Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support spec.devEnvironments.podSchedulerName in CR #1565

Closed
wants to merge 6 commits into from
Closed

Support spec.devEnvironments.podSchedulerName in CR #1565

wants to merge 6 commits into from

Conversation

dkwon17
Copy link
Contributor

@dkwon17 dkwon17 commented Nov 18, 2022

What does this PR do?

This PR is a draft PR because this PR depends on DWO 0.18.0, since that is when the config.workspace.schedulerName field would be introduced for the DWO config. This PR can still be tested, since the devworkspace-operator dependency in go.mod has been temporarily updated to point to this PR branch that introduced config.workspace.schedulerName

Should be merged after #1549 is merged

This PR introduces the devEnvironments.podSchedulerName field in the Che CR. When this field is set, it updates the config.workspace.schedulerName field of the Che-operator-managed DWO config.

Screenshot/screencast of this PR

In this demo:

  • in the Che CR, the devEnvironments.podSchedulerName field is set to testing123.
  • the DWOC is updated, the workspace.schedulerName field is set to testing123.
  • a workspace is started, and the workspace pod has a schedulerName of testing123`.
  • in the Che CR, the devEnvironments.podSchedulerName field is removed.
  • the DWOC is updated, the workspace.schedulerName field is now unset.
  • a workspace is started, and the workspace pod has the default schedulerName of default-scheduler`.
output.mp4

What issues does this PR fix or reference?

eclipse-che/che#21803

How to test this PR?

cat > /tmp/cs.yaml <<EOF
apiVersion:  operators.coreos.com/v1alpha1
kind:         CatalogSource
metadata:
  name:         eclipse-che-custom-catalog
  namespace:    eclipse-che
spec:
  image:       quay.io/dkwon17/eclipse-che-openshift-opm-catalog:schedulerName
  sourceType:  grpc
  updateStrategy:
    registryPoll:
      interval: 5m
EOF

chectl server:deploy \
    --che-operator-image=quay.io/dkwon17/che-operator:schedulerName \
    --installer=olm \
    --platform=openshift \
    --catalog-source-yaml /tmp/cs.yaml \
    --olm-channel=next \
    --package-manifest-name=eclipse-che-preview-openshift

PR Checklist

As the author of this Pull Request I made sure that:

Reviewers

Reviewers, please comment how you tested the PR when approving it.

@AObuchow @dkwon17
chore: update to devworkspace-operator v0.17.0
98949de 
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
@AObuchow @dkwon17
chore: update vendors
549f1ef 
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
@AObuchow @dkwon17
feat: configure workspace security context for container builds
5f5757f 
Fix eclipse-che/che#21770

Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
@AObuchow @dkwon17
chore: update k8s.io/utils
cc5d406 
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
@AObuchow @dkwon17
chore: update vendors
d37039b 
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
@openshift-ci
Copy link

openshift-ci bot commented Nov 18, 2022

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci
Copy link

openshift-ci bot commented Nov 18, 2022

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dkwon17

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@codecov
Copy link

codecov bot commented Nov 18, 2022
edited
Loading

Codecov Report

Merging #1565 (49ff5e4) into main (eaef8a4) will increase coverage by 0.02%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #1565      +/-   ##
==========================================
+ Coverage   60.54%   60.56%   +0.02%     
==========================================
  Files          73       73              
  Lines        6303     6307       +4     
==========================================
+ Hits         3816     3820       +4     
  Misses       2147     2147              
  Partials      340      340
Impacted Files Coverage Δ
api/v2/checluster_types.go 30.43% <ø> (ø)
...eploy/dev-workspace-config/dev_workspace_config.go 90.90% <100.00%> (+0.71%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@dkwon17
feat: add spec.devEnvironments.podSchedulerName in CR
49ff5e4 
Signed-off-by: David Kwon <dakwon@redhat.com>
@openshift-merge-robot
Copy link

@dkwon17: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@AObuchow AObuchow mentioned this pull request Dec 7, 2022
Merged
10 tasks
@ibuziuk ibuziuk mentioned this pull request Dec 13, 2022
Closed
82 tasks
@dkwon17 dkwon17 mentioned this pull request Dec 22, 2022
Merged
10 tasks
@dkwon17
Copy link
Contributor Author

dkwon17 commented Dec 22, 2022

Closing in favour of #1565

@dkwon17 dkwon17 closed this Dec 22, 2022
@AObuchow AObuchow mentioned this pull request Jan 28, 2023
Merged
10 tasks
nickboldt pushed a commit that referenced this pull request Jan 30, 2023
@AObuchow @amisevsk @tolusha
Cherry-pick commits from #1576 & #1565 & #1606 to 7.58.x (#1608)
ad19924 
* feat: configure workspace security context for container builds

Fix eclipse-che/che#21770

Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>

* Set SCC allowPrivilegeEscalation to true when container build enabled (#1596)

* Set SCC allowPrivilegeEscalation to true when container build enabled

Running Podman inside a container in OpenShift requires the pod to have
allowPrivilegeEscalation: true in its security context.

* Fix tests

Signed-off-by: Angel Misevski <amisevsk@redhat.com>

* fix: set scc priority to null

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

---------

Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Angel Misevski <amisevsk@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SDawley SDawley Awaiting requested review from SDawley SDawley will be requested when the pull request is marked ready for review SDawley is a code owner

@tolusha tolusha Awaiting requested review from tolusha tolusha will be requested when the pull request is marked ready for review tolusha is a code owner

@ibuziuk ibuziuk Awaiting requested review from ibuziuk ibuziuk will be requested when the pull request is marked ready for review ibuziuk is a code owner

Assignees
No one assigned
Labels
do-not-merge/work-in-progress needs-rebase
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dkwon17 @openshift-merge-robot @AObuchow