tmp

eclipse-che · Jul 5, 2018 · a7ccfcb · a7ccfcb
1 parent ae15d64
commit a7ccfcb
Show file tree

Hide file tree

Showing 6 changed files with 45 additions and 31 deletions.
diff --git a/deploy/openshift/ocp.sh b/deploy/openshift/ocp.sh
@@ -91,44 +91,46 @@ test_dns_provider() {
 }
 
 get_tools() {
-    TOOLS_DIR="/tmp"
-    OC_BINARY="$TOOLS_DIR/oc"
-    JQ_BINARY="$TOOLS_DIR/jq"
-    OC_VERSION=$(echo $DEFAULT_OC_BINARY_DOWNLOAD_URL | cut -d '/' -f 8)
+    DEFAULT_OCP_TOOLS_DIR="/tmp"
+    export OCP_TOOLS_DIR=${OCP_TOOLS_DIR:-${DEFAULT_OCP_TOOLS_DIR}}
+
+    OC_BINARY="$OCP_TOOLS_DIR/oc"
+    JQ_BINARY="$OCP_TOOLS_DIR/jq"
+    OC_VERSION=$(echo $OC_BINARY_DOWNLOAD_URL | cut -d '/' -f 8)
     #OS specific extract archives
     if [[ "$OSTYPE" == "darwin"* ]]; then
         OC_PACKAGE="openshift-origin-client-tools.zip"
-        ARCH="unzip -d $TOOLS_DIR"
+        ARCH="unzip -d $OCP_TOOLS_DIR"
         EXTRA_ARGS=""
     else
         OC_PACKAGE="openshift-origin-client-tools.tar.gz"
         ARCH="tar --strip 1 -xzf"
-        EXTRA_ARGS="-C $TOOLS_DIR"
+        EXTRA_ARGS="-C $OCP_TOOLS_DIR"
     fi
 
     download_oc() {
         echo "download oc client $OC_VERSION"
-        wget -q -O $TOOLS_DIR/$OC_PACKAGE $OC_BINARY_DOWNLOAD_URL
-        eval "$ARCH" "$TOOLS_DIR"/"$OC_PACKAGE" "$EXTRA_ARGS" &>/dev/null
-        rm -f "$TOOLS_DIR"/README.md "$TOOLS_DIR"/LICENSE "${TOOLS_DIR:-/tmp}"/"$OC_PACKAGE"
+        wget -O $OCP_TOOLS_DIR/$OC_PACKAGE $OC_BINARY_DOWNLOAD_URL
+        eval "$ARCH" "$OCP_TOOLS_DIR"/"$OC_PACKAGE" "$EXTRA_ARGS" &>/dev/null
+        rm -f "$OCP_TOOLS_DIR"/README.md "$OCP_TOOLS_DIR"/LICENSE "${OCP_TOOLS_DIR:-/tmp}"/"$OC_PACKAGE"
     }
 
     if [[ ! -f $OC_BINARY ]]; then
         download_oc
     else
         # here we check is installed version is same version defined in script, if not we update version to one that defined in script.
         if [[ $($OC_BINARY version 2> /dev/null | grep "oc v" | cut -d " " -f2 | cut -d '+' -f1 || true) != *"$OC_VERSION"* ]]; then
-            rm -f "$OC_BINARY" "$TOOLS_DIR"/README.md "$TOOLS_DIR"/LICENSE
+            rm -f "$OC_BINARY" "$OCP_TOOLS_DIR"/README.md "$OCP_TOOLS_DIR"/LICENSE
             download_oc
         fi
     fi
 
     if [ ! -f $JQ_BINARY ]; then
         echo "download jq..."
-        wget -q -O $JQ_BINARY $JQ_BINARY_DOWNLOAD_URL
+        wget -O $JQ_BINARY $JQ_BINARY_DOWNLOAD_URL
         chmod +x $JQ_BINARY
     fi
-    export PATH=${PATH}:${TOOLS_DIR}
+    export PATH=${PATH}:${OCP_TOOLS_DIR}
 }
 
 ocp_is_booted() {

diff --git a/deploy/openshift/templates/multi/keycloak-template.yaml b/deploy/openshift/templates/multi/keycloak-template.yaml
@@ -61,7 +61,7 @@ objects:
                 optional: true
           image: '${IMAGE_KEYCLOAK}:${CHE_VERSION}'
           command: ["/scripts/kc_realm_user.sh"]
-          imagePullPolicy: Always
+          imagePullPolicy: IfNotPresent
           name: keycloak
           livenessProbe:
             failureThreshold: 11

diff --git a/...n/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInternalRuntime.java b/...n/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInternalRuntime.java
@@ -17,6 +17,7 @@
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.inject.assistedinject.Assisted;
+import io.fabric8.kubernetes.api.model.ConfigMap;
 import io.fabric8.kubernetes.api.model.Container;
 import io.fabric8.kubernetes.api.model.ObjectMeta;
 import io.fabric8.kubernetes.api.model.Pod;
@@ -470,6 +471,10 @@ protected void startMachines() throws InfrastructureException {
       namespace.secrets().create(secret);
     }
 
+    for (ConfigMap configMap : k8sEnv.getConfigMaps().values()) {
+      namespace.configMaps().create(configMap);
+    }
+
     List<Service> createdServices = new ArrayList<>();
     for (Service service : k8sEnv.getServices().values()) {
       createdServices.add(namespace.services().create(service));

diff --git a/.../org/eclipse/che/workspace/infrastructure/kubernetes/namespace/KubernetesDeployments.java b/.../org/eclipse/che/workspace/infrastructure/kubernetes/namespace/KubernetesDeployments.java
@@ -124,6 +124,8 @@ public Pod deploy(Pod pod) throws InfrastructureException {
     putLabel(pod, CHE_WORKSPACE_ID_LABEL, workspaceId);
     ObjectMeta metadata = pod.getMetadata();
     PodSpec podSpec = pod.getSpec();
+    //TODO Remove
+    podSpec.getContainers().stream().forEach(c -> c.setImagePullPolicy("IfNotPresent"));
     podSpec.setRestartPolicy("Always"); // Only allowable value
     try {
       Deployment deployment =

diff --git a/...e/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java b/...e/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java
@@ -18,11 +18,11 @@
 import static org.eclipse.che.workspace.infrastructure.kubernetes.server.KubernetesServerExposer.SERVER_UNIQUE_PART_SIZE;
 
 import com.google.common.collect.ImmutableMap;
+import io.fabric8.kubernetes.api.model.ConfigMap;
+import io.fabric8.kubernetes.api.model.ConfigMapBuilder;
 import io.fabric8.kubernetes.api.model.ContainerBuilder;
 import io.fabric8.kubernetes.api.model.Pod;
 import io.fabric8.kubernetes.api.model.PodBuilder;
-import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.api.model.SecretBuilder;
 import io.fabric8.kubernetes.api.model.Service;
 import io.fabric8.kubernetes.api.model.ServicePort;
 import io.fabric8.kubernetes.api.model.ServicePortBuilder;
@@ -100,9 +100,9 @@ public ServicePort expose(
     proxyConfigBuilder.addVerifierProxy(
         listenPort, "http://" + backendServiceName + ":" + backendServicePort);
     k8sEnv
-        .getSecrets()
-        .get(getSecretName())
-        .getStringData()
+        .getConfigMaps()
+        .get(getConfigMapName())
+        .getData()
         .put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
 
     ServicePort exposedPort =
@@ -123,8 +123,8 @@ public String getServiceName() {
     return serviceName;
   }
 
-  /** Returns secret name that will be mounted into JWTProxy Pod. */
-  public String getSecretName() {
+  /** Returns config map name that will be mounted into JWTProxy Pod. */
+  private String getConfigMapName() {
     return "jwtproxy-config-" + identity.getWorkspaceId();
   }
 
@@ -138,23 +138,23 @@ private void ensureJwtProxyInjected(KubernetesEnvironment k8sEnv) throws Infrast
         throw new InternalInfrastructureException(
             "Key pair for machine authentication does not exist");
       }
-      Map<String, String> initSecretData = new HashMap<>();
-      initSecretData.put(
+      Map<String, String> initConfigMapData = new HashMap<>();
+      initConfigMapData.put(
           JWT_PROXY_PUBLIC_KEY_FILE,
           PUBLIC_KEY_HEADER
               + java.util.Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded())
               + PUBLIC_KEY_FOOTER);
 
-      initSecretData.put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
+      initConfigMapData.put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
 
-      Secret jwtProxySecret =
-          new SecretBuilder()
+      ConfigMap jwtProxyConfigMap =
+          new ConfigMapBuilder()
               .withNewMetadata()
-              .withName(getSecretName())
+              .withName(getConfigMapName())
               .endMetadata()
-              .withStringData(initSecretData)
+              .withData(initConfigMapData)
               .build();
-      k8sEnv.getSecrets().put(jwtProxySecret.getMetadata().getName(), jwtProxySecret);
+      k8sEnv.getConfigMaps().put(jwtProxyConfigMap.getMetadata().getName(), jwtProxyConfigMap);
 
       Service jwtProxyService =
           new ServerServiceBuilder()
@@ -198,9 +198,9 @@ private Pod createJwtProxyPod(RuntimeIdentity identity) {
         .withVolumes(
             new VolumeBuilder()
                 .withName("jwtproxy-config-volume")
-                .withNewSecret()
-                .withSecretName("jwtproxy-config-" + identity.getWorkspaceId())
-                .endSecret()
+                .withNewConfigMap()
+                .withName("jwtproxy-config-" + identity.getWorkspaceId())
+                .endConfigMap()
                 .build())
         .endSpec()
         .build();

diff --git a/...ain/java/org/eclipse/che/workspace/infrastructure/openshift/OpenShiftInternalRuntime.java b/...ain/java/org/eclipse/che/workspace/infrastructure/openshift/OpenShiftInternalRuntime.java
@@ -12,6 +12,7 @@
 
 import com.google.common.collect.ImmutableSet;
 import com.google.inject.assistedinject.Assisted;
+import io.fabric8.kubernetes.api.model.ConfigMap;
 import io.fabric8.kubernetes.api.model.Pod;
 import io.fabric8.kubernetes.api.model.Secret;
 import io.fabric8.kubernetes.api.model.Service;
@@ -98,6 +99,10 @@ protected void startMachines() throws InfrastructureException {
       project.secrets().create(secret);
     }
 
+//    for (ConfigMap configMap : osEnv.getConfigMaps().values()) {
+//      project.configMaps().create(configMap);
+//    }
+
     List<Service> createdServices = new ArrayList<>();
     for (Service service : osEnv.getServices().values()) {
       createdServices.add(project.services().create(service));