Skip to content

Commit

Permalink
fix update DevWorkspaceTemplate functionality; use SA token to read e…
Browse files Browse the repository at this point in the history 
…ditors from CM

Signed-off-by: Valeriy Svydenko <[email protected]>
  • Loading branch information
@svor
svor committed May 31, 2024
1 parent 516882b commit 2372f83
Show file tree
Hide file tree
Showing 10 changed files with 513 additions and 167 deletions.
2 changes: 1 addition & 1 deletion packages/dashboard-backend/src/routes/api/__tests__/editors.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import { baseApiPath } from '@/constants/config';
import { editorsArray } from '@/routes/api/helpers/__mocks__/getDevWorkspaceClient';
import { setup, teardown } from '@/utils/appBuilder';

jest.mock('@/routes/api/helpers/getToken');
jest.mock('@/routes/api/helpers/getServiceAccountToken');
jest.mock('@/routes/api/helpers/getDevWorkspaceClient');

describe('Editors Route', () => {
Expand Down
17 changes: 6 additions & 11 deletions packages/dashboard-backend/src/routes/api/editors.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,25 +11,20 @@
*/

import { FastifyInstance } from 'fastify';
import { FastifyRequest } from 'fastify/types/request';

import { baseApiPath } from '@/constants/config';
import { getDevWorkspaceClient } from '@/routes/api/helpers/getDevWorkspaceClient';
import { getToken } from '@/routes/api/helpers/getToken';
import { getServiceAccountToken } from '@/routes/api/helpers/getServiceAccountToken';
import { getSchema } from '@/services/helpers';

const tags = ['Editor Definitions'];

export function registerEditorsRoutes(instance: FastifyInstance) {
instance.register(async server => {
server.get(
`${baseApiPath}/editors`,
getSchema({ tags }),
async function (request: FastifyRequest) {
const token = getToken(request);
const { editorsApi } = getDevWorkspaceClient(token);
return editorsApi.list();
},
);
server.get(`${baseApiPath}/editors`, getSchema({ tags }), async () => {
const token = getServiceAccountToken();
const { editorsApi } = getDevWorkspaceClient(token);
return editorsApi.list();
});

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
a file system access
Loading
, but is not rate-limited.
This route handler performs
a file system access
Loading
, but is not rate-limited.
});
}
163 changes: 96 additions & 67 deletions ...c/services/workspace-client/devworkspace/__tests__/__mocks__/devWorkspaceSpecTemplates.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,35 +12,56 @@

import devfileApi from '@/services/devfileApi';

const getDevWorkspaceTemplate = (cpuLimit = '1500m'): devfileApi.DevWorkspaceTemplate => {
const getVSCodeDevWorkspaceTemplate = (cpuLimit = '1500m'): devfileApi.DevWorkspaceTemplate => {
return {
apiVersion: 'workspace.devfile.io/v1alpha2',
kind: 'DevWorkspaceTemplate',
metadata: {
annotations: {
'che.eclipse.org/components-update-policy': 'managed',
'che.eclipse.org/plugin-registry-url':
'https://192.168.64.24.nip.io/plugin-registry/v3/plugins/eclipse/che-theia/next/devfile.yaml',
'che.eclipse.org/plugin-registry-url': 'che-incubator/che-code/latest',
},
creationTimestamp: new Date('2021-11-24T17:11:37Z'),
creationTimestamp: new Date('2024-05-30T12:51:45Z'),
generation: 1,
name: 'theia-ide-workspacee2ade80d625b4f3e',
name: 'che-code-empty-mm9t',
namespace: 'admin-che',
resourceVersion: '3766',
uid: '106c3fa1-32c6-47ef-87e5-333de6914837',
ownerReferences: [
{
apiVersion: 'workspace.devfile.io/v1alpha2',
kind: 'devworkspace',
name: 'empty-mm9t',
uid: 'ca85c4f7-d36d-4f4a-8ce9-b8cf72aa8a37',
},
],
resourceVersion: '7429',
uid: 'e4781884-a294-4719-966a-4a4dfce3b7ff',
},
spec: {
commands: [],
components: [
attributes: {
version: null,
},
commands: [
{
attributes: {
'app.kubernetes.io/component': 'che-theia',
'app.kubernetes.io/part-of': 'che-theia.eclipse.org',
apply: {
component: 'che-code-injector',
},
id: 'init-container-command',
},
{
exec: {
commandLine:
'nohup /checode/entrypoint-volume.sh > /checode/entrypoint-logs.txt 2>&1 &',
component: 'che-code-runtime-description',
},
id: 'init-che-code-command',
},
],
components: [
{
container: {
command: ['/entrypoint-init-container.sh'],
cpuLimit,
cpuRequest: '100m',
endpoints: [],
cpuRequest: '30m',
env: [
{
name: 'CHE_DASHBOARD_URL',
Expand All @@ -55,60 +76,73 @@ const getDevWorkspaceTemplate = (cpuLimit = '1500m'): devfileApi.DevWorkspaceTem
value: 'plugin-registry-internal-url',
},
],
image: 'quay.io/eclipse/che-theia:next',
memoryLimit: '512M',
mountSources: true,
image: 'quay.io/che-incubator/che-code:latest',
memoryLimit: '256Mi',
memoryRequest: '32Mi',
sourceMapping: '/projects',
volumeMounts: [],
volumeMounts: [
{
name: 'checode',
path: '/checode',
},
],
},
name: 'theia-ide',
},
{
name: 'plugins',
volume: {},
},
{
name: 'theia-local',
volume: {},
name: 'che-code-injector',
},
{
attributes: {
'app.kubernetes.io/component': 'machine-exec',
'app.kubernetes.io/part-of': 'che-theia.eclipse.org',
'app.kubernetes.io/component': 'che-code-runtime',
'app.kubernetes.io/part-of': 'che-code.eclipse.org',
'controller.devfile.io/container-contribution': true,
},
container: {
command: ['/go/bin/che-machine-exec', '--url', '127.0.0.1:3333'],
cpuLimit: '500m',
cpuRequest: '30m',
env: [
endpoints: [
{
name: 'CHE_DASHBOARD_URL',
value: 'http://localhost',
attributes: {
cookiesAuthEnabled: true,
discoverable: false,
type: 'main',
urlRewriteSupported: true,
},
exposure: 'public',
name: 'che-code',
protocol: 'https',
secure: true,
targetPort: 3100,
},
{
name: 'CHE_PLUGIN_REGISTRY_URL',
value: 'plugin-registry-url',
attributes: {
discoverable: false,
urlRewriteSupported: false,
},
exposure: 'public',
name: 'code-redirect-1',
protocol: 'https',
targetPort: 13131,
},
{
name: 'CHE_PLUGIN_REGISTRY_INTERNAL_URL',
value: 'plugin-registry-internal-url',
attributes: {
discoverable: false,
urlRewriteSupported: false,
},
exposure: 'public',
name: 'code-redirect-2',
protocol: 'https',
targetPort: 13132,
},
{
attributes: {
discoverable: false,
urlRewriteSupported: false,
},
exposure: 'public',
name: 'code-redirect-3',
protocol: 'https',
targetPort: 13133,
},
],
image: 'quay.io/eclipse/che-machine-exec:next',
memoryLimit: '128Mi',
memoryRequest: '32Mi',
sourceMapping: '/projects',
},
name: 'che-machine-exec',
},
{
attributes: {
'app.kubernetes.io/component': 'remote-runtime-injector',
'app.kubernetes.io/part-of': 'che-theia.eclipse.org',
},
container: {
cpuLimit: '500m',
cpuRequest: '30m',
env: [
{
name: 'CHE_DASHBOARD_URL',
Expand All @@ -123,35 +157,30 @@ const getDevWorkspaceTemplate = (cpuLimit = '1500m'): devfileApi.DevWorkspaceTem
value: 'plugin-registry-internal-url',
},
],
image: 'quay.io/eclipse/che-theia-endpoint-runtime-binary:next',
memoryLimit: '128Mi',
memoryRequest: '32Mi',
image: 'quay.io/devfile/universal-developer-image:latest',
memoryLimit: '1024Mi',
memoryRequest: '256Mi',
sourceMapping: '/projects',
volumeMounts: [
{
name: 'plugins',
path: '/plugins',
},
{
name: 'remote-endpoint',
path: '/remote-endpoint',
name: 'checode',
path: '/checode',
},
],
},
name: 'remote-runtime-injector',
name: 'che-code-runtime-description',
},
{
name: 'remote-endpoint',
volume: {
ephemeral: true,
},
name: 'checode',
volume: {},
},
],
events: {
postStart: ['init-che-code-command'],
preStart: ['init-container-command'],
},
},
};
};

export default getDevWorkspaceTemplate;
export default getVSCodeDevWorkspaceTemplate;
Loading

0 comments on commit 2372f83

Please sign in to comment.