.tsx
@@ -0,0 +1,135 @@
+/*!
+ * Copyright 2024 - Swiss Data Science Center (SDSC)
+ * A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and
+ * Eidgenössische Technische Hochschule Zürich (ETHZ).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { skipToken } from "@reduxjs/toolkit/query";
+import cx from "classnames";
+import { ShieldLock } from "react-bootstrap-icons";
+
+import { useMemo } from "react";
+import { Badge, ListGroup } from "reactstrap";
+import { InfoAlert } from "../../../../components/Alert";
+import { RtkOrNotebooksError } from "../../../../components/errors/RtkErrorAlert";
+import { Loader } from "../../../../components/Loader";
+import useLegacySelector from "../../../../utils/customHooks/useLegacySelector.hook";
+import type {
+  SessionSecret,
+  SessionSecretSlot,
+} from "../../../projectsV2/api/projectV2.api";
+import {
+  useGetProjectsByProjectIdSessionSecretSlotsQuery,
+  useGetProjectsByProjectIdSessionSecretsQuery,
+} from "../../../projectsV2/api/projectV2.enhanced-api";
+import { useProject } from "../../ProjectPageContainer/ProjectPageContainer";
+import { getSessionSecretSlotsWithSecrets } from "./sessionSecrets.utils";
+import SessionSecretSlotItem from "./SessionSecretSlotItem";
+
+export default function SessionViewSessionSecrets() {
+  const userLogged = useLegacySelector<boolean>(
+    (state) => state.stateModel.user.logged
+  );
+
+  const { project } = useProject();
+  const { id: projectId, secrets_mount_directory: secretsMountDirectory } =
+    project;
+  const {
+    data: sessionSecretSlots,
+    isLoading: isLoadingSessionSecretSlots,
+    error: sessionSecretSlotsError,
+  } = useGetProjectsByProjectIdSessionSecretSlotsQuery({ projectId });
+  const {
+    data: sessionSecrets,
+    isLoading: isLoadingSessionSecrets,
+    error: sessionSecretsError,
+  } = useGetProjectsByProjectIdSessionSecretsQuery(
+    userLogged ? { projectId } : skipToken
+  );
+  const isLoading = isLoadingSessionSecretSlots || isLoadingSessionSecrets;
+  const error = sessionSecretSlotsError ?? sessionSecretsError;
+
+  const content = isLoading ? (
+    <Loader />
+  ) : error || !sessionSecretSlots || (userLogged && !sessionSecrets) ? (
+    <>
+      <p>Error: could not load this project&apos;s session secrets.</p>
+      {error && <RtkOrNotebooksError error={error} dismissible={false} />}
+    </>
+  ) : (
+    <SessionViewSessionSecretsContent
+      secretsMountDirectory={secretsMountDirectory}
+      sessionSecretSlots={sessionSecretSlots}
+      sessionSecrets={sessionSecrets ?? []}
+    />
+  );
+
+  return (
+    <div>
+      <div className={cx("align-items-center", "d-flex", "mb-2")}>
+        <h4 className={cx("align-items-center", "d-flex", "mb-0", "me-2")}>
+          <ShieldLock className={cx("me-1", "bi")} />
+          Session Secrets
+        </h4>
+        {sessionSecretSlots && <Badge>{sessionSecretSlots.length}</Badge>}
+      </div>
+
+      {!userLogged && sessionSecretSlots && sessionSecretSlots.length > 0 && (
+        <InfoAlert className="mb-2" dismissible={false} timeout={0}>
+          <p className="mb-0">
+            As an anonymous user, you cannot use session secrets.
+          </p>
+        </InfoAlert>
+      )}
+
+      {content}
+    </div>
+  );
+}
+
+interface SessionViewSessionSecretsContentProps {
+  secretsMountDirectory: string;
+  sessionSecretSlots: SessionSecretSlot[];
+  sessionSecrets: SessionSecret[];
+}
+
+function SessionViewSessionSecretsContent({
+  secretsMountDirectory,
+  sessionSecretSlots,
+  sessionSecrets,
+}: SessionViewSessionSecretsContentProps) {
+  const sessionSecretSlotsWithSecrets = useMemo(
+    () =>
+      getSessionSecretSlotsWithSecrets({ sessionSecretSlots, sessionSecrets }),
+    [sessionSecretSlots, sessionSecrets]
+  );
+
+  if (!sessionSecretSlots.length) {
+    return <p className="fst-italic">No session secrets included</p>;
+  }
+
+  return (
+    <ListGroup>
+      {sessionSecretSlotsWithSecrets.map((secretSlot) => (
+        <SessionSecretSlotItem
+          key={secretSlot.secretSlot.id}
+          secretsMountDirectory={secretsMountDirectory}
+          secretSlot={secretSlot}
+          noActions
+        />
+      ))}
+    </ListGroup>
+  );
+}
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/sessionSecrets.constants.ts b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/sessionSecrets.constants.ts
new file mode 100644
index 000000000..9f90dc089
--- /dev/null
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/sessionSecrets.constants.ts
@@ -0,0 +1,19 @@
+/*!
+ * Copyright 2024 - Swiss Data Science Center (SDSC)
+ * A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and
+ * Eidgenössische Technische Hochschule Zürich (ETHZ).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+export const SESSION_SECRETS_CARD_ID = "project-settings-session-secrets";
diff --git a/client/src/features/secretsV2/GeneralSecretItem.tsx b/client/src/features/secretsV2/GeneralSecretItem.tsx
index 159a7aff4..188cce427 100644
--- a/client/src/features/secretsV2/GeneralSecretItem.tsx
+++ b/client/src/features/secretsV2/GeneralSecretItem.tsx
@@ -17,14 +17,15 @@
  */
 
 import cx from "classnames";
-import { Col, ListGroupItem, Row } from "reactstrap";
-
 import { useMemo } from "react";
 import { generatePath, Link } from "react-router-dom-v5-compat";
+import { Col, ListGroupItem, Row } from "reactstrap";
+
 import { RtkOrNotebooksError } from "../../components/errors/RtkErrorAlert";
 import { Loader } from "../../components/Loader";
 import { TimeCaption } from "../../components/TimeCaption";
 import { ABSOLUTE_ROUTES } from "../../routing/routes.constants";
+import { SESSION_SECRETS_CARD_ID } from "../ProjectPageV2/ProjectPageContent/SessionSecrets/sessionSecrets.constants";
 import type {
   Project,
   SessionSecretSlot,
@@ -125,7 +126,7 @@ function GeneralSecretUsedInProject({
     return null;
   }
 
-  const projectUrl = generatePath(ABSOLUTE_ROUTES.v2.projects.show.root, {
+  const projectUrl = generatePath(ABSOLUTE_ROUTES.v2.projects.show.settings, {
     namespace: project.namespace,
     slug: project.slug,
   });
@@ -133,7 +134,7 @@ function GeneralSecretUsedInProject({
   return (
     <li>
       <div>
-        <Link to={projectUrl}>
+        <Link to={{ pathname: projectUrl, hash: SESSION_SECRETS_CARD_ID }}>
           {project.name}
           {" - "}
           <span className="fst-italic">
diff --git a/client/src/features/sessionsV2/SessionView/SessionView.tsx b/client/src/features/sessionsV2/SessionView/SessionView.tsx
index 6c7b3aeda..67406a475 100644
--- a/client/src/features/sessionsV2/SessionView/SessionView.tsx
+++ b/client/src/features/sessionsV2/SessionView/SessionView.tsx
@@ -42,6 +42,7 @@ import {
 import { TimeCaption } from "../../../components/TimeCaption";
 import { CommandCopy } from "../../../components/commandCopy/CommandCopy";
 import { RepositoryItem } from "../../ProjectPageV2/ProjectPageContent/CodeRepositories/CodeRepositoryDisplay";
+import SessionViewSessionSecrets from "../../ProjectPageV2/ProjectPageContent/SessionSecrets/SessionViewSessionSecrets";
 import useProjectPermissions from "../../ProjectPageV2/utils/useProjectPermissions.hook";
 import { useGetDataConnectorsListByDataConnectorIdsQuery } from "../../dataConnectorsV2/api/data-connectors.enhanced-api";
 import {
@@ -466,7 +467,7 @@ export function SessionView({
                 <Badge>{project?.repositories?.length}</Badge>
               )}
             </div>
-            {project?.repositories && project.repositories.length > 0 ? (
+            {project.repositories && project.repositories.length > 0 ? (
               <ListGroup>
                 {project.repositories.map((repositoryUrl, index) => (
                   <RepositoryItem
@@ -483,6 +484,8 @@ export function SessionView({
               </p>
             )}
           </div>
+
+          <SessionViewSessionSecrets />
         </div>
       </OffcanvasBody>
     </Offcanvas>

From 7f289af72c295cdc7352530c115c3ed6161084b5 Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Fri, 6 Dec 2024 13:25:35 +0100
Subject: [PATCH 5/6] update for relative locations

---
 .../SessionSecrets/ProjectSessionSecrets.tsx     |  7 ++++++-
 .../SessionSecrets/SessionSecretSlotItem.tsx     |  6 +++++-
 .../fields/SecretsMountDirectoryField.tsx        | 16 +++++++++++++---
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
index 46fab65f6..ed4579648 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/ProjectSessionSecrets.tsx
@@ -131,7 +131,12 @@ export default function ProjectSessionSecrets() {
         <div className={cx("align-items-center", "d-flex", "gap-2")}>
           <p className="mb-0">
             Session secrets will be mounted at{" "}
-            <code>{secretsMountDirectory}</code>.
+            <code>
+              {secretsMountDirectory.startsWith("/")
+                ? secretsMountDirectory
+                : `<work-dir>/${secretsMountDirectory}`}
+            </code>
+            .
           </p>
           <PermissionsGuard
             disabled={null}
diff --git a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
index e00243acd..74b6f87de 100644
--- a/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
+++ b/client/src/features/ProjectPageV2/ProjectPageContent/SessionSecrets/SessionSecretSlotItem.tsx
@@ -36,7 +36,11 @@ export default function SessionSecretSlotItem({
   noActions,
 }: SessionSecretSlotItemProps) {
   const { filename, name, description } = secretSlot.secretSlot;
-  const fullPath = `${secretsMountDirectory}/${filename}`;
+
+  const mountDir = secretsMountDirectory.startsWith("/")
+    ? secretsMountDirectory
+    : `<work-dir>/${secretsMountDirectory}`;
+  const fullPath = `${mountDir}/${filename}`;
 
   return (
     <ListGroupItem action={!noActions} data-cy="session-secret-slot-item">
diff --git a/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx b/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx
index 867e611eb..1cec5045e 100644
--- a/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx
+++ b/client/src/features/projectsV2/fields/SecretsMountDirectoryField.tsx
@@ -17,7 +17,7 @@
  */
 
 import cx from "classnames";
-import { Controller, type FieldValues } from "react-hook-form";
+import { Controller, useWatch, type FieldValues } from "react-hook-form";
 import { FormText, Input, Label } from "reactstrap";
 
 import { GenericProjectFormFieldProps } from "./formField.types";
@@ -33,6 +33,8 @@ export default function SecretsMountDirectoryField<T extends FieldValues>({
   const fieldId = `project-${name}`;
   const fieldHelpId = `${fieldId}-help`;
 
+  const watch = useWatch({ control, name });
+
   return (
     <div className="mb-3">
       <Label for={fieldId}>Secrets mount location</Label>
@@ -61,8 +63,16 @@ export default function SecretsMountDirectoryField<T extends FieldValues>({
         )}
       </div>
       <FormText id={fieldHelpId} tag="div">
-        This is the location which will be used when mounting secrets inside
-        sessions.
+        <p className="mb-0">
+          This is the location which will be used when mounting secrets inside
+          sessions.
+        </p>
+        {!watch.startsWith("/") && (
+          <p>
+            Note that this location will be relative to the &quot;working
+            directory&quot;.
+          </p>
+        )}
       </FormText>
     </div>
   );

From 9a4047705808ccab25db4a03667aca0079bb6029 Mon Sep 17 00:00:00 2001
From: Flora Thiebaut <flora.thiebaut@sdsc.ethz.ch>
Date: Tue, 10 Dec 2024 14:18:50 +0100
Subject: [PATCH 6/6] fix e2e fixtures

---
 tests/cypress/fixtures/projectV2/create-projectV2.json      | 3 ++-
 tests/cypress/fixtures/projectV2/list-projectV2.json        | 6 ++++--
 tests/cypress/fixtures/projectV2/read-projectV2-empty.json  | 3 ++-
 tests/cypress/fixtures/projectV2/read-projectV2.json        | 3 ++-
 .../fixtures/projectV2/update-projectV2-metadata.json       | 3 ++-
 .../fixtures/projectV2/update-projectV2-one-repository.json | 3 ++-
 .../fixtures/projectV2/update-projectV2-repositories.json   | 3 ++-
 7 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/tests/cypress/fixtures/projectV2/create-projectV2.json b/tests/cypress/fixtures/projectV2/create-projectV2.json
index 6941d4c03..3ee31d90b 100644
--- a/tests/cypress/fixtures/projectV2/create-projectV2.json
+++ b/tests/cypress/fixtures/projectV2/create-projectV2.json
@@ -5,5 +5,6 @@
   "created_by": {
     "id": "owner-KC-id"
   },
-  "visibility": "public"
+  "visibility": "public",
+  "secrets_mount_directory": "/secrets"
 }
diff --git a/tests/cypress/fixtures/projectV2/list-projectV2.json b/tests/cypress/fixtures/projectV2/list-projectV2.json
index e2363f96c..a74acf86b 100644
--- a/tests/cypress/fixtures/projectV2/list-projectV2.json
+++ b/tests/cypress/fixtures/projectV2/list-projectV2.json
@@ -11,7 +11,8 @@
       "https://domain.name/repo2.git"
     ],
     "visibility": "public",
-    "description": "Project 2 description"
+    "description": "Project 2 description",
+    "secrets_mount_directory": "/secrets"
   },
   {
     "id": "01HF96BXZ3JF9DX88B7XB405S5",
@@ -22,6 +23,7 @@
     "created_by": { "id": "user1-uuid" },
     "repositories": [],
     "visibility": "private",
-    "description": "Project 1 description"
+    "description": "Project 1 description",
+    "secrets_mount_directory": "/secrets"
   }
 ]
diff --git a/tests/cypress/fixtures/projectV2/read-projectV2-empty.json b/tests/cypress/fixtures/projectV2/read-projectV2-empty.json
index 5b511a453..f5bce6305 100644
--- a/tests/cypress/fixtures/projectV2/read-projectV2-empty.json
+++ b/tests/cypress/fixtures/projectV2/read-projectV2-empty.json
@@ -7,5 +7,6 @@
   "created_by": "user1-uuid",
   "repositories": [],
   "visibility": "public",
-  "description": "Project 2 description"
+  "description": "Project 2 description",
+  "secrets_mount_directory": "/secrets"
 }
diff --git a/tests/cypress/fixtures/projectV2/read-projectV2.json b/tests/cypress/fixtures/projectV2/read-projectV2.json
index 01fdc4de6..03d34935d 100644
--- a/tests/cypress/fixtures/projectV2/read-projectV2.json
+++ b/tests/cypress/fixtures/projectV2/read-projectV2.json
@@ -10,5 +10,6 @@
     "https://domain.name/repo2.git"
   ],
   "visibility": "public",
-  "description": "Project 2 description"
+  "description": "Project 2 description",
+  "secrets_mount_directory": "/secrets"
 }
diff --git a/tests/cypress/fixtures/projectV2/update-projectV2-metadata.json b/tests/cypress/fixtures/projectV2/update-projectV2-metadata.json
index b01568ab8..0092a5b0f 100644
--- a/tests/cypress/fixtures/projectV2/update-projectV2-metadata.json
+++ b/tests/cypress/fixtures/projectV2/update-projectV2-metadata.json
@@ -10,5 +10,6 @@
     "https://domain.name/repo2.git"
   ],
   "visibility": "public",
-  "description": "new description"
+  "description": "new description",
+  "secrets_mount_directory": "/secrets"
 }
diff --git a/tests/cypress/fixtures/projectV2/update-projectV2-one-repository.json b/tests/cypress/fixtures/projectV2/update-projectV2-one-repository.json
index 8225a903b..7452c152f 100644
--- a/tests/cypress/fixtures/projectV2/update-projectV2-one-repository.json
+++ b/tests/cypress/fixtures/projectV2/update-projectV2-one-repository.json
@@ -7,5 +7,6 @@
   "created_by": "user1-uuid",
   "repositories": ["https://gitlab.dev.renku.ch/url-repo.git"],
   "visibility": "public",
-  "description": "Project 2 description"
+  "description": "Project 2 description",
+  "secrets_mount_directory": "/secrets"
 }
diff --git a/tests/cypress/fixtures/projectV2/update-projectV2-repositories.json b/tests/cypress/fixtures/projectV2/update-projectV2-repositories.json
index 835e96c21..9e742d366 100644
--- a/tests/cypress/fixtures/projectV2/update-projectV2-repositories.json
+++ b/tests/cypress/fixtures/projectV2/update-projectV2-repositories.json
@@ -11,5 +11,6 @@
     "https://domain.name/repo3.git"
   ],
   "visibility": "public",
-  "description": "Project 2 description"
+  "description": "Project 2 description",
+  "secrets_mount_directory": "/secrets"
 }