Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate factory flow with devfile v2 from private repos #20432

Closed
Tracked by #20553
, #20687
...
sleshchenko opened this issue Sep 7, 2021 · 3 comments
Closed
Tracked by #20553
, #20687
...

Validate factory flow with devfile v2 from private repos #20432

sleshchenko opened this issue Sep 7, 2021 · 3 comments
Assignees
@xbaran4
Labels
area/che-server area/factory/server Server side of factory implementation engine/devworkspace Issues related to Che configured to use the devworkspace controller as workspace engine. kind/enhancement A feature request - must adhere to the feature request template. severity/P1 Has a major impact to usage or development of the system. sprint/current
Milestone
DevWorkspace Int...

Comments

@sleshchenko
Copy link
Member

sleshchenko commented Sep 7, 2021
edited
Loading

Is your enhancement related to a problem? Please describe

DevWorkspace Operator add an ability to to configure secret with personal access token which is used then for project clone component and can be mounted into containers

kind: Secret
apiVersion: v1
metadata:
  name: git-credentials-secret
  namespace: devworkspace-controller
  annotations:
    controller.devfile.io/mount-path: /home/theia/.git-credentials/
  labels:
    controller.devfile.io/git-credential: 'true'
data:
  credentials: >- ${your base64 credentials here}
type: Opaque

More see devfile/devworkspace-operator#564.

P.S. The demo from DWO point of view https://www.youtube.com/watch?v=BamW5SxSGtE

Describe the solution you'd like

It's needed to complete the story from Che integration point of view.
Che Server would need to apply needed labels/annotations to secrets it creates after OAuth flow to make it working on DWO side.

Describe alternatives you've considered

No response

Additional context

No response
@sleshchenko sleshchenko added kind/enhancement A feature request - must adhere to the feature request template. area/che-server engine/devworkspace Issues related to Che configured to use the devworkspace controller as workspace engine. labels Sep 7, 2021
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Sep 7, 2021
@RomanNikitenko RomanNikitenko added severity/P1 Has a major impact to usage or development of the system. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Sep 7, 2021
@skabashnyuk skabashnyuk added team/platform sprint/next area/factory/server Server side of factory implementation labels Sep 8, 2021
@l0rd l0rd mentioned this issue Sep 8, 2021
Closed
5 tasks
@skabashnyuk
Copy link
Contributor

depends on #20496 and #20497

@skabashnyuk skabashnyuk mentioned this issue Sep 24, 2021
Closed
@skabashnyuk
Copy link
Contributor

Now we are creating

apiVersion: v1
kind: Secret
metadata:
  name: git-credentials-secret
  labels:
    app.kubernetes.io/part-of: che.eclipse.org
    app.kubernetes.io/component: workspace-secret
  annotations:
    che.eclipse.org/automount-workspace-secret: 'true'
    che.eclipse.org/mount-path: /home/theia/.git-credentials
    che.eclipse.org/mount-as: file
    che.eclipse.org/git-credential: 'true'
data:
  credentials: aHR0cHM6Ly91c2VyOnBhc3NAZXhhbXBsZS5jb20K

according to devfile/devworkspace-operator#564
we nee to have it in format

apiVersion: v1
metadata:
  name: git-credentials-secret
  namespace: devworkspace-controller
  annotations:
    controller.devfile.io/mount-path: /home/theia/.git-credentials/
  labels:
    controller.devfile.io/git-credential: 'true'
data:
  credentials: >- ${your base64 credentials here}
type: Opaque

The data is identical so we need to add extra label controller.devfile.io/git-credential: 'true' and annotation controller.devfile.io/mount-path: /home/theia/.git-credentials/ here https://github.com/eclipse-che/che-server/blob/ce6bcf2d198371db95d6722aabbba1f4c8cfff65/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java#L120-L134

@skabashnyuk skabashnyuk mentioned this issue Oct 12, 2021
Closed
15 tasks
@xbaran4 xbaran4 self-assigned this Oct 13, 2021
@xbaran4 xbaran4 mentioned this issue Oct 18, 2021
Merged
9 tasks
@skabashnyuk skabashnyuk mentioned this issue Oct 25, 2021
Closed
11 tasks
@xbaran4
Copy link
Contributor

xbaran4 commented Nov 8, 2021

Issue addressed by eclipse-che/che-server#162. This only concerns Bitbucket which uses OAuth1.
For Github and Gitlab which use OAuth2 see #20497.

@xbaran4 xbaran4 closed this as completed Nov 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xbaran4 xbaran4

Labels
area/che-server area/factory/server Server side of factory implementation engine/devworkspace Issues related to Che configured to use the devworkspace controller as workspace engine. kind/enhancement A feature request - must adhere to the feature request template. severity/P1 Has a major impact to usage or development of the system. sprint/current
Projects
None yet
Milestone
DevWorkspace Integration - STEP3
Development

No branches or pull requests
5 participants
@skabashnyuk @RomanNikitenko @sleshchenko @che-bot @xbaran4