From 0894622a10ecb3735771233d26744d5c448e0561 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra Date: Fri, 31 Oct 2025 14:29:49 +0000 Subject: [PATCH 1/6] devcontainer --- setup/devcontainer/deployment.yaml | 124 +++++++++++++++++++++++++++++ setup/devcontainer/opsfile.yml | 76 ++++++++++++++++++ setup/opsfile.yml | 3 + 3 files changed, 203 insertions(+) create mode 100644 setup/devcontainer/deployment.yaml create mode 100644 setup/devcontainer/opsfile.yml diff --git a/setup/devcontainer/deployment.yaml b/setup/devcontainer/deployment.yaml new file mode 100644 index 0000000..80b5ff1 --- /dev/null +++ b/setup/devcontainer/deployment.yaml @@ -0,0 +1,124 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ssh-devcontainer + namespace: nuvolaris + labels: + app: ssh-devcontainer +spec: + replicas: 1 + selector: + matchLabels: + app: ssh-devcontainer + template: + metadata: + labels: + app: ssh-devcontainer + spec: + hostname: ssh-devcontainer + volumes: + - name: workspace + hostPath: + path: /workspace + - name: nginx-config + configMap: + name: nginx-proxy-config + containers: + - name: devcontainer + image: $IMAGE + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + volumeMounts: + - name: workspace + mountPath: /workspace + env: + - name: DEBIAN_FRONTEND + value: noninteractive + - name: SSH_KEY + valueFrom: + secretKeyRef: + name: ssh-secret + key: authorized_keys + - name: DEVEL_PASSWORD + valueFrom: + secretKeyRef: + name: devel-secret + key: password + command: + - /bin/bash + - -c + - > + sudo touch /.dockerenv ; + sudo apt-get update ; + sudo apt-get install -y openssh-server ; + sudo mkdir -p /run/sshd ; + sudo ssh-keygen -A ; + mkdir -p ~/.ssh ; + chmod 600 ~/.ssh/authorized_keys ; + echo "$$SSH_KEY" > ~/.ssh/authorized_keys ; + ln -sf /workspace ~/workspace ; + echo "ops -update ; env OPS_PASSWORD='$$DEVEL_PASSWORD' ops ide login devel http://miniops.me" >>~/.bashrc ; + sudo chown -R 1000:1000 /workspace ; + sudo /usr/sbin/sshd -p 2222 -D + - name: reverse-proxy + image: nginx:alpine + ports: + - containerPort: 80 + name: http + protocol: TCP + command: ["nginx", "-g", "daemon off;"] + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + readOnly: true +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-proxy-config + namespace: nuvolaris +data: + nginx.conf: | + events { + worker_connections 1024; + } + http { + client_max_body_size 1g; + + server { + listen 80; + server_name miniops.me *.miniops.me; + + location / { + proxy_pass http://ingress-nginx-controller.ingress-nginx.svc.cluster.local; + proxy_set_header Host $$host; + proxy_set_header X-Real-IP $$remote_addr; + proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto http; + } + } + } +--- +apiVersion: v1 +kind: Service +metadata: + name: ssh-devcontainer + namespace: nuvolaris + labels: + app: ssh-devcontainer +spec: + type: NodePort + selector: + app: ssh-devcontainer + ports: + - port: 2222 + targetPort: 2222 + nodePort: 30222 + protocol: TCP + name: ssh diff --git a/setup/devcontainer/opsfile.yml b/setup/devcontainer/opsfile.yml new file mode 100644 index 0000000..ed21ede --- /dev/null +++ b/setup/devcontainer/opsfile.yml @@ -0,0 +1,76 @@ +version: "3" + +vars: + IMAGE: ghcr.io/mastrogpt/agent41-starter:2506201530 + +env: + KUBECONFIG: + sh: |- + if test -e "$OPS_TMP/kubeconfig" + then echo "$OPS_TMP/kubeconfig" + else echo ~/.kube/config + fi + +tasks: + + deploy: + silent: true + desc: deploy the devcontainer + cmds: + - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with ssh-keygen in ~/.ssh/id_rsa.pub" + - > + kubectl -n nuvolaris create secret generic ssh-secret + --from-literal=authorized_keys="$(cat ~/.ssh/id_rsa.pub)" 2>/dev/null || die "devcontainer already exists" + - > + kubectl -n nuvolaris create secret generic devel-secret + --from-literal=password="$(cat ~/.ops/devel.password)" + - | + export IMAGE="{{.IMAGE}}" + envsubst < deployment.yaml >_deployment.yaml + kubectl apply -f _deployment.yaml + - ops setup kubernetes wait-pod SELECTOR="-l app=ssh-devcontainer" COND=false FILE=_devcontainer + - | + touch ~/.ssh/config + if ! rg "Host miniops" ~/.ssh/config >/dev/null + then echo -e "\nHost miniops\n Hostname localhost\n Port 2222\n User node\n StrictHostKeyChecking no\n UserKnownHostsFile=/dev/null\n" >> ~/.ssh/config + fi + - > + retry -t 100 -m 600 ssh miniops exit 2>&1 + | awk '{s=""; for(i=1;i<=NR;i++) s=s"#"; printf "\rwaiting for ssh: [%s]", s; fflush()}' + - echo -e "\nyou can now connect to the devcontainer with 'ssh miniops'" + + undeploy: + silent: true + desc: undeploy the devcontainer + cmds: + - kubectl -n nuvolaris delete deploy/ssh-devcontainer secret/ssh-secret secret/devel-secret + - echo Please remove the Host miniops entry from your ~/.ssh/config file if present + + docker-deploy: + desc: deploy the ssh-devcontainer with docker + silent: true + cmds: + - > + docker run + --name ssh-devcontainer --rm + -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" + --entrypoint /bin/bash + -p 2222:2222 + {{.IMAGE}} + -c ' + mkdir -p ~/.ssh ; + echo "$SSH_KEY" > ~/.ssh/authorized_keys ; + chmod 600 ~/.ssh/authorized_keys ; + sudo apt-get update ; + sudo apt-get install -y openssh-server ; + sudo mkdir -p /run/sshd ; + sudo ssh-keygen -A ; + echo starting sshd... ; + sudo /usr/sbin/sshd -p 2222 -D + ' + + docker-undeploy: + desc: deploy the ssh-devcontainer with docker + silent: true + cmds: + - docker rm -f ssh-devcontainer || echo "no docker container ssh-devcontainer running" diff --git a/setup/opsfile.yml b/setup/opsfile.yml index eac7fa9..2bbc60e 100644 --- a/setup/opsfile.yml +++ b/setup/opsfile.yml @@ -77,6 +77,9 @@ tasks: {{end}} + devcontainer: + desc: manage the devcontainer deployment + mini: silent: true desc: install miniops From 2c61e01fd672eb748c07b8dadd8236747a7644c3 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra Date: Sun, 23 Nov 2025 16:18:19 +0000 Subject: [PATCH 2/6] updated the devcontainer --- opsroot.json | 3 +- setup/devcontainer/opsfile.yml | 61 ++++++++++++++++------------------ 2 files changed, 30 insertions(+), 34 deletions(-) diff --git a/opsroot.json b/opsroot.json index ffff070..07c33b3 100644 --- a/opsroot.json +++ b/opsroot.json @@ -9,7 +9,8 @@ "controller": "ghcr.io/nuvolaris/openwhisk-controller:3.1.0-mastrogpt.2402101445", "invoker": "ghcr.io/nuvolaris/openwhisk-invoker:3.1.0-mastrogpt.2402101445", "streamer": "registry.hub.docker.com/apache/openserverless-streamer:0.1.0-incubating.2505031325", - "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912" + "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912", + "devcontainer": "ghcr.io/sciabarracom/openserverless-devcontainer:0.1.0-incubating.2511231536" } } } diff --git a/setup/devcontainer/opsfile.yml b/setup/devcontainer/opsfile.yml index ed21ede..69e76a9 100644 --- a/setup/devcontainer/opsfile.yml +++ b/setup/devcontainer/opsfile.yml @@ -1,7 +1,11 @@ -version: "3" +version: "3" vars: - IMAGE: ghcr.io/mastrogpt/agent41-starter:2506201530 + UID: + sh: 'echo {{ if eq OS "windows" }}1000{{ else }}$(id -u){{ end }}' + GID: + sh: 'echo {{ if eq OS "windows" }}1000{{ else }}$(id -g){{ end }}' + DRY: "" env: KUBECONFIG: @@ -15,17 +19,17 @@ tasks: deploy: silent: true - desc: deploy the devcontainer + desc: deploy the devcontainer in kubernetes cmds: - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with ssh-keygen in ~/.ssh/id_rsa.pub" - > - kubectl -n nuvolaris create secret generic ssh-secret + kubectl -n nuvolaris create secret generic ssh-secret --from-literal=authorized_keys="$(cat ~/.ssh/id_rsa.pub)" 2>/dev/null || die "devcontainer already exists" - > - kubectl -n nuvolaris create secret generic devel-secret + kubectl -n nuvolaris create secret generic devel-secret --from-literal=password="$(cat ~/.ops/devel.password)" - | - export IMAGE="{{.IMAGE}}" + export IMAGE="{{.IMAGES_DEVCONTAINER}}" envsubst < deployment.yaml >_deployment.yaml kubectl apply -f _deployment.yaml - ops setup kubernetes wait-pod SELECTOR="-l app=ssh-devcontainer" COND=false FILE=_devcontainer @@ -35,42 +39,33 @@ tasks: then echo -e "\nHost miniops\n Hostname localhost\n Port 2222\n User node\n StrictHostKeyChecking no\n UserKnownHostsFile=/dev/null\n" >> ~/.ssh/config fi - > - retry -t 100 -m 600 ssh miniops exit 2>&1 + retry -t 100 -m 600 ssh miniops exit 2>&1 | awk '{s=""; for(i=1;i<=NR;i++) s=s"#"; printf "\rwaiting for ssh: [%s]", s; fflush()}' - echo -e "\nyou can now connect to the devcontainer with 'ssh miniops'" undeploy: silent: true - desc: undeploy the devcontainer + desc: undeploy the devcontainer in kubernetes cmds: - - kubectl -n nuvolaris delete deploy/ssh-devcontainer secret/ssh-secret secret/devel-secret + - kubectl -n nuvolaris delete deploy/ssh-devcontainer secret/ssh-secret secret/devel-secret - echo Please remove the Host miniops entry from your ~/.ssh/config file if present - docker-deploy: - desc: deploy the ssh-devcontainer with docker + run: + desc: run the ssh-devcontainer in docker with W= silent: true + requires: { vars: [W]} cmds: - - > - docker run + - test -e "$OPS_PWD/workspace/package.json" || die "mising workdpace folder with starter" + - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with 'ssk-keygen -t rsa'" + - echo "{{.W}}" | rg '^/' || die "W= required" + - docker rm -f ssh-devcontainer 2>/dev/null + - > + {{.DRY}} docker run + --hostname ssh-devcontainer --name ssh-devcontainer --rm - -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" - --entrypoint /bin/bash - -p 2222:2222 - {{.IMAGE}} - -c ' - mkdir -p ~/.ssh ; - echo "$SSH_KEY" > ~/.ssh/authorized_keys ; - chmod 600 ~/.ssh/authorized_keys ; - sudo apt-get update ; - sudo apt-get install -y openssh-server ; - sudo mkdir -p /run/sshd ; - sudo ssh-keygen -A ; - echo starting sshd... ; - sudo /usr/sbin/sshd -p 2222 -D - ' + -e SSHKEY="$(cat ~/.ssh/id_rsa.pub)" + -e USERID={{.UID}} + --mount "type=bind,src={{.W}},dst=/home/workspace" + -p 2223:2222 + {{.IMAGES_DEVCONTAINER}} - docker-undeploy: - desc: deploy the ssh-devcontainer with docker - silent: true - cmds: - - docker rm -f ssh-devcontainer || echo "no docker container ssh-devcontainer running" From 400b6922b46a39b3b2916496c55bb1d45ddb30a5 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra Date: Mon, 24 Nov 2025 20:36:59 +0000 Subject: [PATCH 3/6] deploying devcontainer --- opsroot.json | 26 +++++++++++++------------- setup/devcontainer/deployment.yaml | 29 ++++------------------------- setup/devcontainer/opsfile.yml | 15 +++++++++++++-- 3 files changed, 30 insertions(+), 40 deletions(-) diff --git a/opsroot.json b/opsroot.json index 07c33b3..09bf322 100644 --- a/opsroot.json +++ b/opsroot.json @@ -1,16 +1,16 @@ { - "version": "0.1.0-2409121919.dev", - "config": { - "ops": { - "coreutils": "arch b2sum b3sum base32 basename basenc cat chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du env expand expr factor fmt fold groups hashsum head hostid hostname id install join kill link ln logname ls md5sum mkdir mkfifo mknod mktemp more mv nice nl nohup nproc numfmt od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm rmdir seq sha1sum sha224sum sha256sum sha3-224sum sha3-256sum sha3-384sum sha3-512sum sha384sum sha3sum sha512sum shake128sum shake256sum shred shuf sleep sort split stat stdbuf stty sum sync tac tail tee timeout touch tr truncate tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes" - }, - "images": { - "operator": "registry.hub.docker.com/apache/openserverless-operator:0.1.0-incubating.2510012114", - "controller": "ghcr.io/nuvolaris/openwhisk-controller:3.1.0-mastrogpt.2402101445", - "invoker": "ghcr.io/nuvolaris/openwhisk-invoker:3.1.0-mastrogpt.2402101445", - "streamer": "registry.hub.docker.com/apache/openserverless-streamer:0.1.0-incubating.2505031325", - "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912", - "devcontainer": "ghcr.io/sciabarracom/openserverless-devcontainer:0.1.0-incubating.2511231536" - } + "version": "0.1.0-2409121919.dev", + "config": { + "ops": { + "coreutils": "arch b2sum b3sum base32 basename basenc cat chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du env expand expr factor fmt fold groups hashsum head hostid hostname id install join kill link ln logname ls md5sum mkdir mkfifo mknod mktemp more mv nice nl nohup nproc numfmt od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm rmdir seq sha1sum sha224sum sha256sum sha3-224sum sha3-256sum sha3-384sum sha3-512sum sha384sum sha3sum sha512sum shake128sum shake256sum shred shuf sleep sort split stat stdbuf stty sum sync tac tail tee timeout touch tr truncate tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes" + }, + "images": { + "operator": "registry.hub.docker.com/apache/openserverless-operator:0.1.0-incubating.2510012114", + "controller": "ghcr.io/nuvolaris/openwhisk-controller:3.1.0-mastrogpt.2402101445", + "invoker": "ghcr.io/nuvolaris/openwhisk-invoker:3.1.0-mastrogpt.2402101445", + "streamer": "registry.hub.docker.com/apache/openserverless-streamer:0.1.0-incubating.2505031325", + "systemapi": "registry.hub.docker.com/apache/openserverless-admin-api:0.1.0-incubating.2509280912", + "devcontainer": "ghcr.io/apache/openserverless-devcontainer:0.1.0-incubating.2511241347" } + } } diff --git a/setup/devcontainer/deployment.yaml b/setup/devcontainer/deployment.yaml index 80b5ff1..d624285 100644 --- a/setup/devcontainer/deployment.yaml +++ b/setup/devcontainer/deployment.yaml @@ -31,40 +31,19 @@ spec: name: ssh protocol: TCP securityContext: - runAsUser: 1000 - runAsGroup: 1000 + runAsUser: $USERID + runAsGroup: $USERID volumeMounts: - name: workspace - mountPath: /workspace + mountPath: /home/workspace env: - name: DEBIAN_FRONTEND value: noninteractive - - name: SSH_KEY + - name: SSHKEY valueFrom: secretKeyRef: name: ssh-secret key: authorized_keys - - name: DEVEL_PASSWORD - valueFrom: - secretKeyRef: - name: devel-secret - key: password - command: - - /bin/bash - - -c - - > - sudo touch /.dockerenv ; - sudo apt-get update ; - sudo apt-get install -y openssh-server ; - sudo mkdir -p /run/sshd ; - sudo ssh-keygen -A ; - mkdir -p ~/.ssh ; - chmod 600 ~/.ssh/authorized_keys ; - echo "$$SSH_KEY" > ~/.ssh/authorized_keys ; - ln -sf /workspace ~/workspace ; - echo "ops -update ; env OPS_PASSWORD='$$DEVEL_PASSWORD' ops ide login devel http://miniops.me" >>~/.bashrc ; - sudo chown -R 1000:1000 /workspace ; - sudo /usr/sbin/sshd -p 2222 -D - name: reverse-proxy image: nginx:alpine ports: diff --git a/setup/devcontainer/opsfile.yml b/setup/devcontainer/opsfile.yml index 69e76a9..1cb553e 100644 --- a/setup/devcontainer/opsfile.yml +++ b/setup/devcontainer/opsfile.yml @@ -6,6 +6,7 @@ vars: GID: sh: 'echo {{ if eq OS "windows" }}1000{{ else }}$(id -g){{ end }}' DRY: "" + EXTRA: "" env: KUBECONFIG: @@ -36,7 +37,7 @@ tasks: - | touch ~/.ssh/config if ! rg "Host miniops" ~/.ssh/config >/dev/null - then echo -e "\nHost miniops\n Hostname localhost\n Port 2222\n User node\n StrictHostKeyChecking no\n UserKnownHostsFile=/dev/null\n" >> ~/.ssh/config + then echo -e "\nHost miniops\n Hostname localhost\n Port 2222\n User devel\n StrictHostKeyChecking no\n UserKnownHostsFile=/dev/null\n" >> ~/.ssh/config fi - > retry -t 100 -m 600 ssh miniops exit 2>&1 @@ -50,10 +51,18 @@ tasks: - kubectl -n nuvolaris delete deploy/ssh-devcontainer secret/ssh-secret secret/devel-secret - echo Please remove the Host miniops entry from your ~/.ssh/config file if present - run: + docker2kind: + silent: true + desc: load the devcontainer image from docker to kind to avoid pulling from outside + cmds: + - kind load docker-image {{.IMAGES_DEVCONTAINER}} --name nuvolaris + + docker-run: desc: run the ssh-devcontainer in docker with W= silent: true requires: { vars: [W]} + vars: + EXTRA: #"--entrypoint=/bin/bash -ti" cmds: - test -e "$OPS_PWD/workspace/package.json" || die "mising workdpace folder with starter" - test -e ~/.ssh/id_rsa.pub || die "please generate an ssh key with 'ssk-keygen -t rsa'" @@ -67,5 +76,7 @@ tasks: -e USERID={{.UID}} --mount "type=bind,src={{.W}},dst=/home/workspace" -p 2223:2222 + {{.EXTRA}} {{.IMAGES_DEVCONTAINER}} + From 313f0cb1800641199a04433842c07c8cb8b4d828 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra Date: Tue, 25 Nov 2025 13:00:00 +0000 Subject: [PATCH 4/6] debug --- ide/opsfile.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ide/opsfile.yml b/ide/opsfile.yml index 815e322..3f5395b 100644 --- a/ide/opsfile.yml +++ b/ide/opsfile.yml @@ -141,7 +141,7 @@ tasks: login: - silent: true + silent: false desc: login in you OpenServerless host cmds: - | @@ -226,7 +226,11 @@ tasks: fi if test -n "$AUTH_CHECK" then if test "$AUTH_CHECK" != "$AUTH" +<<<<<<< HEAD then echo "WARNING: wrong deploy! You are logged in a different user than your pinned one and configured in .env as AUTH_CHECK" ; exit 1 +======= + then echo "WARNING: wrong deploy! You are logged in a different user than your configured AUTH_CHECK" ; exit 1 +>>>>>>> 0c6ebab (debug) fi fi @@ -249,6 +253,7 @@ tasks: then bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -s "{{._action_}}" $DRY else +<<<<<<< HEAD if [ -n "$deploy_packages" ] then bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -d $DRY @@ -260,6 +265,9 @@ tasks: $ECHO $OPS util upload ${OPS_UPLOAD_FOLDER:-web} echo "URL: $OPSDEV_HOST" fi +======= + bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -s "{{._action_}}" $DRY +>>>>>>> 0c6ebab (debug) fi undeploy: From 03bc70b0446ab944d4cee9df3a2a69ece93222ef Mon Sep 17 00:00:00 2001 From: Michele Sciabarra <“msciabarra@apache.org”> Date: Tue, 9 Dec 2025 11:21:13 +0100 Subject: [PATCH 5/6] merge --- ide/opsfile.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ide/opsfile.yml b/ide/opsfile.yml index 3f5395b..a63f808 100644 --- a/ide/opsfile.yml +++ b/ide/opsfile.yml @@ -253,7 +253,6 @@ tasks: then bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -s "{{._action_}}" $DRY else -<<<<<<< HEAD if [ -n "$deploy_packages" ] then bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -d $DRY @@ -265,9 +264,6 @@ tasks: $ECHO $OPS util upload ${OPS_UPLOAD_FOLDER:-web} echo "URL: $OPSDEV_HOST" fi -======= - bun {{.TASKFILE_DIR}}/deploy/index.js "$OPS_PWD" -s "{{._action_}}" $DRY ->>>>>>> 0c6ebab (debug) fi undeploy: From cf27eb70397f152e9064a70637eb302e4e341c90 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra <“msciabarra@apache.org”> Date: Tue, 9 Dec 2025 11:27:36 +0100 Subject: [PATCH 6/6] docopts for devontainer --- setup/docopts.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/setup/docopts.md b/setup/docopts.md index 55e412a..1ea7044 100644 --- a/setup/docopts.md +++ b/setup/docopts.md @@ -30,6 +30,7 @@ Usage: setup server [] [--uninstall|--status] setup status setup uninstall + setup devcontainer ``` ## Commands @@ -43,13 +44,14 @@ Usage: the server must be accessible with ssh using the with sudo power, default root setup status show the status of the last installation setup uninstall uninstall the last installation + setup devcontainer manage a devcontainer accessible with ssh ``` ## Options ``` - --uninstall execute an uninstall instead of an installation - --status show the status instead of an installation + --uninstall execute an uninstall instead of an installation + --status show the status instead of an installation --skip-check-ports skip the check of already used ports --skip-preload-images skip the preload images step ```