Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: configure securityContext for che-gateway container #1358

Merged
merged 3 commits into from
Dec 18, 2024
Merged

feat: configure securityContext for che-gateway container #1358

merged 3 commits into from
Dec 18, 2024

Conversation

tolusha
Copy link
Contributor

@tolusha tolusha commented Dec 13, 2024
edited
Loading

What does this PR do?

feat: configure securityContext for che-gateway container

What issues does this PR fix or reference?

eclipse-che/che#22747

Is it tested? How?

  1. Configure CheCluster
spec:
  devEnvironments:
    security:
      containerSecurityContext:
        <...>
  1. Start a workspace
  2. Check security context in the gateway container

PR Checklist

  • E2E tests pass (when PR is ready, comment /test v8-devworkspace-operator-e2e, v8-che-happy-path to trigger)
    • v8-devworkspace-operator-e2e: DevWorkspace e2e test
    • v8-che-happy-path: Happy path for verification integration with Che

@tolusha
Add comment
69643bf 
Signed-off-by: Anatolii Bazko <[email protected]>
@ibuziuk ibuziuk mentioned this pull request Dec 14, 2024
Closed
dkwon17
dkwon17 reviewed Dec 18, 2024
View reviewed changes
pkg/provision/workspace/routing.go Outdated
for i, container := range clusterRouting.Status.PodAdditions.Containers {
if container.SecurityContext == nil &&
workspace.Config.Workspace != nil &&
workspace.Config.Workspace.ContainerSecurityContext != nil {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this check

				workspace.Config.Workspace != nil &&
				workspace.Config.Workspace.ContainerSecurityContext != nil

to the outer if statement on line 61 ?

@tolusha
fixup
3fd6f8a 
Signed-off-by: Anatolii Bazko <[email protected]>
ibuziuk
ibuziuk reviewed Dec 18, 2024
View reviewed changes
Copy link
Contributor

@ibuziuk ibuziuk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tolusha looks like there is a test failure
Also, wondering if we can add a test case for the SecurityContext as well?

@openshift-ci openshift-ci bot added the lgtm label Dec 18, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 18, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dkwon17, tolusha

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dkwon17
Copy link
Collaborator

dkwon17 commented Dec 18, 2024

For the sake of the DWO 0.32.0 release, I propose we add the test in a future PR. Currently, there doesn't seem to be any test suites that specifically tests the routing.go file: https://github.com/devfile/devworkspace-operator//blob/69643bf91b2594795949e149c4b89ae1e1b49832/pkg/provision/workspace/routing.go

@dkwon17 dkwon17 merged commit 0db6aba into devfile:main Dec 18, 2024
10 checks passed
@dkwon17
Copy link
Collaborator

dkwon17 commented Dec 18, 2024

@ibuziuk the test failure was due to flakiness, after rerunning the tests, all have passed

@dkwon17 dkwon17 mentioned this pull request Dec 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ibuziuk ibuziuk ibuziuk left review comments

@dkwon17 dkwon17 dkwon17 approved these changes

Assignees

@dkwon17 dkwon17

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tolusha @dkwon17 @ibuziuk