feat: Allow to use OpenVsx in plug-in registry

Change-Id: I6b42aa61a6d6b8077441fab270d6950954e29698 Signed-off-by: Florent Benoit <fbenoit@redhat.com>
eclipse-che · Jul 1, 2022 · d408a75 · d408a75
1 parent b63744d
commit d408a75
Show file tree

Hide file tree

Showing 11 changed files with 209 additions and 151 deletions.
diff --git a/.github/workflows/image-build-pr-check.yml b/.github/workflows/image-build-pr-check.yml
@@ -13,9 +13,6 @@ on: [push, pull_request]
 
 jobs:
   image-build:
-    strategy:
-      matrix:
-        dist: [ 'alpine', 'rhel' ]
     runs-on: ubuntu-20.04
     steps:
     - name: Clone source code
@@ -54,14 +51,9 @@ jobs:
         export SKIP_FORMAT=true
         export SKIP_LINT=true
         export SKIP_TEST=true
-        if [[ "${{matrix.dist}}" == "alpine" ]]; then
-          docker pull quay.io/eclipse/che-plugin-registry:next
-          BUILDER=docker ./build.sh --tag pr-check
-          EXPORTED_FOLDER=/usr/local/apache2/htdocs/v3
-        elif [[ "${{matrix.dist}}" == "rhel" ]]; then
-          BUILDER=docker ./build.sh --rhel --tag pr-check
-          EXPORTED_FOLDER=/var/www/html/v3
-        fi
+        docker pull quay.io/eclipse/che-plugin-registry:next
+        BUILDER=docker ./build.sh --tag pr-check
+        EXPORTED_FOLDER=/var/www/html/v3
         ls -la output/
         docker run --rm --entrypoint=sh quay.io/eclipse/che-plugin-registry:pr-check -c "ls -la ${EXPORTED_FOLDER}"
         docker create --name pluginRegistry quay.io/eclipse/che-plugin-registry:pr-check sh
@@ -72,8 +64,8 @@ jobs:
         tar zcvf content-${{matrix.dist}}.tgz -C root-dir .
     - uses: actions/upload-artifact@v3
       with:
-        name: plugin-registry-content-${{matrix.dist}}
-        path: content-${{matrix.dist}}.tgz
+        name: plugin-registry-content
+        path: content.tgz
   pull-request-info:
     if: ${{ github.event_name == 'pull_request' }}
     runs-on: ubuntu-20.04

diff --git a/.github/workflows/publish-pr-check-content.yml b/.github/workflows/publish-pr-check-content.yml
@@ -19,17 +19,14 @@ jobs:
   publish:
     # only if it's a pull request
     if: github.event.workflow_run.event == 'pull_request'
-    strategy:
-      matrix:
-        dist: [ 'alpine', 'rhel' ]
     name: publish
     runs-on: ubuntu-20.04
     steps:
       - name: download dist artifact
         uses: dawidd6/action-download-artifact@v2
         with:
           workflow: ${{ github.event.workflow_run.workflow_id }}
-          name: plugin-registry-content-${{matrix.dist}}
+          name: plugin-registry-content
           path: content
       - name: PR number
         uses: dawidd6/action-download-artifact@v2
@@ -75,12 +72,12 @@ jobs:
                PARENT_DIR=$(dirname $file);
                cp ${PARENT_DIR}/meta.yaml ${PARENT_DIR}/index.html
              done
-           export DEPLOY_DOMAIN=https://pr-check-${PR_NUMBER}-${{matrix.dist}}-che-plugin-registry.surge.sh
+           export DEPLOY_DOMAIN=https://pr-check-${PR_NUMBER}-che-plugin-registry.surge.sh
            echo "DEPLOY_DOMAIN=$DEPLOY_DOMAIN" >> $GITHUB_ENV
            surge ./unpacked --domain $DEPLOY_DOMAIN
       - name: 'Comment PR'
         uses: actions/github-script@v6
         with:
          script: |
            const { repo: { owner, repo } } = context;
-           await github.rest.repos.createCommitStatus({ owner, repo, sha: process.env.PR_SHA, state: "success", target_url: process.env.DEPLOY_DOMAIN, description: "Browse registry content (${{matrix.dist}}) live", context: "surge(${{matrix.dist}})"})
+           await github.rest.repos.createCommitStatus({ owner, repo, sha: process.env.PR_SHA, state: "success", target_url: process.env.DEPLOY_DOMAIN, description: "Browse registry content live", context: "surge"})
diff --git a/build/dockerfiles/Dockerfile b/build/dockerfiles/Dockerfile
@@ -11,20 +11,84 @@
 #   IBM Corporation - implementation
 #
 
-# Build registry
-FROM docker.io/httpd:2.4.46-alpine
-RUN apk add --no-cache bash && \
-    # Allow htaccess
-    sed -i 's|    AllowOverride None|    AllowOverride All|' /usr/local/apache2/conf/httpd.conf && \
-    sed -i 's|Listen 80|Listen 8080|' /usr/local/apache2/conf/httpd.conf && \
-    mkdir -p /var/www && ln -s /usr/local/apache2/htdocs /var/www/html && \
-    echo "ServerName localhost" >> /usr/local/apache2/conf/httpd.conf && \
-    apk add --no-cache coreutils
-COPY ./build/dockerfiles/entrypoint.sh /usr/bin/
-COPY README.md .htaccess /usr/local/apache2/htdocs/
-COPY output/v3 /usr/local/apache2/htdocs/v3
-COPY v3/plugins/ /usr/local/apache2/htdocs/v3/plugins/
-COPY v3/images/*.png /usr/local/apache2/htdocs/v3/images/
-RUN chmod -R g+rwX /usr/local/apache2
-ENTRYPOINT ["/usr/bin/entrypoint.sh"]
-CMD ["httpd-foreground"]
+# OpenVSX
+FROM ghcr.io/eclipse/openvsx-server:cd6f3e4 AS openvsx-server
+
+# Ubi Builder
+FROM registry.access.redhat.com/ubi8/ubi:8.6-855 AS ubi-builder
+RUN mkdir -p /mnt/rootfs
+# Install httpd and postgresql
+RUN yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
+RUN yum install --installroot /mnt/rootfs postgresql14-libs postgresql14 postgresql14-server \
+    java-11-openjdk coreutils-single glibc-minimal-langpack glibc-langpack-en langpacks-en glibc-locale-source httpd nc \
+    net-tools procps vi curl wget tar gzip \
+    --releasever 8 --nodocs -y && \
+    yum --installroot /mnt/rootfs clean all && \
+    rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.*
+
+# Copy OpenVSX server files
+COPY --from=openvsx-server --chown=0:0 /home/openvsx/server /mnt/rootfs/openvsx-server
+# Copy our configuration file for OpenVSX server
+COPY /build/dockerfiles/application.yaml /mnt/rootfs/openvsx-server/config/
+
+# use the final root filesystem as default directory
+WORKDIR /mnt/rootfs
+
+# apply permissions to later change these files on httpd and postgres
+RUN chmod g+rwx /mnt/rootfs/var/log/httpd && chmod g+rw /mnt/rootfs/run/httpd && chmod g+rw /mnt/rootfs/var/lib/pgsql
+
+# create user template
+RUN cat /mnt/rootfs/etc/passwd | sed s#root:x.*#root:x:\${USER_ID}:\${GROUP_ID}::\${HOME}:/bin/bash#g > /mnt/rootfs/.passwd.template \
+    && cat /mnt/rootfs/etc/group | sed s#root:x:0:#root:x:0:0,\${USER_ID}:#g > /mnt/rootfs/.group.template
+
+# change permissions
+RUN for f in "/mnt/rootfs/etc/passwd" "/mnt/rootfs/etc/group" "/mnt/rootfs/var/lib/pgsql" "/mnt/rootfs/usr/pgsql-14" "/mnt/rootfs/var/run/postgresql"; do\
+           chgrp -R 0 ${f} && \
+           chmod -R g+rwX ${f}; \
+       done
+
+# Apply httpd config file
+RUN sed -i /mnt/rootfs/etc/httpd/conf/httpd.conf \
+    -e "s,Listen 80,Listen 8080," \
+    -e "s,logs/error_log,/dev/stderr," \
+    -e "s,logs/access_log,/dev/stdout," \
+    -e "s,AllowOverride None,AllowOverride All," && \
+    chmod a+rwX /mnt/rootfs/etc/httpd/conf /mnt/rootfs/etc/httpd/conf.d /mnt/rootfs/run/httpd /mnt/rootfs/etc/httpd/logs/
+
+STOPSIGNAL SIGWINCH
+
+RUN mkdir -m 777 /mnt/rootfs/var/www/html/v3
+COPY --chmod=755 /build/dockerfiles/*.sh /mnt/rootfs
+COPY /build/dockerfiles/openvsx.conf /mnt/rootfs/etc/httpd/conf.d/
+COPY README.md .htaccess /mnt/rootfs/var/www/html/
+COPY output/v3 /mnt/rootfs/var/www/html/v3
+COPY v3/plugins/ /mnt/rootfs/var/www/html/v3/plugins/
+COPY v3/images/*.png /mnt/rootfs/var/www/html/v3/images/
+
+# Use scratch image and then copy ubi fs
+FROM scratch
+COPY --from=ubi-builder /mnt/rootfs/ /
+COPY /vsix /vsix
+# Add UTF-8 for the database
+RUN localedef -f UTF-8 -i en_US en_US.UTF-8 && \
+    usermod -a -G apache,root,postgres postgres
+USER postgres
+ENV LC_ALL=en_US.UTF-8 \
+    LANG=en_US.UTF-8 \
+    LANGUAGE=en_US.UTF-8 \
+    PGDATA=/var/lib/pgsql/14/data/database \
+    JAVA_HOME=
+
+RUN /usr/pgsql-14/bin/initdb && \
+    # Add all vsix files to the database
+    /import-vsix.sh && \
+    # add permissions for anyuserid
+    chgrp -R 0 /var/lib/pgsql/14/data/database && \
+    #cleanup postgresql pid
+    rm /var/lib/pgsql/14/data/database/postmaster.pid && \
+    rm /var/run/postgresql/.s.PGSQL* && \
+    rm /tmp/.s.PGSQL* && \
+    chmod -R g+rwX /var/lib/pgsql/14/data/database && mv /var/lib/pgsql/14/data/database /var/lib/pgsql/14/data/old
+ENTRYPOINT ["/entrypoint.sh"]
+
+# append Brew metadata here
diff --git a/build/dockerfiles/application.yaml b/build/dockerfiles/application.yaml
@@ -0,0 +1,40 @@
+server:
+  port: 9000
+
+spring:
+  profiles:
+    include: ovsx
+  datasource:
+    url: jdbc:postgresql://localhost:5432/postgres
+    username: postgres
+    password: 
+  jpa:
+    properties:
+      hibernate:
+        dialect: org.hibernate.dialect.PostgreSQLDialect
+    hibernate:
+      ddl-auto: none
+  session:
+    store-type: jdbc
+    jdbc:
+      initialize-schema: never
+
+  security:
+      oauth2:
+        client:
+          registration:
+            github:
+              client-id: foo
+              client-secret: foo
+
+management:
+  health:
+    probes:
+      enabled: true
+
+ovsx:
+  elasticsearch:
+    enabled: false
+    clear-on-start: true
+  databasesearch:
+    enabled: true
diff --git a/build/dockerfiles/entrypoint.sh b/build/dockerfiles/entrypoint.sh
@@ -44,7 +44,22 @@ function run_main() {
 
     update_container_image_references
 
-    exec "${@}"
+    # Add current (arbitrary) user to /etc/passwd and /etc/group
+    if ! whoami &> /dev/null; then
+        if [ -w /etc/passwd ]; then
+            echo "${USER_NAME:-postgres}:x:$(id -u):0:${USER_NAME:-postgres} user:${HOME}:/sbin/nologin" >> /etc/passwd
+        fi
+    fi
+
+    # change permissions
+    cp -r /var/lib/pgsql/14/data/old /var/lib/pgsql/14/data/database
+    rm -rf /var/lib/pgsql/14/data/old
+
+    # start postgres and openvsx
+    ./start-services.sh
+
+    # start httpd
+    /usr/sbin/httpd -D FOREGROUND
 
 }
 

diff --git a/build/dockerfiles/import-vsix.sh b/build/dockerfiles/import-vsix.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+set -e
+set -o pipefail
+
+./start-services.sh
+
+# install temporary nodejs
+mkdir -p /tmp/opt/nodejs && curl -sL https://nodejs.org/download/release/v14.18.3/node-v14.18.3-linux-x64.tar.gz | tar xzf - -C /tmp/opt/nodejs --strip-components=1
+# add path
+export PATH=/tmp/opt/nodejs/bin:$PATH
+
+
+# install the cli
+npm install -g ovsx@0.2.1
+
+# insert user
+psql -c "INSERT INTO user_data (id, login_name) VALUES (1001, 'eclipse-che');"
+psql -c "INSERT INTO personal_access_token (id, user_data, value, active, created_timestamp, accessed_timestamp, description) VALUES (1001, 1001, 'eclipse_che_token', true, current_timestamp, current_timestamp, 'For publishing test extensions');"
+psql -c "UPDATE user_data SET role='admin' WHERE user_data.login_name='eclipse-che';"
+
+
+echo "Starting to publish extensions...."
+export OVSX_REGISTRY_URL=http://localhost:9000
+export OVSX_PAT=eclipse_che_token
+
+ovsx create-namespace redhat
+ovsx publish /vsix/_jbosstools_static_jdt_ls_stable-java-0.82.0-369.vsix
+
+# drop user
+psql -c "ALTER TABLE personal_access_token DISABLE TRIGGER ALL;"
+psql -c "ALTER TABLE user_data DISABLE TRIGGER ALL;"
+psql -c "DELETE FROM personal_access_token;"
+psql -c "DELETE FROM user_data;"
+psql -c "ALTER TABLE personal_access_token ENABLE TRIGGER ALL;"
+psql -c "ALTER TABLE user_data ENABLE TRIGGER ALL;"
diff --git a/build/dockerfiles/openvsx.conf b/build/dockerfiles/openvsx.conf
@@ -0,0 +1,9 @@
+<LocationMatch "/openvsx/">
+  ProxyPass http://localhost:9000/
+  ProxyPassReverse http://localhost:9000/
+  Header add Access-Control-Allow-Origin "*"
+  ProxyPreserveHost On
+  RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
+  RequestHeader set X-Forwarded-Prefix "/openvsx"
+</LocationMatch>
+
diff --git a/build/dockerfiles/rhel.Dockerfile b/build/dockerfiles/rhel.Dockerfile
diff --git a/build/dockerfiles/rhel.entrypoint.sh b/build/dockerfiles/rhel.entrypoint.sh