diff --git a/ide/opsfile.yml b/ide/opsfile.yml index 815e322..a63f808 100644 --- a/ide/opsfile.yml +++ b/ide/opsfile.yml @@ -141,7 +141,7 @@ tasks: login: - silent: true + silent: false desc: login in you OpenServerless host cmds: - | @@ -226,7 +226,11 @@ tasks: fi if test -n "$AUTH_CHECK" then if test "$AUTH_CHECK" != "$AUTH" +<<<<<<< HEAD then echo "WARNING: wrong deploy! You are logged in a different user than your pinned one and configured in .env as AUTH_CHECK" ; exit 1 +======= + then echo "WARNING: wrong deploy! You are logged in a different user than your configured AUTH_CHECK" ; exit 1 +>>>>>>> 0c6ebab (debug) fi fi diff --git a/opsroot.json b/opsroot.json index ffff070..09bf322 100644 --- a/opsroot.json +++ b/opsroot.json @@ -1,15 +1,16 @@ { - "version": "0.1.0-2409121919.dev", - "config": { - "ops": { - "coreutils": "arch b2sum b3sum base32 basename basenc cat chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du env expand expr factor fmt fold groups hashsum head hostid hostname id install join kill link ln logname ls md5sum mkdir mkfifo mknod mktemp more mv nice nl nohup nproc numfmt od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm rmdir seq sha1sum sha224sum sha256sum sha3-224sum sha3-256sum sha3-384sum sha3-512sum sha384sum sha3sum sha512sum shake128sum shake256sum shred shuf sleep sort split stat stdbuf stty sum sync tac tail tee timeout touch tr truncate tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes" - }, - "images": { - "operator": "registry.hub.docker.com/apache/openserverless-operator:0.1.0-incubating.2510012114", - "controller": "ghcr.io/nuvolaris/openwhisk-controller:3.1.0-mastrogpt.2402101445", - "invoker": "ghcr.io/nuvolaris/openwhisk-invoker:3.1.0-mastrogpt.2402101445", - "streamer": "registry.hub.docker.com/apache/openserverless-streamer:0.1.0-incubating.2505031325", - "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912" - } + "version": "0.1.0-2409121919.dev", + "config": { + "ops": { + "coreutils": "arch b2sum b3sum base32 basename basenc cat chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du env expand expr factor fmt fold groups hashsum head hostid hostname id install join kill link ln logname ls md5sum mkdir mkfifo mknod mktemp more mv nice nl nohup nproc numfmt od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm rmdir seq sha1sum sha224sum sha256sum sha3-224sum sha3-256sum sha3-384sum sha3-512sum sha384sum sha3sum sha512sum shake128sum shake256sum shred shuf sleep sort split stat stdbuf stty sum sync tac tail tee timeout touch tr truncate tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes" + }, + "images": { + "operator": "registry.hub.docker.com/apache/openserverless-operator:0.1.0-incubating.2510012114", + "controller": "ghcr.io/nuvolaris/openwhisk-controller:3.1.0-mastrogpt.2402101445", + "invoker": "ghcr.io/nuvolaris/openwhisk-invoker:3.1.0-mastrogpt.2402101445", + "streamer": "registry.hub.docker.com/apache/openserverless-streamer:0.1.0-incubating.2505031325", + "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912", + "devcontainer": "ghcr.io/apache/openserverless-devcontainer:0.1.0-incubating.2511241347" } + } } diff --git a/setup/devcontainer/deployment.yaml b/setup/devcontainer/deployment.yaml new file mode 100644 index 0000000..d624285 --- /dev/null +++ b/setup/devcontainer/deployment.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ssh-devcontainer + namespace: nuvolaris + labels: + app: ssh-devcontainer +spec: + replicas: 1 + selector: + matchLabels: + app: ssh-devcontainer + template: + metadata: + labels: + app: ssh-devcontainer + spec: + hostname: ssh-devcontainer + volumes: + - name: workspace + hostPath: + path: /workspace + - name: nginx-config + configMap: + name: nginx-proxy-config + containers: + - name: devcontainer + image: $IMAGE + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + securityContext: + runAsUser: $USERID + runAsGroup: $USERID + volumeMounts: + - name: workspace + mountPath: /home/workspace + env: + - name: DEBIAN_FRONTEND + value: noninteractive + - name: SSHKEY + valueFrom: + secretKeyRef: + name: ssh-secret + key: authorized_keys + - name: reverse-proxy + image: nginx:alpine + ports: + - containerPort: 80 + name: http + protocol: TCP + command: ["nginx", "-g", "daemon off;"] + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + readOnly: true +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-proxy-config + namespace: nuvolaris +data: + nginx.conf: | + events { + worker_connections 1024; + } + http { + client_max_body_size 1g; + + server { + listen 80; + server_name miniops.me *.miniops.me; + + location / { + proxy_pass http://ingress-nginx-controller.ingress-nginx.svc.cluster.local; + proxy_set_header Host $$host; + proxy_set_header X-Real-IP $$remote_addr; + proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto http; + } + } + } +--- +apiVersion: v1 +kind: Service +metadata: + name: ssh-devcontainer + namespace: nuvolaris + labels: + app: ssh-devcontainer +spec: + type: NodePort + selector: + app: ssh-devcontainer + ports: + - port: 2222 + targetPort: 2222 + nodePort: 30222 + protocol: TCP + name: ssh diff --git a/setup/devcontainer/opsfile.yml b/setup/devcontainer/opsfile.yml new file mode 100644 index 0000000..1cb553e --- /dev/null +++ b/setup/devcontainer/opsfile.yml @@ -0,0 +1,82 @@ +version: "3" + +vars: + UID: + sh: 'echo {{ if eq OS "windows" }}1000{{ else }}$(id -u){{ end }}' + GID: + sh: 'echo {{ if eq OS "windows" }}1000{{ else }}$(id -g){{ end }}' + DRY: "" + EXTRA: "" + +env: + KUBECONFIG: + sh: |- + if test -e "$OPS_TMP/kubeconfig" + then echo "$OPS_TMP/kubeconfig" + else echo ~/.kube/config + fi + +tasks: + + deploy: + silent: true + desc: deploy the devcontainer in kubernetes + cmds: + - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with ssh-keygen in ~/.ssh/id_rsa.pub" + - > + kubectl -n nuvolaris create secret generic ssh-secret + --from-literal=authorized_keys="$(cat ~/.ssh/id_rsa.pub)" 2>/dev/null || die "devcontainer already exists" + - > + kubectl -n nuvolaris create secret generic devel-secret + --from-literal=password="$(cat ~/.ops/devel.password)" + - | + export IMAGE="{{.IMAGES_DEVCONTAINER}}" + envsubst < deployment.yaml >_deployment.yaml + kubectl apply -f _deployment.yaml + - ops setup kubernetes wait-pod SELECTOR="-l app=ssh-devcontainer" COND=false FILE=_devcontainer + - | + touch ~/.ssh/config + if ! rg "Host miniops" ~/.ssh/config >/dev/null + then echo -e "\nHost miniops\n Hostname localhost\n Port 2222\n User devel\n StrictHostKeyChecking no\n UserKnownHostsFile=/dev/null\n" >> ~/.ssh/config + fi + - > + retry -t 100 -m 600 ssh miniops exit 2>&1 + | awk '{s=""; for(i=1;i<=NR;i++) s=s"#"; printf "\rwaiting for ssh: [%s]", s; fflush()}' + - echo -e "\nyou can now connect to the devcontainer with 'ssh miniops'" + + undeploy: + silent: true + desc: undeploy the devcontainer in kubernetes + cmds: + - kubectl -n nuvolaris delete deploy/ssh-devcontainer secret/ssh-secret secret/devel-secret + - echo Please remove the Host miniops entry from your ~/.ssh/config file if present + + docker2kind: + silent: true + desc: load the devcontainer image from docker to kind to avoid pulling from outside + cmds: + - kind load docker-image {{.IMAGES_DEVCONTAINER}} --name nuvolaris + + docker-run: + desc: run the ssh-devcontainer in docker with W= + silent: true + requires: { vars: [W]} + vars: + EXTRA: #"--entrypoint=/bin/bash -ti" + cmds: + - test -e "$OPS_PWD/workspace/package.json" || die "mising workdpace folder with starter" + - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with 'ssk-keygen -t rsa'" + - echo "{{.W}}" | rg '^/' || die "W= required" + - docker rm -f ssh-devcontainer 2>/dev/null + - > + {{.DRY}} docker run + --hostname ssh-devcontainer + --name ssh-devcontainer --rm + -e SSHKEY="$(cat ~/.ssh/id_rsa.pub)" + -e USERID={{.UID}} + --mount "type=bind,src={{.W}},dst=/home/workspace" + -p 2223:2222 + {{.EXTRA}} + {{.IMAGES_DEVCONTAINER}} + + diff --git a/setup/docopts.md b/setup/docopts.md index 55e412a..1ea7044 100644 --- a/setup/docopts.md +++ b/setup/docopts.md @@ -30,6 +30,7 @@ Usage: setup server [] [--uninstall|--status] setup status setup uninstall + setup devcontainer ``` ## Commands @@ -43,13 +44,14 @@ Usage: the server must be accessible with ssh using the with sudo power, default root setup status show the status of the last installation setup uninstall uninstall the last installation + setup devcontainer manage a devcontainer accessible with ssh ``` ## Options ``` - --uninstall execute an uninstall instead of an installation - --status show the status instead of an installation + --uninstall execute an uninstall instead of an installation + --status show the status instead of an installation --skip-check-ports skip the check of already used ports --skip-preload-images skip the preload images step ``` diff --git a/setup/opsfile.yml b/setup/opsfile.yml index eac7fa9..2bbc60e 100644 --- a/setup/opsfile.yml +++ b/setup/opsfile.yml @@ -77,6 +77,9 @@ tasks: {{end}} + devcontainer: + desc: manage the devcontainer deployment + mini: silent: true desc: install miniops