Skip to content

Commit

Permalink
feat: Allow configuring user namespaces with OpenShift template (#1925)
Browse files Browse the repository at this point in the history 
* feat: Allow configuring user namespaces with OpenShift template

Signed-off-by: Anatolii Bazko <[email protected]>
  • Loading branch information
@tolusha
tolusha authored Nov 5, 2024
1 parent 8b3d527 commit f71d2e8
Show file tree
Hide file tree
Showing 177 changed files with 23,878 additions and 2,153 deletions.
3 changes: 2 additions & 1 deletion DEPENDENCIES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -466,7 +466,7 @@
| [go.etcd.io/etcd@dd1b699fc4895de8cc23c3cac5a428c37eee384a](https://github.com/etcd-io/etcd.git) | Apache-2.0 | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23592) |
| [github.com/remyoudompheng/bigfft@6a916e37a237384e18eefa3270c09247db1ecf50](https://github.com/remyoudompheng/bigfft.git) | BSD-3-Clause | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23591) |
| [github.com/operator-framework/[email protected]](https://github.com/operator-framework/operator-registry.git) | Apache-2.0 | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23590) |
| [github.com/openshift/api@32369d4db2ada1c1cdb95b99b568a9925e2a4480](https://github.com/openshift/api.git) | Apache-2.0 | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23586) |
| [github.com/openshift/api@88b476f987ed90f7b0e1fdc851859c35161b1ff5](https://github.com/openshift/api.git) | Apache-2.0 | [clearlydefined](https://clearlydefined.io/definitions/git/github/openshift/api/88b476f987ed90f7b0e1fdc851859c35161b1ff5) |
| [github.com/chai2010/gettext-go@c6fed771bfd517099caf0f7a961671fa8ed08723](https://github.com/chai2010/gettext-go.git) | BSD-3-Clause | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23551) |
| [github.com/cloudflare/golz4@ef862a3cdc58a6f1fee4e3af3d44fbe279194cde](https://github.com/cloudflare/golz4.git) | BSD-3-Clause | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23552) |
| [github.com/coreos/go-systemd@fd7a80b32e1fc73e890fde45604ed5009dc817a3](https://github.com/coreos/go-systemd.git) | Apache-2.0 | [CQ](https://dev.eclipse.org/ipzilla/show_bug.cgi?id=23553) |
Expand Down Expand Up @@ -589,3 +589,4 @@
| [sigs.k8s.io/[email protected]](https://github.com/kubernetes-sigs/json) | Apache-2.0 AND BSD-3-Clause AND NOASSERTION | [clearlydefined](https://clearlydefined.io/definitions/git/github/kubernetes-sigs/json/f223a00ba0e27f539157f69f9c919c204ea7f40b) |
| [github.com/google/[email protected]](https://github.com/kubernetes-sigs/json) | Apache-2.0 | [clearlydefined](https://clearlydefined.io/definitions/go/golang/github.com%2Fgoogle/gnostic/v0.5.7-v3refs) |
| [github.com/go-task/[email protected]](https://github.com/go-task/slim-sprig.git) | MIT | [clearlydefined](https://clearlydefined.io/definitions/git/github/go-task/slim-sprig/52ccab3ef572c7e1a2c258be183f9a9296d60152) |
| [github.com/josharian/[email protected]](https://github.com/josharian/intern.git) | MIT | [clearlydefined](https://clearlydefined.io/definitions/git/github/josharian/intern/8e6ff32b3e7c0b018c43953085fe2ac330fe9acd) |
42 changes: 40 additions & 2 deletions bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ metadata:
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/eclipse-che/che-operator
support: Eclipse Foundation
name: eclipse-che.v7.94.0-891.next
name: eclipse-che.v7.94.0-893.next
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -828,7 +828,45 @@ spec:
resources:
- limitranges
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- ""
resources:
- resourcequotas
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- template.openshift.io
resources:
- templates
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
Expand Down Expand Up @@ -1035,7 +1073,7 @@ spec:
minKubeVersion: 1.19.0
provider:
name: Eclipse Foundation
version: 7.94.0-891.next
version: 7.94.0-893.next
webhookdefinitions:
- admissionReviewVersions:
- v1
Expand Down
38 changes: 38 additions & 0 deletions config/rbac/cluster_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -339,7 +339,45 @@ rules:
resources:
- limitranges
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- ""
resources:
- resourcequotas
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- create
- delete
- get
- update
- patch
- watch
- list
- apiGroups:
- template.openshift.io
resources:
- templates
verbs:
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
Expand Down
66 changes: 66 additions & 0 deletions controllers/usernamespace/configmap2sync.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
//
// Copyright (c) 2019-2024 Red Hat, Inc.
// This program and the accompanying materials are made
// available under the terms of the Eclipse Public License 2.0
// which is available at https://www.eclipse.org/legal/epl-2.0/
//
// SPDX-License-Identifier: EPL-2.0
//
// Contributors:
// Red Hat, Inc. - initial API and implementation
//

package usernamespace

import (
dwconstants "github.com/devfile/devworkspace-operator/pkg/constants"
"github.com/eclipse-che/che-operator/pkg/common/utils"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/client"
)

type configMap2Sync struct {
Object2Sync

cm *corev1.ConfigMap
version string
}

func (p *configMap2Sync) getSrcObject() client.Object {
return p.cm
}

func (p *configMap2Sync) getGKV() schema.GroupVersionKind {
return v1ConfigMapGKV
}

func (p *configMap2Sync) newDstObject() client.Object {
dst := p.cm.DeepCopyObject()
// We have to set the ObjectMeta fields explicitly, because
// existed object contains unnecessary fields that we don't want to copy
dst.(*corev1.ConfigMap).ObjectMeta = metav1.ObjectMeta{
Name: p.cm.GetName(),
Annotations: p.cm.GetAnnotations(),
Labels: utils.MergeMaps([]map[string]string{
p.cm.GetLabels(),
{
dwconstants.DevWorkspaceWatchConfigMapLabel: "true",
dwconstants.DevWorkspaceMountLabel: "true",
}}),
}

return dst.(client.Object)
}

func (p *configMap2Sync) getSrcObjectVersion() string {
if len(p.version) == 0 {
return p.cm.GetResourceVersion()
}
return p.version
}

func (p *configMap2Sync) hasROSpec() bool {
return false
}
47 changes: 33 additions & 14 deletions ...usernamespace/workspace_cm_syncer_test.go → ...lers/usernamespace/configmap2sync_test.go
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
//
// Copyright (c) 2019-2023 Red Hat, Inc.
// Copyright (c) 2019-2024 Red Hat, Inc.
// This program and the accompanying materials are made
// available under the terms of the Eclipse Public License 2.0
// which is available at https://www.eclipse.org/legal/epl-2.0/
Expand All @@ -14,6 +14,7 @@ package usernamespace

import (
"context"
"sync"
"testing"

"github.com/eclipse-che/che-operator/pkg/common/constants"
Expand Down Expand Up @@ -67,12 +68,21 @@ func TestSyncConfigMap(t *testing.T) {

workspaceConfigReconciler := NewWorkspacesConfigReconciler(
deployContext.ClusterAPI.Client,
deployContext.ClusterAPI.NonCachingClient,
deployContext.ClusterAPI.Scheme,
NewNamespaceCache(deployContext.ClusterAPI.NonCachingClient))
&namespaceCache{
client: deployContext.ClusterAPI.Client,
knownNamespaces: map[string]namespaceInfo{
userNamespace: {
IsWorkspaceNamespace: true,
Username: "user",
CheCluster: &types.NamespacedName{Name: "eclipse-che", Namespace: "eclipse-che"},
},
},
lock: sync.Mutex{},
})

// Sync ConfigMap
err := workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err := workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -96,7 +106,7 @@ func TestSyncConfigMap(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -120,7 +130,7 @@ func TestSyncConfigMap(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -145,7 +155,7 @@ func TestSyncConfigMap(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -167,7 +177,7 @@ func TestSyncConfigMap(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -187,7 +197,7 @@ func TestSyncConfigMap(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 0, v1ConfigMapGKV)

Expand Down Expand Up @@ -224,12 +234,21 @@ func TestSyncConfigMapShouldMergeLabelsAndAnnotationsOnUpdate(t *testing.T) {

workspaceConfigReconciler := NewWorkspacesConfigReconciler(
deployContext.ClusterAPI.Client,
deployContext.ClusterAPI.NonCachingClient,
deployContext.ClusterAPI.Scheme,
NewNamespaceCache(deployContext.ClusterAPI.NonCachingClient))
&namespaceCache{
client: deployContext.ClusterAPI.Client,
knownNamespaces: map[string]namespaceInfo{
userNamespace: {
IsWorkspaceNamespace: true,
Username: "user",
CheCluster: &types.NamespacedName{Name: "eclipse-che", Namespace: "eclipse-che"},
},
},
lock: sync.Mutex{},
})

// Sync ConfigMap
err := workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err := workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand All @@ -254,7 +273,7 @@ func TestSyncConfigMapShouldMergeLabelsAndAnnotationsOnUpdate(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand Down Expand Up @@ -282,7 +301,7 @@ func TestSyncConfigMapShouldMergeLabelsAndAnnotationsOnUpdate(t *testing.T) {
assert.Nil(t, err)

// Sync ConfigMap
err = workspaceConfigReconciler.syncWorkspacesConfig(context.TODO(), userNamespace)
err = workspaceConfigReconciler.syncNamespace(context.TODO(), eclipseCheNamespace, userNamespace)
assert.Nil(t, err)
assertSyncConfig(t, workspaceConfigReconciler, 2, v1ConfigMapGKV)

Expand Down
Loading

0 comments on commit f71d2e8

Please sign in to comment.