-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Attach dockercfg secrets as pull image secret #284
Conversation
Skipping CI for Draft Pull Request. |
3a305e6
to
0d0cab2
Compare
@@ -307,6 +307,12 @@ func (r *DevWorkspaceReconciler) Reconcile(req ctrl.Request) (reconcileResult ct | |||
serviceAcctName := serviceAcctStatus.ServiceAccountName | |||
reconcileStatus.Conditions[devworkspace.WorkspaceServiceAccountReady] = "" | |||
|
|||
pullSecretStatus := provision.PullSecrets(clusterAPI) | |||
if !pullSecretStatus.Continue{ | |||
return reconcile.Result{Requeue: pullSecretStatus.Requeue}, pullSecretStatus.Err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that it will be exposed in Workspace status as WAITING FOR DEPLOYMENT, not sure if we should update devfile/api or introduce our own conditions instead
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've added a8cfd71, but note that it will be exposed on workspace status only in case pull secrets failed from first try.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with a few comments
controllers/workspace/status.go
Outdated
if _, ok := conditions[devworkspace.WorkspaceServiceAccountReady]; ok { | ||
return "Waiting for deployment to be ready" | ||
} | ||
if _, ok := conditions[PullSecretsReadyCondition]; ok { | ||
return "Waiting for workspace pull secrets" | ||
} | ||
if _, ok := conditions[devworkspace.WorkspaceRoutingReady]; ok { | ||
return "Waiting for workspace serviceaccount" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we sure this is the right logic? I would assume that if the PullSecretsReady
condition is true, then the pull secrets have been prepared and we're not actually waiting on them.
The general approach to this progress message I've taken is once a condition is set, we're waiting on the next condition, i.e.
if _, ok := conditions[devworkspace.WorkspaceServiceAccountReady]; ok { | |
return "Waiting for deployment to be ready" | |
} | |
if _, ok := conditions[PullSecretsReadyCondition]; ok { | |
return "Waiting for workspace pull secrets" | |
} | |
if _, ok := conditions[devworkspace.WorkspaceRoutingReady]; ok { | |
return "Waiting for workspace serviceaccount" | |
} | |
if _, ok := conditions[devworkspace.WorkspaceServiceAccountReady]; ok { | |
return "Waiting for deployment to be ready" | |
} | |
if _, ok := conditions[PullSecretsReadyCondition]; ok { | |
return "Waiting for workspace service account" | |
} | |
if _, ok := conditions[devworkspace.WorkspaceRoutingReady]; ok { | |
return "Waiting for workspace pull secrets" | |
} |
Each condition gets set in sequence, so the idea is once a condition is set, the workspace is waiting on the next condition in the list -- If conditions[devworkspace.WorkspaceServiceAccountReady]
is set, then we know conditions[PullSecretsReadyCondition]
is set, etc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch.
it's downside of multitasking :-D
I'll fix it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I refactored the way how we expose info message d208482
And it seems to work fine but I will need to take a look why
waiting for editor did not appeared, maybe it just passed too fast
> kc get dw theia -w
NAME WORKSPACE ID PHASE INFO
theia workspace60395b9042b94129
theia workspace60395b9042b94129
theia workspace60395b9042b94129
theia workspace60395b9042b94129 Starting Processing DevWorkspace components
theia workspace60395b9042b94129 Starting Processing DevWorkspace components
theia workspace60395b9042b94129 Starting Waiting for workspace routing objects
theia workspace60395b9042b94129 Starting Waiting for workspace routing objects
theia workspace60395b9042b94129 Starting Waiting for workspace routing objects
theia workspace60395b9042b94129 Starting Waiting for workspace serviceaccount
theia workspace60395b9042b94129 Starting Waiting for workspace serviceaccount
theia workspace60395b9042b94129 Starting Waiting for workspace serviceaccount
theia workspace60395b9042b94129 Starting Waiting for deployment to be ready
theia workspace60395b9042b94129 Starting Waiting for deployment to be ready
theia workspace60395b9042b94129 Starting Waiting for deployment to be ready
theia workspace60395b9042b94129 Running https://workspace60395b9042b94129.apps.cluster-4237.4237.sandbox422.opentlc.com/theia/
theia workspace60395b9042b94129 Running https://workspace60395b9042b94129.apps.cluster-4237.4237.sandbox422.opentlc.com/theia/
theia workspace60395b9042b94129 Running https://workspace60395b9042b94129.apps.cluster-4237.4237.sandbox422.opentlc.com/theia/
theia workspace60395b9042b94129 Running https://workspace60395b9042b94129.apps.cluster-4237.4237.sandbox422.opentlc.com/theia/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sometimes it starts quickly :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Other than Angel's comments it looks good to me
var PhaseStatusesOrder = []PhaseStatus{ | ||
{ | ||
devworkspace.WorkspaceComponentsReady, | ||
"Processing DevWorkspace components", | ||
}, | ||
{ | ||
devworkspace.WorkspaceRoutingReady, | ||
"Waiting for workspace routing objects", | ||
}, | ||
{ | ||
devworkspace.WorkspaceServiceAccountReady, | ||
"Waiting for workspace serviceaccount", | ||
}, | ||
{ | ||
PullSecretsReadyCondition, | ||
"Waiting for workspace pull secrets", | ||
}, | ||
{ | ||
devworkspace.WorkspaceReady, | ||
"Waiting for deployment to be ready", | ||
}, | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 good idea!
We should consider (in a separate PR) using WorkspaceReady
to be the final condition (i.e. after health checks) and add our own DeploymentReady
condition to use in its place.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
New changes LGTM
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: amisevsk, JPinkney, sleshchenko The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
I also checked that workspaces enter a terminating phase correctly -- we don't have a |
/test v5-devworkspaces-operator-e2e |
What does this PR do?
This PR add an ability to label secrets with types
kubernetes.io/dockercfg
andkubernetes.io/dockerconfigjson
whichcontroller.devfile.io/devworkspace_pullsecret: true
and it will be used as pull secret for DevWorkspace-related deployment.What issues does this PR fix or reference?
fixes #264
Is it tested? How?
I created two robots and mirror che theia in my private repo, so, they can be used for testing: