You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by pc...@apache.org on 2023/06/28 06:47:10 UTC
[camel-k] 03/07: fix: temporary switch to root
This is an automated email from the ASF dual-hosted git repository.
pcongiusti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit 5e83a25412409118f1c1290d52cf879fe255fc8f
Author: Pasquale Congiusti <pa...@gmail.com>
AuthorDate: Wed Jun 14 11:03:13 2023 +0200
fix: temporary switch to root
Ref #4429
---
build/Dockerfile | 11 +++++------
e2e/commonwithcustominstall/tekton_test.go | 2 +-
e2e/install/cli/install_test.go | 11 -----------
go.mod | 1 -
go.sum | 3 ---
install/Makefile | 7 -------
pkg/controller/build/build_pod.go | 17 ++++++++++++-----
pkg/controller/catalog/initialize.go | 14 +++++++++++---
pkg/controller/integrationkit/build.go | 2 --
pkg/install/optional.go | 11 -----------
10 files changed, 29 insertions(+), 50 deletions(-)
diff --git a/build/Dockerfile b/build/Dockerfile
index a4efab6b6..cd66cc6ab 100644
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -19,11 +19,13 @@ ARG MAVEN_DEFAULT_VERSION="3.8.6"
ARG MAVEN_HOME="/usr/share/maven"
ARG MAVEN_DIST_URL="https://archive.apache.org/dist/maven/maven-3/${MAVEN_DEFAULT_VERSION}/binaries/apache-maven-${MAVEN_DEFAULT_VERSION}-bin.zip"
ARG MVNW_DIR="/usr/share/maven/mvnw/"
+ARG MVN_REPO="/etc/maven/m2"
USER 0
# Maven configuration
RUN mkdir -p ${MAVEN_HOME}
+RUN mkdir -p ${MVN_REPO}
COPY build/_maven_overlay/ /usr/share/maven/lib/
ADD build/_maven_overlay/logback.xml /usr/share/maven/conf/
@@ -40,14 +42,11 @@ RUN ${MVNW_DIR}/mvnw --version | grep "Maven home:" | sed 's/Maven home: //' >>
&& rm $(cat ${MVNW_DIR}default)/lib/maven-slf4j-provider*
ENV MAVEN_OPTS="${MAVEN_OPTS} -Dlogback.configurationFile=${MAVEN_HOME}/conf/logback.xml"
-ADD build/_maven_output /tmp/local/m2
+ADD build/_maven_output ${MVN_REPO}
ADD build/_kamelets /kamelets
-RUN mkdir -p /etc/maven/m2 \
- && chgrp -R 0 /etc/maven/m2 \
- && chmod -R g=u /etc/maven/m2 \
- && chgrp -R 0 /tmp/local/m2 \
- && chmod -R g=u /tmp/local/m2 \
+RUN chgrp -R 0 ${MVN_REPO} \
+ && chmod -R g=u ${MVN_REPO} \
&& chgrp -R 0 /kamelets \
&& chmod -R g=u /kamelets \
&& chgrp -R 0 ${MAVEN_HOME} \
diff --git a/e2e/commonwithcustominstall/tekton_test.go b/e2e/commonwithcustominstall/tekton_test.go
index 7179ec6f1..59a724fbc 100644
--- a/e2e/commonwithcustominstall/tekton_test.go
+++ b/e2e/commonwithcustominstall/tekton_test.go
@@ -41,7 +41,7 @@ func TestTektonLikeBehavior(t *testing.T) {
Expect(CreateOperatorRoleBinding(ns)).To(Succeed())
Eventually(OperatorPod(ns)).Should(BeNil())
- Expect(CreateKamelPod(ns, "tekton-task", "install", "--storage=false", "--skip-cluster-setup", "--force")).To(Succeed())
+ Expect(CreateKamelPod(ns, "tekton-task", "install", "--skip-cluster-setup", "--force")).To(Succeed())
Eventually(OperatorPod(ns)).ShouldNot(BeNil())
})
diff --git a/e2e/install/cli/install_test.go b/e2e/install/cli/install_test.go
index 5e7f40a2d..d39d104c6 100644
--- a/e2e/install/cli/install_test.go
+++ b/e2e/install/cli/install_test.go
@@ -98,17 +98,6 @@ func TestBasicInstallation(t *testing.T) {
})
}
-func TestEphemeralInstallation(t *testing.T) {
- WithNewTestNamespace(t, func(ns string) {
- operatorID := fmt.Sprintf("camel-k-%s", ns)
- Expect(KamelInstallWithID(operatorID, ns, "--storage=false").Execute()).To(Succeed())
- Eventually(OperatorPod(ns)).ShouldNot(BeNil())
- Eventually(Platform(ns)).ShouldNot(BeNil())
- Eventually(PlatformConditionStatus(ns, v1.IntegrationPlatformConditionReady), TestTimeoutShort).
- Should(Equal(corev1.ConditionTrue))
- })
-}
-
func TestAlternativeImageInstallation(t *testing.T) {
WithNewTestNamespace(t, func(ns string) {
operatorID := fmt.Sprintf("camel-k-%s", ns)
diff --git a/go.mod b/go.mod
index 14ffd2d83..c3217853f 100644
--- a/go.mod
+++ b/go.mod
@@ -22,7 +22,6 @@ require (
github.com/onsi/gomega v1.27.8
github.com/openshift/api v3.9.1-0.20190927182313-d4a64ec2cbd8+incompatible
github.com/operator-framework/api v0.13.0
- github.com/otiai10/copy v1.12.0
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.60.0
github.com/prometheus/client_golang v1.16.0
github.com/prometheus/client_model v0.4.0
diff --git a/go.sum b/go.sum
index a40f59fd7..0f49ed9cb 100644
--- a/go.sum
+++ b/go.sum
@@ -552,9 +552,6 @@ github.com/openshift/api v3.9.1-0.20190927182313-d4a64ec2cbd8+incompatible/go.mo
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/operator-framework/api v0.13.0 h1:V1vUluRwajSBdDPCnzgTWDnn5LYxLk66VPVGMw3B7Uc=
github.com/operator-framework/api v0.13.0/go.mod h1:FTiYGm11fZQ3cSX+EQHc/UWoGZAwkGfyeHU+wMJ8jmA=
-github.com/otiai10/copy v1.12.0 h1:cLMgSQnXBs1eehF0Wy/FAGsgDTDmAqFR7rQylBb1nDY=
-github.com/otiai10/copy v1.12.0/go.mod h1:rSaLseMUsZFFbsFGc7wCJnnkTAvdc5L6VWxPE4308Ww=
-github.com/otiai10/mint v1.5.1 h1:XaPLeE+9vGbuyEHem1JNk3bYc7KKqyI/na0/mLd/Kks=
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
diff --git a/install/Makefile b/install/Makefile
index 8df743873..ce329c6d5 100644
--- a/install/Makefile
+++ b/install/Makefile
@@ -85,7 +85,6 @@ ROLEBIN_TO_CROLEBIN_PATCH := $(RBAC)/patch-rolebinding-to-clusterrolebinding
PORTS_PATCH := patch-ports
LOG_LEVEL_PATCH := patch-log-level
INSTALL_DEFAULT_KAMELETS_PATCH := patch-install-default-kamelets
-INSTALL_DEFAULT_PVC_PATCH := patch-install-default-pvc
IMAGE_PULL_POLICY_PATCH := patch-image-pull-policy-always
WATCH_NAMESPACE_PATCH := patch-watch-namespace-global
# Platform patches
@@ -357,12 +356,6 @@ ifeq ($(INSTALL_DEFAULT_KAMELETS),false)
else
@$(call add-remove-kind-patch,$(MANAGER),remove,$(INSTALL_DEFAULT_KAMELETS_PATCH).$(YAML),Deployment)
endif
-# Set the INSTALL_DEFAULT_PVC config depending on var
-ifeq ($(INSTALL_DEFAULT_PVC),true)
- @$(call add-remove-kind-patch,$(MANAGER),add,$(INSTALL_DEFAULT_PVC_PATCH).$(YAML),Deployment)
-else
- @$(call add-remove-kind-patch,$(MANAGER),remove,$(INSTALL_DEFAULT_PVC_PATCH).$(YAML),Deployment)
-endif
ifeq ($(DRY_RUN), false)
@$(KUSTOMIZE) build $(KOPTIONS) $@ | kubectl apply -f -
else
diff --git a/pkg/controller/build/build_pod.go b/pkg/controller/build/build_pod.go
index 3a77b56f4..7f4f6df72 100644
--- a/pkg/controller/build/build_pod.go
+++ b/pkg/controller/build/build_pod.go
@@ -113,7 +113,8 @@ var (
)
func newBuildPod(ctx context.Context, c ctrl.Reader, build *v1.Build) (*corev1.Pod, error) {
- var ugfid int64 = 1000
+ // TODO we must find a way to run this non-root
+ var ugfid int64 = 0
pod := &corev1.Pod{
TypeMeta: metav1.TypeMeta{
APIVersion: corev1.SchemeGroupVersion.String(),
@@ -258,10 +259,16 @@ func addBuildTaskToPod(build *v1.Build, taskName string, pod *corev1.Pod) {
}
var envVars = proxyFromEnvironment()
- envVars = append(envVars, corev1.EnvVar{
- Name: "HOME",
- Value: filepath.Join(builderDir, build.Name),
- })
+ envVars = append(envVars,
+ corev1.EnvVar{
+ Name: "HOME",
+ Value: filepath.Join(builderDir, build.Name),
+ },
+ /*corev1.EnvVar{
+ Name: "MAVEN_USER_HOME",
+ Value: "/usr/share/maven",
+ },*/
+ )
container := corev1.Container{
Name: taskName,
diff --git a/pkg/controller/catalog/initialize.go b/pkg/controller/catalog/initialize.go
index 64947d9de..d21c1667f 100644
--- a/pkg/controller/catalog/initialize.go
+++ b/pkg/controller/catalog/initialize.go
@@ -37,6 +37,7 @@ import (
"github.com/apache/camel-k/v2/pkg/client"
platformutil "github.com/apache/camel-k/v2/pkg/platform"
"github.com/apache/camel-k/v2/pkg/util"
+ "github.com/apache/camel-k/v2/pkg/util/defaults"
"github.com/apache/camel-k/v2/pkg/util/kubernetes"
"github.com/apache/camel-k/v2/pkg/util/s2i"
@@ -285,8 +286,12 @@ func initializeS2i(ctx context.Context, c client.Client, ip *v1.IntegrationPlatf
return fmt.Errorf("cannot create tar archive: %w", err)
}
- err = tarEntries(archiveFile, "/usr/local/bin/kamel:/usr/local/bin/kamel",
- "/usr/share/maven/mvnw/:/usr/share/maven/mvnw/")
+ err = tarEntries(archiveFile,
+ "/usr/local/bin/kamel:/usr/local/bin/kamel",
+ "/usr/share/maven/mvnw/:/usr/share/maven/mvnw/",
+ // Required for snapshots dependencies in the runtimes
+ defaults.LocalRepository+":"+defaults.LocalRepository,
+ )
if err != nil {
return fmt.Errorf("cannot tar path entry: %w", err)
}
@@ -446,7 +451,10 @@ func buildRuntimeBuilderImageSpectrum(options spectrum.Options) error {
_, err := spectrum.Build(options,
"/usr/local/bin/kamel:/usr/local/bin/",
- "/usr/share/maven/mvnw/:/usr/share/maven/mvnw/")
+ "/usr/share/maven/mvnw/:/usr/share/maven/mvnw/",
+ // Required for snapshots dependencies in the runtimes
+ defaults.LocalRepository+":"+defaults.LocalRepository,
+ )
if err != nil {
return err
}
diff --git a/pkg/controller/integrationkit/build.go b/pkg/controller/integrationkit/build.go
index ca04e749e..75228c041 100644
--- a/pkg/controller/integrationkit/build.go
+++ b/pkg/controller/integrationkit/build.go
@@ -107,7 +107,6 @@ func (action *buildAction) handleBuildSubmitted(ctx context.Context, kit *v1.Int
}
}
- // TODO : wrap in a func
// We may need to change certain builder configuration values
operatorNamespace := platform.GetOperatorNamespace()
buildConfig := v1.BuilderConfigurationTasks(env.Pipeline)
@@ -129,7 +128,6 @@ func (action *buildAction) handleBuildSubmitted(ctx context.Context, kit *v1.Int
buildConfig.ToolImage = env.CamelCatalog.Image
buildConfig.BuilderPodNamespace = operatorNamespace
v1.SetBuilderConfigurationTasks(env.Pipeline, buildConfig)
- /////////////////////////////
build = &v1.Build{
TypeMeta: metav1.TypeMeta{
diff --git a/pkg/install/optional.go b/pkg/install/optional.go
index 3dc52a945..6e1de0972 100644
--- a/pkg/install/optional.go
+++ b/pkg/install/optional.go
@@ -24,21 +24,10 @@ import (
"github.com/apache/camel-k/v2/pkg/client"
"github.com/apache/camel-k/v2/pkg/util/defaults"
logutil "github.com/apache/camel-k/v2/pkg/util/log"
- cp "github.com/otiai10/copy"
)
// OperatorStartupOptionalTools tries to install optional tools at operator startup and warns if something goes wrong.
func OperatorStartupOptionalTools(ctx context.Context, c client.Client, namespace string, operatorNamespace string, log logutil.Logger) {
- // Try to copy any local runtime dependency to maven repository
-
- // Do not change the permissions on the target
- opt := cp.Options{
- PermissionControl: cp.DoNothing,
- }
- if err := cp.Copy("/tmp/local/m2", defaults.LocalRepository, opt); err != nil {
- log.Infof("Could not copy local runtime dependencies due to %s", err.Error())
- }
-
// Try to register the OpenShift CLI Download link if possible
if err := OpenShiftConsoleDownloadLink(ctx, c); err != nil {
log.Info("Cannot install OpenShift CLI download link: skipping.")