fix: Update all model server prepare.py to use plain SHA-256

Pravali Uppugunduri · Pravali Uppugunduri · commit ff838dbca085 · 2026-03-23T16:05:13.000Z
Remove generate_secret_key import and usage from TorchServe, MMS,
TF Serving, and SMD prepare functions. Switch compute_hash calls
from HMAC-SHA256 to plain SHA-256 (no secret_key parameter).

This is required because generate_secret_key was removed from
check_integrity.py in the previous commit. Without this change,
all model server imports fail with ImportError.
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/multi_model_server/prepare.py b/sagemaker-serve/src/sagemaker/serve/model_server/multi_model_server/prepare.py
@@ -26,7 +26,6 @@
 from sagemaker.serve.spec.inference_spec import InferenceSpec
 from sagemaker.serve.detector.dependency_manager import capture_dependencies
 from sagemaker.serve.validations.check_integrity import (
-    generate_secret_key,
     compute_hash,
 )
 from sagemaker.core.remote_function.core.serialization import _MetaData
@@ -119,11 +118,10 @@ def prepare_for_mms(
 
     capture_dependencies(dependencies=dependencies, work_dir=code_dir)
 
-    secret_key = generate_secret_key()
     with open(str(code_dir.joinpath("serve.pkl")), "rb") as f:
         buffer = f.read()
-    hash_value = compute_hash(buffer=buffer, secret_key=secret_key)
+    hash_value = compute_hash(buffer=buffer)
     with open(str(code_dir.joinpath("metadata.json")), "wb") as metadata:
         metadata.write(_MetaData(hash_value).to_json())
 
-    return secret_key
+    return ""
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/multi_model_server/server.py b/sagemaker-serve/src/sagemaker/serve/model_server/multi_model_server/server.py
@@ -35,7 +35,6 @@ def _start_serving(
         env = {
             "SAGEMAKER_SUBMIT_DIRECTORY": "/opt/ml/model/code",
             "SAGEMAKER_PROGRAM": "inference.py",
-            "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
             "LOCAL_PYTHON": platform.python_version(),
         }
         if env_vars:
@@ -131,7 +130,6 @@ def _upload_server_artifacts(
             env_vars = {
                 "SAGEMAKER_SUBMIT_DIRECTORY": "/opt/ml/model/code",
                 "SAGEMAKER_PROGRAM": "inference.py",
-                "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
                 "SAGEMAKER_REGION": sagemaker_session.boto_region_name,
                 "SAGEMAKER_CONTAINER_LOG_LEVEL": "10",
                 "LOCAL_PYTHON": platform.python_version(),
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/smd/prepare.py b/sagemaker-serve/src/sagemaker/serve/model_server/smd/prepare.py
@@ -12,7 +12,6 @@
 from sagemaker.serve.spec.inference_spec import InferenceSpec
 from sagemaker.serve.detector.dependency_manager import capture_dependencies
 from sagemaker.serve.validations.check_integrity import (
-    generate_secret_key,
     compute_hash,
 )
 from sagemaker.core.remote_function.core.serialization import _MetaData
@@ -64,11 +63,10 @@ def prepare_for_smd(
 
     capture_dependencies(dependencies=dependencies, work_dir=code_dir)
 
-    secret_key = generate_secret_key()
     with open(str(code_dir.joinpath("serve.pkl")), "rb") as f:
         buffer = f.read()
-    hash_value = compute_hash(buffer=buffer, secret_key=secret_key)
+    hash_value = compute_hash(buffer=buffer)
     with open(str(code_dir.joinpath("metadata.json")), "wb") as metadata:
         metadata.write(_MetaData(hash_value).to_json())
 
-    return secret_key
+    return ""
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/smd/server.py b/sagemaker-serve/src/sagemaker/serve/model_server/smd/server.py
@@ -53,7 +53,6 @@ def _upload_smd_artifacts(
             "SAGEMAKER_INFERENCE_CODE_DIRECTORY": "/opt/ml/model/code",
             "SAGEMAKER_INFERENCE_CODE": "inference.handler",
             "SAGEMAKER_REGION": sagemaker_session.boto_region_name,
-            "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
             "LOCAL_PYTHON": platform.python_version(),
         }
         return s3_upload_path, env_vars
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/tei/server.py b/sagemaker-serve/src/sagemaker/serve/model_server/tei/server.py
@@ -38,8 +38,6 @@ def _start_tei_serving(
             secret_key: Secret key to use for authentication
             env_vars: Environment variables to set
         """
-        if env_vars and secret_key:
-            env_vars["SAGEMAKER_SERVE_SECRET_KEY"] = secret_key
 
         self.container = client.containers.run(
             image,
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/tensorflow_serving/prepare.py b/sagemaker-serve/src/sagemaker/serve/model_server/tensorflow_serving/prepare.py
@@ -11,7 +11,6 @@
 )
 from sagemaker.serve.detector.dependency_manager import capture_dependencies
 from sagemaker.serve.validations.check_integrity import (
-    generate_secret_key,
     compute_hash,
 )
 from sagemaker.core.remote_function.core.serialization import _MetaData
@@ -57,11 +56,10 @@ def prepare_for_tf_serving(
         raise ValueError("SavedModel is not found for Tensorflow or Keras flavor.")
     _move_contents(src_dir=mlflow_saved_model_dir, dest_dir=saved_model_bundle_dir)
     
-    secret_key = generate_secret_key()
     with open(str(code_dir.joinpath("serve.pkl")), "rb") as f:
         buffer = f.read()
-    hash_value = compute_hash(buffer=buffer, secret_key=secret_key)
+    hash_value = compute_hash(buffer=buffer)
     with open(str(code_dir.joinpath("metadata.json")), "wb") as metadata:
         metadata.write(_MetaData(hash_value).to_json())
 
-    return secret_key
+    return ""
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/tensorflow_serving/server.py b/sagemaker-serve/src/sagemaker/serve/model_server/tensorflow_serving/server.py
@@ -47,7 +47,6 @@ def _start_tensorflow_serving(
             environment={
                 "SAGEMAKER_SUBMIT_DIRECTORY": "/opt/ml/model/code",
                 "SAGEMAKER_PROGRAM": "inference.py",
-                "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
                 "LOCAL_PYTHON": platform.python_version(),
                 **env_vars,
             },
@@ -124,7 +123,6 @@ def _upload_tensorflow_serving_artifacts(
             "SAGEMAKER_PROGRAM": "inference.py",
             "SAGEMAKER_REGION": sagemaker_session.boto_region_name,
             "SAGEMAKER_CONTAINER_LOG_LEVEL": "10",
-            "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
             "LOCAL_PYTHON": platform.python_version(),
         }
         return s3_upload_path, env_vars
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/torchserve/prepare.py b/sagemaker-serve/src/sagemaker/serve/model_server/torchserve/prepare.py
@@ -13,7 +13,6 @@
 from sagemaker.serve.spec.inference_spec import InferenceSpec
 from sagemaker.serve.detector.dependency_manager import capture_dependencies
 from sagemaker.serve.validations.check_integrity import (
-    generate_secret_key,
     compute_hash,
 )
 from sagemaker.serve.validations.check_image_uri import is_1p_image_uri
@@ -67,11 +66,10 @@ def prepare_for_torchserve(
 
     capture_dependencies(dependencies=dependencies, work_dir=code_dir)
 
-    secret_key = generate_secret_key()
     with open(str(code_dir.joinpath("serve.pkl")), "rb") as f:
         buffer = f.read()
-    hash_value = compute_hash(buffer=buffer, secret_key=secret_key)
+    hash_value = compute_hash(buffer=buffer)
     with open(str(code_dir.joinpath("metadata.json")), "wb") as metadata:
         metadata.write(_MetaData(hash_value).to_json())
 
-    return secret_key
+    return ""
diff --git a/sagemaker-serve/src/sagemaker/serve/model_server/torchserve/server.py b/sagemaker-serve/src/sagemaker/serve/model_server/torchserve/server.py
@@ -39,7 +39,6 @@ def _start_torch_serve(
             environment={
                 "SAGEMAKER_SUBMIT_DIRECTORY": "/opt/ml/model/code",
                 "SAGEMAKER_PROGRAM": "inference.py",
-                "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
                 "LOCAL_PYTHON": platform.python_version(),
                 **env_vars,
             },
@@ -103,7 +102,6 @@ def _upload_torchserve_artifacts(
             "SAGEMAKER_PROGRAM": "inference.py",
             "SAGEMAKER_REGION": sagemaker_session.boto_region_name,
             "SAGEMAKER_CONTAINER_LOG_LEVEL": "10",
-            "SAGEMAKER_SERVE_SECRET_KEY": secret_key,
             "LOCAL_PYTHON": platform.python_version(),
         }
         return s3_upload_path, env_vars
diff --git a/sagemaker-serve/tests/unit/model_server/test_multi_model_server_prepare.py b/sagemaker-serve/tests/unit/model_server/test_multi_model_server_prepare.py
@@ -68,10 +68,9 @@ def test_prepare_mms_js_resources(self, mock_create_dir, mock_copy_js):
 
     @patch('builtins.input', return_value='')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.multi_model_server.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_mms_creates_structure(self, mock_copy, mock_capture, mock_gen_key, mock_hash, mock_input):
+    def test_prepare_for_mms_creates_structure(self, mock_copy, mock_capture, mock_hash, mock_input):
         """Test prepare_for_mms creates directory structure and files."""
         from sagemaker.serve.model_server.multi_model_server.prepare import prepare_for_mms
         
@@ -83,7 +82,6 @@ def test_prepare_for_mms_creates_structure(self, mock_copy, mock_capture, mock_g
         serve_pkl = code_dir / "serve.pkl"
         serve_pkl.write_bytes(b"test data")
         
-        mock_gen_key.return_value = "test-secret-key"
         mock_hash.return_value = "test-hash"
         mock_session = Mock()
         mock_inference_spec = Mock()
@@ -98,16 +96,14 @@ def test_prepare_for_mms_creates_structure(self, mock_copy, mock_capture, mock_g
                 inference_spec=mock_inference_spec
             )
         
-        self.assertEqual(secret_key, "test-secret-key")
         mock_inference_spec.prepare.assert_called_once_with(str(model_path))
         mock_capture.assert_called_once()
 
     @patch('builtins.input', return_value='')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.multi_model_server.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_mms_raises_on_invalid_dir(self, mock_copy, mock_capture, mock_gen_key, mock_hash, mock_input):
+    def test_prepare_for_mms_raises_on_invalid_dir(self, mock_copy, mock_capture, mock_hash, mock_input):
         """Test prepare_for_mms raises exception for invalid directory."""
         from sagemaker.serve.model_server.multi_model_server.prepare import prepare_for_mms
         
@@ -128,10 +124,9 @@ def test_prepare_for_mms_raises_on_invalid_dir(self, mock_copy, mock_capture, mo
 
     @patch('builtins.input', return_value='')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.multi_model_server.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.multi_model_server.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_mms_copies_shared_libs(self, mock_copy, mock_capture, mock_gen_key, mock_hash, mock_input):
+    def test_prepare_for_mms_copies_shared_libs(self, mock_copy, mock_capture, mock_hash, mock_input):
         """Test prepare_for_mms copies shared libraries."""
         from sagemaker.serve.model_server.multi_model_server.prepare import prepare_for_mms
         
@@ -145,7 +140,6 @@ def test_prepare_for_mms_copies_shared_libs(self, mock_copy, mock_capture, mock_
         shared_lib = Path(self.temp_dir) / "lib.so"
         shared_lib.touch()
         
-        mock_gen_key.return_value = "test-key"
         mock_hash.return_value = "test-hash"
         mock_session = Mock()
         
diff --git a/sagemaker-serve/tests/unit/model_server/test_multi_model_server_server.py b/sagemaker-serve/tests/unit/model_server/test_multi_model_server_server.py
@@ -32,8 +32,7 @@ def test_start_serving_creates_container(self, mock_path):
         self.assertEqual(server.container, mock_container)
         mock_client.containers.run.assert_called_once()
         call_kwargs = mock_client.containers.run.call_args[1]
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", call_kwargs["environment"])
-        self.assertEqual(call_kwargs["environment"]["SAGEMAKER_SERVE_SECRET_KEY"], "test-secret")
+        self.assertIn("SAGEMAKER_SUBMIT_DIRECTORY", call_kwargs["environment"])
 
     @patch('sagemaker.serve.model_server.multi_model_server.server.Path')
     def test_start_serving_with_no_env_vars(self, mock_path):
@@ -166,8 +165,7 @@ def test_upload_server_artifacts_uploads_to_s3(self, mock_path, mock_is_s3, mock
         )
         
         self.assertIsNotNone(model_data)
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
-        self.assertEqual(env_vars["SAGEMAKER_SERVE_SECRET_KEY"], "test-key")
+        self.assertIn("SAGEMAKER_SUBMIT_DIRECTORY", env_vars)
 
     @patch('sagemaker.serve.model_server.multi_model_server.server._is_s3_uri')
     def test_upload_server_artifacts_no_upload(self, mock_is_s3):
@@ -187,7 +185,7 @@ def test_upload_server_artifacts_no_upload(self, mock_is_s3):
         )
         
         self.assertIsNone(model_data)
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
+        self.assertIn("SAGEMAKER_SUBMIT_DIRECTORY", env_vars)
 
 
 class TestUpdateEnvVars(unittest.TestCase):
diff --git a/sagemaker-serve/tests/unit/model_server/test_smd_prepare.py b/sagemaker-serve/tests/unit/model_server/test_smd_prepare.py
@@ -18,10 +18,9 @@ def tearDown(self):
             shutil.rmtree(self.temp_dir)
 
     @patch('sagemaker.serve.model_server.smd.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.smd.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.smd.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_smd_with_inference_spec(self, mock_copy, mock_capture, mock_gen_key, mock_hash):
+    def test_prepare_for_smd_with_inference_spec(self, mock_copy, mock_capture, mock_hash):
         """Test prepare_for_smd with InferenceSpec."""
         from sagemaker.serve.model_server.smd.prepare import prepare_for_smd
         from sagemaker.serve.spec.inference_spec import InferenceSpec
@@ -33,7 +32,6 @@ def test_prepare_for_smd_with_inference_spec(self, mock_copy, mock_capture, mock
         serve_pkl = code_dir / "serve.pkl"
         serve_pkl.write_bytes(b"test data")
         
-        mock_gen_key.return_value = "test-secret-key"
         mock_hash.return_value = "test-hash"
         mock_inference_spec = Mock(spec=InferenceSpec)
         
@@ -45,15 +43,13 @@ def test_prepare_for_smd_with_inference_spec(self, mock_copy, mock_capture, mock
                 inference_spec=mock_inference_spec
             )
         
-        self.assertEqual(secret_key, "test-secret-key")
         mock_inference_spec.prepare.assert_called_once_with(str(model_path))
 
     @patch('os.rename')
     @patch('sagemaker.serve.model_server.smd.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.smd.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.smd.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_smd_with_custom_orchestrator(self, mock_copy, mock_capture, mock_gen_key, mock_hash, mock_rename):
+    def test_prepare_for_smd_with_custom_orchestrator(self, mock_copy, mock_capture, mock_hash, mock_rename):
         """Test prepare_for_smd with CustomOrchestrator."""
         from sagemaker.serve.model_server.smd.prepare import prepare_for_smd
         from sagemaker.serve.spec.inference_base import CustomOrchestrator
@@ -65,7 +61,6 @@ def test_prepare_for_smd_with_custom_orchestrator(self, mock_copy, mock_capture,
         serve_pkl = code_dir / "serve.pkl"
         serve_pkl.write_bytes(b"test data")
         
-        mock_gen_key.return_value = "test-secret-key"
         mock_hash.return_value = "test-hash"
         mock_orchestrator = Mock(spec=CustomOrchestrator)
         
@@ -77,15 +72,13 @@ def test_prepare_for_smd_with_custom_orchestrator(self, mock_copy, mock_capture,
                 inference_spec=mock_orchestrator
             )
         
-        self.assertEqual(secret_key, "test-secret-key")
         # Verify custom_execution_inference.py was copied and renamed
         mock_rename.assert_called_once()
 
     @patch('sagemaker.serve.model_server.smd.prepare.compute_hash')
-    @patch('sagemaker.serve.model_server.smd.prepare.generate_secret_key')
     @patch('sagemaker.serve.model_server.smd.prepare.capture_dependencies')
     @patch('shutil.copy2')
-    def test_prepare_for_smd_with_shared_libs(self, mock_copy, mock_capture, mock_gen_key, mock_hash):
+    def test_prepare_for_smd_with_shared_libs(self, mock_copy, mock_capture, mock_hash):
         """Test prepare_for_smd copies shared libraries."""
         from sagemaker.serve.model_server.smd.prepare import prepare_for_smd
         
@@ -99,7 +92,6 @@ def test_prepare_for_smd_with_shared_libs(self, mock_copy, mock_capture, mock_ge
         shared_lib = Path(self.temp_dir) / "lib.so"
         shared_lib.touch()
         
-        mock_gen_key.return_value = "test-key"
         mock_hash.return_value = "test-hash"
         
         with patch('builtins.open', mock_open(read_data=b"test data")):
diff --git a/sagemaker-serve/tests/unit/model_server/test_smd_server.py b/sagemaker-serve/tests/unit/model_server/test_smd_server.py
@@ -25,8 +25,6 @@ def test_upload_smd_artifacts_with_s3_path(self, mock_is_s3):
         )
         
         self.assertEqual(s3_path, "s3://bucket/model")
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
-        self.assertEqual(env_vars["SAGEMAKER_SERVE_SECRET_KEY"], "test-key")
         self.assertIn("SAGEMAKER_INFERENCE_CODE_DIRECTORY", env_vars)
 
     @patch('sagemaker.serve.model_server.smd.server.upload')
@@ -58,7 +56,6 @@ def test_upload_smd_artifacts_uploads_to_s3(self, mock_is_s3, mock_fw_utils,
         )
         
         self.assertEqual(s3_path, "s3://bucket/code_prefix/model.tar.gz")
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
         self.assertIn("SAGEMAKER_INFERENCE_CODE", env_vars)
         mock_upload.assert_called_once()
 
@@ -80,7 +77,7 @@ def test_upload_smd_artifacts_no_upload(self, mock_is_s3):
         )
         
         self.assertIsNone(s3_path)
-        self.assertIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
+        self.assertIn("SAGEMAKER_INFERENCE_CODE_DIRECTORY", env_vars)
 
 
 if __name__ == "__main__":
diff --git a/sagemaker-serve/tests/unit/model_server/test_tei_server.py b/sagemaker-serve/tests/unit/model_server/test_tei_server.py
@@ -40,7 +40,7 @@ def test_start_tei_serving(self, mock_device_req, mock_path, mock_update_env):
     @patch('sagemaker.serve.model_server.tei.server.Path')
     @patch('sagemaker.serve.model_server.tei.server.DeviceRequest')
     def test_start_tei_serving_adds_secret_key(self, mock_device_req, mock_path, mock_update_env):
-        """Test _start_tei_serving adds secret key to env vars."""
+        """Test _start_tei_serving no longer adds secret key to env vars."""
         from sagemaker.serve.model_server.tei.server import LocalTeiServing
         
         server = LocalTeiServing()
@@ -62,8 +62,8 @@ def test_start_tei_serving_adds_secret_key(self, mock_device_req, mock_path, moc
             env_vars=env_vars
         )
         
-        # Verify secret key was added to env_vars
-        self.assertEqual(env_vars["SAGEMAKER_SERVE_SECRET_KEY"], "test-secret")
+        # Verify secret key is NOT added to env_vars
+        self.assertNotIn("SAGEMAKER_SERVE_SECRET_KEY", env_vars)
 
     @patch('sagemaker.serve.model_server.tei.server.requests.post')
     @patch('sagemaker.serve.model_server.tei.server.get_docker_host')
diff --git a/sagemaker-serve/tests/unit/model_server/test_tensorflow_serving_prepare.py b/sagemaker-serve/tests/unit/model_server/test_tensorflow_serving_prepare.py
diff --git a/sagemaker-serve/tests/unit/model_server/test_tensorflow_serving_server.py b/sagemaker-serve/tests/unit/model_server/test_tensorflow_serving_server.py
diff --git a/sagemaker-serve/tests/unit/model_server/test_torchserve_prepare.py b/sagemaker-serve/tests/unit/model_server/test_torchserve_prepare.py
diff --git a/sagemaker-serve/tests/unit/model_server/test_torchserve_server.py b/sagemaker-serve/tests/unit/model_server/test_torchserve_server.py
diff --git a/sagemaker-serve/tests/unit/servers/test_model_builder_servers.py b/sagemaker-serve/tests/unit/servers/test_model_builder_servers.py
diff --git a/sagemaker-serve/tests/unit/test_model_builder_utils_triton.py b/sagemaker-serve/tests/unit/test_model_builder_utils_triton.py
diff --git a/sagemaker-serve/tests/unit/validations/test_check_integrity.py b/sagemaker-serve/tests/unit/validations/test_check_integrity.py

Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,6 @@ def _upload_smd_artifacts(`
`53`	`53`	`"SAGEMAKER_INFERENCE_CODE_DIRECTORY": "/opt/ml/model/code",`
`54`	`54`	`"SAGEMAKER_INFERENCE_CODE": "inference.handler",`
`55`	`55`	`"SAGEMAKER_REGION": sagemaker_session.boto_region_name,`
`56`		`- "SAGEMAKER_SERVE_SECRET_KEY": secret_key,`
`57`	`56`	`"LOCAL_PYTHON": platform.python_version(),`
`58`	`57`	`}`
`59`	`58`	`return s3_upload_path, env_vars`