From 38f1d5bd38d0ee0c6478033f610e510b42fb74d3 Mon Sep 17 00:00:00 2001 From: Florian Schwarz Date: Fri, 1 May 2026 17:02:49 +0200 Subject: [PATCH 01/13] 26.4 --- .devcontainer/Dockerfile | 4 ++-- .devcontainer/devcontainer.json | 4 ++-- README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 562b0c1..e8ee806 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -2,7 +2,7 @@ FROM public.ecr.aws/docker/library/debian:bookworm-slim # change this one to change EDA version -ARG EDA_VERSION=25.12.2 +ARG EDA_VERSION=26.4.1 ARG EDA_PLAYGROUND_REPO=nokia-eda/playground ARG EDA_PLAYGROUND_DIR=/home/vscode/.playground @@ -73,4 +73,4 @@ COPY k9s/dracula.yaml /home/vscode/.config/k9s/skins/dracula.yaml # edactl wrapper COPY --chmod=755 --chown=vscode:vscode shell/edactl /usr/local/bin/edactl -RUN bash -c "/home/vscode/install-zsh-plugins.sh" \ No newline at end of file +RUN bash -c "/home/vscode/install-zsh-plugins.sh" diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index e33dc6c..8cc9241 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,6 +1,6 @@ { "name": "Nokia EDA in GitHub Codespaces", - "image": "ghcr.io/eda-labs/codespaces/base:25.12.2-1", + "image": "ghcr.io/eda-labs/codespaces/base:26.4.1", "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": { "version": "latest", @@ -64,4 +64,4 @@ }, "privileged": true, "remoteUser": "vscode" -} \ No newline at end of file +} diff --git a/README.md b/README.md index 84370d6..8f65522 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![Codespaces][codespaces-4vcpu-svg]][codespaces-4vcpu-url] [![Discord][discord-svg]][discord-url] -[Learn more about EDA in Codespaces](https://docs.eda.dev/25.12/getting-started/codespaces/) +[Learn more about EDA in Codespaces](https://docs.eda.dev/26.4/getting-started/try-eda/#try-nokia-eda-in-codespaces) [codespaces-4vcpu-svg]: https://gitlab.com/-/project/7617705/uploads/3f69f403e1371b3b578ee930df8930e8/codespaces-btn-4vcpu-export.svg From 5467ad635443dc9ce3f8e74436a9a03984f21bcb Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 17:16:07 +0200 Subject: [PATCH 02/13] change version to 26.4.1-1 --- .devcontainer/devcontainer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 8cc9241..7dcd577 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,6 +1,6 @@ { "name": "Nokia EDA in GitHub Codespaces", - "image": "ghcr.io/eda-labs/codespaces/base:26.4.1", + "image": "ghcr.io/eda-labs/codespaces/base:26.4.1-1", "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": { "version": "latest", From 3506c630b01c6d11ce8caca40e795afb766232d7 Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 17:41:44 +0200 Subject: [PATCH 03/13] Remove stale Codespaces Keycloak patch --- .devcontainer/overrides.mk | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index cb5a093..ff54378 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -53,29 +53,6 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda -.PHONY: ls-ways-to-reach-api-server -ls-ways-to-reach-api-server: | $(KUBECTL) configure-codespaces-keycloak - -.PHONY: configure-codespaces-keycloak -configure-codespaces-keycloak: | $(KUBECTL) ## Configure Keycloak frontendUrl for GitHub Codespaces - @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ - CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ - KC_URL="https://eda-keycloak:9443/core/httpproxy/v1/keycloak" ;\ - echo "--> INFO: Configuring Keycloak frontendUrl for Codespaces..." ;\ - $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ - TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -sk -X POST \ - "$${KC_URL}/realms/master/protocol/openid-connect/token" \ - -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ - $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -sk -X PUT \ - "$${KC_URL}/admin/realms/eda" \ - -H "Authorization: Bearer $${TOKEN}" \ - -H "Content-Type: application/json" \ - -d "{\"attributes\": {\"frontendUrl\": \"$${CODESPACE_URL}/core/httpproxy/v1/keycloak\"}}" ;\ - echo "--> INFO: Keycloak frontendUrl set to: $${CODESPACE_URL}/core/httpproxy/v1/keycloak" ;\ - else \ - echo "--> INFO: Not running in Codespaces, skipping Keycloak frontendUrl configuration" ;\ - fi - ifdef NO_TOPO TOPO := $(TOPO_EMPTY) @@ -88,4 +65,4 @@ endif start-ui-port-forward: @{ \ echo "--> Triggering browser window open 0.0.0.0:9443" ;\ - } \ No newline at end of file + } From 76ad5bef06d5a29a4ffb02f4037ea020d9664b09 Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 18:03:22 +0200 Subject: [PATCH 04/13] Configure Codespaces auth redirect root --- .devcontainer/overrides.mk | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index ff54378..8756a4c 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -1,6 +1,7 @@ KPT_RETRY ?= 5 KPT_RECONCILE_TIMEOUT ?= 3m KPT_LIVE_APPLY_ARGS += --reconcile-timeout=$(KPT_RECONCILE_TIMEOUT) +EDA_PORT ?= 9443 ifdef CODESPACE_EDA_VERSION EDA_CORE_VERSION=$(CODESPACE_EDA_VERSION) @@ -53,6 +54,36 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda +.PHONY: ls-ways-to-reach-api-server +ls-ways-to-reach-api-server: configure-codespaces-auth-client + +.PHONY: configure-codespaces-auth-client +configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client redirect base for GitHub Codespaces + @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ + CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ + KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ + echo "--> INFO: Configuring Keycloak auth client rootUrl for Codespaces..." ;\ + $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ + TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ + "$${KC_URL}/realms/master/protocol/openid-connect/token" \ + -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ + CLIENT_ID=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf \ + -H "Authorization: Bearer $${TOKEN}" \ + "$${KC_URL}/admin/realms/eda/clients?clientId=auth" | jq -r '.[0].id') ;\ + $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ + -H 'Authorization: Bearer $${TOKEN}' \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + | jq '.rootUrl = \"$${CODESPACE_URL}\" | .baseUrl = \"/\" | .redirectUris = [\"/*\"] | .webOrigins = [\"+\"]' \ + | curl -skf -X PUT \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + -H 'Authorization: Bearer $${TOKEN}' \ + -H 'Content-Type: application/json' \ + --data @-" ;\ + echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ + else \ + echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ + fi + ifdef NO_TOPO TOPO := $(TOPO_EMPTY) From 5a77482db2a72bcba3aaa257ef6599a30e3cc13d Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 18:24:07 +0200 Subject: [PATCH 05/13] Set Codespaces proxy mode to XForward --- .devcontainer/overrides.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index 8756a4c..d6eb5de 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -49,6 +49,7 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani ENGINE_CONFIG_FILE="$(KPT_CORE)/engine-config/engineconfig.yaml" ;\ if [[ ! -f "$$ENGINE_CONFIG_FILE" ]]; then (echo "[ERROR] EngineConfig manifest not found at $$ENGINE_CONFIG_FILE" && exit 1); fi ;\ $(YQ) eval '.spec.customSettings = load("$(CODESPACES_ENGINECONFIG_CUSTOM_SETTINGS_PATCH)").customSettings' -i "$$ENGINE_CONFIG_FILE" ;\ + $(YQ) eval '.spec.cluster.external.proxyMode = "XForward"' -i "$$ENGINE_CONFIG_FILE" ;\ } .PHONY: configure-try-eda-params From c5e399f9caad44a1ef98fec909bdaf70109c3f14 Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 18:27:19 +0200 Subject: [PATCH 06/13] Remove Codespaces auth client patch --- .devcontainer/overrides.mk | 31 ------------------------------- 1 file changed, 31 deletions(-) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index d6eb5de..d4f0c0a 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -1,7 +1,6 @@ KPT_RETRY ?= 5 KPT_RECONCILE_TIMEOUT ?= 3m KPT_LIVE_APPLY_ARGS += --reconcile-timeout=$(KPT_RECONCILE_TIMEOUT) -EDA_PORT ?= 9443 ifdef CODESPACE_EDA_VERSION EDA_CORE_VERSION=$(CODESPACE_EDA_VERSION) @@ -55,36 +54,6 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda -.PHONY: ls-ways-to-reach-api-server -ls-ways-to-reach-api-server: configure-codespaces-auth-client - -.PHONY: configure-codespaces-auth-client -configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client redirect base for GitHub Codespaces - @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ - CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ - KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ - echo "--> INFO: Configuring Keycloak auth client rootUrl for Codespaces..." ;\ - $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ - TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ - "$${KC_URL}/realms/master/protocol/openid-connect/token" \ - -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ - CLIENT_ID=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf \ - -H "Authorization: Bearer $${TOKEN}" \ - "$${KC_URL}/admin/realms/eda/clients?clientId=auth" | jq -r '.[0].id') ;\ - $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ - -H 'Authorization: Bearer $${TOKEN}' \ - '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ - | jq '.rootUrl = \"$${CODESPACE_URL}\" | .baseUrl = \"/\" | .redirectUris = [\"/*\"] | .webOrigins = [\"+\"]' \ - | curl -skf -X PUT \ - '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ - -H 'Authorization: Bearer $${TOKEN}' \ - -H 'Content-Type: application/json' \ - --data @-" ;\ - echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ - else \ - echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ - fi - ifdef NO_TOPO TOPO := $(TOPO_EMPTY) From 3ef252c23522f29fc30eb5af1f8eb1093460a8de Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 19:11:13 +0200 Subject: [PATCH 07/13] Configure Codespaces auth client --- .devcontainer/overrides.mk | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index d4f0c0a..3a9bcf5 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -1,6 +1,7 @@ KPT_RETRY ?= 5 KPT_RECONCILE_TIMEOUT ?= 3m KPT_LIVE_APPLY_ARGS += --reconcile-timeout=$(KPT_RECONCILE_TIMEOUT) +EDA_PORT ?= 9443 ifdef CODESPACE_EDA_VERSION EDA_CORE_VERSION=$(CODESPACE_EDA_VERSION) @@ -54,6 +55,37 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda +.PHONY: ls-ways-to-reach-api-server +ls-ways-to-reach-api-server: configure-codespaces-auth-client + +.PHONY: configure-codespaces-auth-client +configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client redirect base for GitHub Codespaces + @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ + CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ + KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ + echo "--> INFO: Configuring Keycloak auth client rootUrl for Codespaces..." ;\ + $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ + TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ + "$${KC_URL}/realms/master/protocol/openid-connect/token" \ + -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ + CLIENT_ID=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf \ + -H "Authorization: Bearer $${TOKEN}" \ + "$${KC_URL}/admin/realms/eda/clients?clientId=auth" | jq -r '.[0].id') ;\ + if [[ -z "$${CLIENT_ID}" || "$${CLIENT_ID}" == "null" ]]; then echo "[ERROR] Keycloak auth client not found" && exit 1; fi ;\ + $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ + -H 'Authorization: Bearer $${TOKEN}' \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + | jq '.rootUrl = \"$${CODESPACE_URL}\" | .baseUrl = \"/\" | .redirectUris = [\"/*\"] | .webOrigins = [\"+\"]' \ + | curl -skf -X PUT \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + -H 'Authorization: Bearer $${TOKEN}' \ + -H 'Content-Type: application/json' \ + --data @-" ;\ + echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ + else \ + echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ + fi + ifdef NO_TOPO TOPO := $(TOPO_EMPTY) From f23be499ddcf4b14213c6b7876323e724f6e30f0 Mon Sep 17 00:00:00 2001 From: Flosch62 Date: Fri, 1 May 2026 19:30:27 +0200 Subject: [PATCH 08/13] Set Codespaces Keycloak frontend URL --- .devcontainer/overrides.mk | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index 3a9bcf5..be17c35 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -81,7 +81,17 @@ configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client -H 'Authorization: Bearer $${TOKEN}' \ -H 'Content-Type: application/json' \ --data @-" ;\ + $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ + -H 'Authorization: Bearer $${TOKEN}' \ + '$${KC_URL}/admin/realms/eda' \ + | jq '.attributes.frontendUrl = \"$${CODESPACE_URL}/core/proxy/v1/identity\"' \ + | curl -skf -X PUT \ + '$${KC_URL}/admin/realms/eda' \ + -H 'Authorization: Bearer $${TOKEN}' \ + -H 'Content-Type: application/json' \ + --data @-" ;\ echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ + echo "--> INFO: Keycloak realm frontendUrl set to: $${CODESPACE_URL}/core/proxy/v1/identity" ;\ else \ echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ fi From e7a37120a1472efe7d889797250b14345710697c Mon Sep 17 00:00:00 2001 From: Kaelem Chandra Date: Sun, 3 May 2026 06:17:37 +1200 Subject: [PATCH 09/13] Remove keycloak patching --- .devcontainer/overrides.mk | 42 -------------------------------------- 1 file changed, 42 deletions(-) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index be17c35..7bca133 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -49,53 +49,11 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani ENGINE_CONFIG_FILE="$(KPT_CORE)/engine-config/engineconfig.yaml" ;\ if [[ ! -f "$$ENGINE_CONFIG_FILE" ]]; then (echo "[ERROR] EngineConfig manifest not found at $$ENGINE_CONFIG_FILE" && exit 1); fi ;\ $(YQ) eval '.spec.customSettings = load("$(CODESPACES_ENGINECONFIG_CUSTOM_SETTINGS_PATCH)").customSettings' -i "$$ENGINE_CONFIG_FILE" ;\ - $(YQ) eval '.spec.cluster.external.proxyMode = "XForward"' -i "$$ENGINE_CONFIG_FILE" ;\ } .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda -.PHONY: ls-ways-to-reach-api-server -ls-ways-to-reach-api-server: configure-codespaces-auth-client - -.PHONY: configure-codespaces-auth-client -configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client redirect base for GitHub Codespaces - @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ - CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ - KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ - echo "--> INFO: Configuring Keycloak auth client rootUrl for Codespaces..." ;\ - $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ - TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ - "$${KC_URL}/realms/master/protocol/openid-connect/token" \ - -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ - CLIENT_ID=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf \ - -H "Authorization: Bearer $${TOKEN}" \ - "$${KC_URL}/admin/realms/eda/clients?clientId=auth" | jq -r '.[0].id') ;\ - if [[ -z "$${CLIENT_ID}" || "$${CLIENT_ID}" == "null" ]]; then echo "[ERROR] Keycloak auth client not found" && exit 1; fi ;\ - $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ - -H 'Authorization: Bearer $${TOKEN}' \ - '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ - | jq '.rootUrl = \"$${CODESPACE_URL}\" | .baseUrl = \"/\" | .redirectUris = [\"/*\"] | .webOrigins = [\"+\"]' \ - | curl -skf -X PUT \ - '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ - -H 'Authorization: Bearer $${TOKEN}' \ - -H 'Content-Type: application/json' \ - --data @-" ;\ - $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ - -H 'Authorization: Bearer $${TOKEN}' \ - '$${KC_URL}/admin/realms/eda' \ - | jq '.attributes.frontendUrl = \"$${CODESPACE_URL}/core/proxy/v1/identity\"' \ - | curl -skf -X PUT \ - '$${KC_URL}/admin/realms/eda' \ - -H 'Authorization: Bearer $${TOKEN}' \ - -H 'Content-Type: application/json' \ - --data @-" ;\ - echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ - echo "--> INFO: Keycloak realm frontendUrl set to: $${CODESPACE_URL}/core/proxy/v1/identity" ;\ - else \ - echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ - fi - ifdef NO_TOPO TOPO := $(TOPO_EMPTY) From 5f3ac1e21c059387a86b73c44839308dab036b40 Mon Sep 17 00:00:00 2001 From: Kaelem Chandra Date: Sun, 3 May 2026 06:19:44 +1200 Subject: [PATCH 10/13] Set the proxy mode via kpt setters overrides --- .devcontainer/codespaces-4vcpu-kpt-setters.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.devcontainer/codespaces-4vcpu-kpt-setters.yaml b/.devcontainer/codespaces-4vcpu-kpt-setters.yaml index 56f31f2..70730e3 100644 --- a/.devcontainer/codespaces-4vcpu-kpt-setters.yaml +++ b/.devcontainer/codespaces-4vcpu-kpt-setters.yaml @@ -35,3 +35,4 @@ data: SC_REQ_CPU: 10m GOGS_PV_CLAIM_SIZE: 5Gi + EXT_PROXY_MODE: XForward From a4f8dd8e6bf3e46e787d23b6739c17623a7c9bac Mon Sep 17 00:00:00 2001 From: Kaelem Chandra Date: Sun, 3 May 2026 09:31:40 +1200 Subject: [PATCH 11/13] Attempt simpler rootUrl patch --- .devcontainer/overrides.mk | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index 7bca133..b335f17 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -1,7 +1,6 @@ KPT_RETRY ?= 5 KPT_RECONCILE_TIMEOUT ?= 3m KPT_LIVE_APPLY_ARGS += --reconcile-timeout=$(KPT_RECONCILE_TIMEOUT) -EDA_PORT ?= 9443 ifdef CODESPACE_EDA_VERSION EDA_CORE_VERSION=$(CODESPACE_EDA_VERSION) @@ -54,6 +53,33 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda +.PHONY: ls-ways-to-reach-api-server +ls-ways-to-reach-api-server: | $(KUBECTL) configure-codespaces-keycloak + +.PHONY: configure-codespaces-keycloak +configure-codespaces-keycloak: | $(KUBECTL) ## Configure Keycloak realm rootUrl for GitHub Codespaces + @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ + CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ + KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ + echo "--> INFO: Configuring Keycloak realm rootUrl for Codespaces..." ;\ + $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ + TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ + "$${KC_URL}/realms/master/protocol/openid-connect/token" \ + -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ + $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ + -H 'Authorization: Bearer $${TOKEN}' \ + '$${KC_URL}/admin/realms/eda' \ + | jq '.attributes.rootUrl = \"$${CODESPACE_URL}/core/proxy/v1/identity\"' \ + | curl -skf -X PUT \ + '$${KC_URL}/admin/realms/eda' \ + -H 'Authorization: Bearer $${TOKEN}' \ + -H 'Content-Type: application/json' \ + --data @-" ;\ + echo "--> INFO: Keycloak realm rootUrl set to: $${CODESPACE_URL}/core/proxy/v1/identity" ;\ + else \ + echo "--> INFO: Not running in Codespaces, skipping Keycloak realm rootUrl configuration" ;\ + fi + ifdef NO_TOPO TOPO := $(TOPO_EMPTY) From a25e7309e2bd94ac71f39cc605d25d16480b891b Mon Sep 17 00:00:00 2001 From: Kaelem Chandra Date: Sun, 3 May 2026 10:08:15 +1200 Subject: [PATCH 12/13] Revert "Remove keycloak patching" This reverts commit e7a37120a1472efe7d889797250b14345710697c. --- .../codespaces-4vcpu-kpt-setters.yaml | 1 - .devcontainer/overrides.mk | 30 ++++++++++++++----- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/.devcontainer/codespaces-4vcpu-kpt-setters.yaml b/.devcontainer/codespaces-4vcpu-kpt-setters.yaml index 70730e3..56f31f2 100644 --- a/.devcontainer/codespaces-4vcpu-kpt-setters.yaml +++ b/.devcontainer/codespaces-4vcpu-kpt-setters.yaml @@ -35,4 +35,3 @@ data: SC_REQ_CPU: 10m GOGS_PV_CLAIM_SIZE: 5Gi - EXT_PROXY_MODE: XForward diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index b335f17..be17c35 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -1,6 +1,7 @@ KPT_RETRY ?= 5 KPT_RECONCILE_TIMEOUT ?= 3m KPT_LIVE_APPLY_ARGS += --reconcile-timeout=$(KPT_RECONCILE_TIMEOUT) +EDA_PORT ?= 9443 ifdef CODESPACE_EDA_VERSION EDA_CORE_VERSION=$(CODESPACE_EDA_VERSION) @@ -48,36 +49,51 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani ENGINE_CONFIG_FILE="$(KPT_CORE)/engine-config/engineconfig.yaml" ;\ if [[ ! -f "$$ENGINE_CONFIG_FILE" ]]; then (echo "[ERROR] EngineConfig manifest not found at $$ENGINE_CONFIG_FILE" && exit 1); fi ;\ $(YQ) eval '.spec.customSettings = load("$(CODESPACES_ENGINECONFIG_CUSTOM_SETTINGS_PATCH)").customSettings' -i "$$ENGINE_CONFIG_FILE" ;\ + $(YQ) eval '.spec.cluster.external.proxyMode = "XForward"' -i "$$ENGINE_CONFIG_FILE" ;\ } .PHONY: configure-try-eda-params configure-try-eda-params: | $(BASE) $(BUILD) $(KPT) $(KPT_SETTERS_TRY_EDA_FILE) patch-codespaces-engineconfig ## Configure parameters specific to try-eda .PHONY: ls-ways-to-reach-api-server -ls-ways-to-reach-api-server: | $(KUBECTL) configure-codespaces-keycloak +ls-ways-to-reach-api-server: configure-codespaces-auth-client -.PHONY: configure-codespaces-keycloak -configure-codespaces-keycloak: | $(KUBECTL) ## Configure Keycloak realm rootUrl for GitHub Codespaces +.PHONY: configure-codespaces-auth-client +configure-codespaces-auth-client: | $(KUBECTL) ## Configure Keycloak auth client redirect base for GitHub Codespaces @if [ -n "$(CODESPACE_NAME)" ] && [ -n "$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ]; then \ CODESPACE_URL="https://$(CODESPACE_NAME)-$(EDA_PORT).$(GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN)" ;\ KC_URL="https://eda-api/core/httpproxy/v1/keycloak" ;\ - echo "--> INFO: Configuring Keycloak realm rootUrl for Codespaces..." ;\ + echo "--> INFO: Configuring Keycloak auth client rootUrl for Codespaces..." ;\ $(KUBECTL) wait --for=condition=ready pod -l eda.nokia.com/app=keycloak -n $(EDA_CORE_NAMESPACE) --timeout=300s ;\ TOKEN=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf -X POST \ "$${KC_URL}/realms/master/protocol/openid-connect/token" \ -d "username=admin" -d "password=admin" -d "grant_type=password" -d "client_id=admin-cli" | jq -r '.access_token') ;\ + CLIENT_ID=$$($(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- curl -skf \ + -H "Authorization: Bearer $${TOKEN}" \ + "$${KC_URL}/admin/realms/eda/clients?clientId=auth" | jq -r '.[0].id') ;\ + if [[ -z "$${CLIENT_ID}" || "$${CLIENT_ID}" == "null" ]]; then echo "[ERROR] Keycloak auth client not found" && exit 1; fi ;\ + $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ + -H 'Authorization: Bearer $${TOKEN}' \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + | jq '.rootUrl = \"$${CODESPACE_URL}\" | .baseUrl = \"/\" | .redirectUris = [\"/*\"] | .webOrigins = [\"+\"]' \ + | curl -skf -X PUT \ + '$${KC_URL}/admin/realms/eda/clients/$${CLIENT_ID}' \ + -H 'Authorization: Bearer $${TOKEN}' \ + -H 'Content-Type: application/json' \ + --data @-" ;\ $(KUBECTL) exec -n $(EDA_CORE_NAMESPACE) deploy/eda-toolbox -- sh -c "curl -skf \ -H 'Authorization: Bearer $${TOKEN}' \ '$${KC_URL}/admin/realms/eda' \ - | jq '.attributes.rootUrl = \"$${CODESPACE_URL}/core/proxy/v1/identity\"' \ + | jq '.attributes.frontendUrl = \"$${CODESPACE_URL}/core/proxy/v1/identity\"' \ | curl -skf -X PUT \ '$${KC_URL}/admin/realms/eda' \ -H 'Authorization: Bearer $${TOKEN}' \ -H 'Content-Type: application/json' \ --data @-" ;\ - echo "--> INFO: Keycloak realm rootUrl set to: $${CODESPACE_URL}/core/proxy/v1/identity" ;\ + echo "--> INFO: Keycloak auth client rootUrl set to: $${CODESPACE_URL}" ;\ + echo "--> INFO: Keycloak realm frontendUrl set to: $${CODESPACE_URL}/core/proxy/v1/identity" ;\ else \ - echo "--> INFO: Not running in Codespaces, skipping Keycloak realm rootUrl configuration" ;\ + echo "--> INFO: Not running in Codespaces, skipping Keycloak auth client configuration" ;\ fi ifdef NO_TOPO From 03eb4e5c52f153ef5d528812a305ec9d5aa6a3d5 Mon Sep 17 00:00:00 2001 From: Kaelem Chandra Date: Sun, 3 May 2026 10:14:32 +1200 Subject: [PATCH 13/13] Don't set the proxymode --- .devcontainer/overrides.mk | 1 - 1 file changed, 1 deletion(-) diff --git a/.devcontainer/overrides.mk b/.devcontainer/overrides.mk index be17c35..21b1e11 100644 --- a/.devcontainer/overrides.mk +++ b/.devcontainer/overrides.mk @@ -49,7 +49,6 @@ patch-codespaces-engineconfig: | $(YQ) $(KPT_PKG) ## Patch the EngineConfig mani ENGINE_CONFIG_FILE="$(KPT_CORE)/engine-config/engineconfig.yaml" ;\ if [[ ! -f "$$ENGINE_CONFIG_FILE" ]]; then (echo "[ERROR] EngineConfig manifest not found at $$ENGINE_CONFIG_FILE" && exit 1); fi ;\ $(YQ) eval '.spec.customSettings = load("$(CODESPACES_ENGINECONFIG_CUSTOM_SETTINGS_PATCH)").customSettings' -i "$$ENGINE_CONFIG_FILE" ;\ - $(YQ) eval '.spec.cluster.external.proxyMode = "XForward"' -i "$$ENGINE_CONFIG_FILE" ;\ } .PHONY: configure-try-eda-params