* [go components] Fixed "go test ./..." in various components
Tool: gitpod/catfood.gitpod.cloud
* [go components] Update k8s 0.29.3 -> 0.30.9 API
- update the go-update-wc-deps.sh script to handle the brunt of that transition
- fixes Maintenance- + Subscriber-Controller
- document steps
Tool: gitpod/catfood.gitpod.cloud
* [ws-manager-mk2] Decide how to apply appamor config based on serverversion to support k8s 1.30+
Tool: gitpod/catfood.gitpod.cloud
* [gpctl] Missing go mod tidy
Tool: gitpod/catfood.gitpod.cloud
* Replace vulnerable outcaste-io/badger/v3 with original dgraph-io/badger/v3
Tool: gitpod/catfood.gitpod.cloud
* more go mod tidy
Tool: gitpod/catfood.gitpod.cloud
* [image-builder-bob, installer] Select the correct version of containerd....
Tool: gitpod/catfood.gitpod.cloud
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* [ws-proxy] upgrade golang-crypto
* Upgrade all direct deps
* Upgrade `golang.org/x/crypto` to v0.31.0
* bump up
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* [server config] Introduce isDedicatedInstallation, and use it to replace isSIngleOrgInstallation
incl. further cleanup around getConfiguration and server config
* [server, dashboard] Remove enableDedicatedOnboardingFlow feature flag and replace is with getInstallationConfiguration.IsDedicatedInstallation
* [dashboard, server] Remove "sinlgeOrgMode"
* [server] OrganizationService: block createTeam consistently for org-owned users
* [server, dashboard] Introduce "enable_multi_org" feature flag to allow admin-user to create organizations
* [dashboard] introduce "/?orgSlug=", which allows to pre-select an org in a "create workspace" URL (e.g. "/?orgSlug=org1#github.com/my/repo")
* [db] Auto-delete container "test-mysql" if it's already present
* fix tests
* [dashboard] Check if localStorage is available before using it
* [dashboard] SSOLogin: fix orgSlug source precedence to: path/search/localStorage
* [server] Deny "joinOrganization" for org-owned users
* Gpl/970-multi-org-tests (#20436)
* fix tests for real
* [server] Create OrgService.createOrgOwnedUser, and use that across tests to fix the "can't join org" permission issues
* Update components/server/src/orgs/organization-service.ts
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* Auto script
* Point cline and rider to old backend plugin version
* Make stable plugin build
* Make rider build
* Update patch for rr and cl
* Make stable Gateway compatible
* [JetBrains] force upgrade intelliJ to `2024.2`
* Force append a version
* Force use latet backend-plugin
* Pin backend-plugin version
* fix preview env
* 1
* Address feedback
* [test] fix TestProcessPriority
Need to give ws-daemon time before it applies process priority
* [server] always limit network connections
We are not limiting network connections for preview environments
* Cleanup
* Fix
* Always do network limiting
* Regardless of billing mode
* If there's an error
* Wait a bit longer, just in-case, to make the test more durable
* Cleanup
* No parallel
* [preview] update to use gen111 image
* [test] fix TestOpenWorkspaceFromPrebuild test
It was failing with an exit code of 2 on grep, because it was trying to grep a folder, rather than recurse into it.
When the grep command was run manually from a workspace that started from a prebuild, we saw `grep: logs: Is a directory`. So, it's important for integration tests to output the exit code, but also error text.
* [test] fix TestOpenWorkspaceFromPrebuild
We need to wait for the started workspace to stop, before we try to restart it
* be parallel again
* Nope
* Set StripeSecret on Preview install
Otherwise this returns false:
643701c635/components/server/src/billing/billing-mode.ts (L25)
Because EnablePayment is set to false at install time:
643701c635/install/installer/pkg/components/server/configmap.go (L282)
This helps avoid the scenario where the image-pull-secret is added to the monitoring-satellite namespace, and not our default namespace.
How to test:
`leeway run dev:preview` from a local branch, all pods should enter ready (w/o this change they do not)
* [dev-image] upgrade terraform and gcloud
* update leeway version and use new cache bucket
* update image tag
* use oidc
* fix bob
* Add code web extension as package
* gcr token refresh
* fluentbit use service account
* Add xterm web ide as package
* add ide configmap patch
* fix ide first page 502
* remove secret manager
* fix monitoring
* fix integration and delete preview
* cleanup
* use previewctl:install
* change folder
* cleanup
* change leeway cache bucket for main branch
* cleanup
* fix
* hot-deploy
* [preview] update to gen108 VM image
* [preview] sleep longer
This is a bandaid. With a shorter sleep, the API server tries to come online, but fails. As a result, core-dns stays pending, and calico and other manifests are never applied.
* [preview] no local storage
* [preview] wait for containerd
* [preview] disable-network-policy, as per k3s suggestion when using calico as CNI
ref: https://docs.k3s.io/installation/network-options#custom-cni
* [preview] improve parity with prod
* [preview] gain more parity with prod
* [preview] scale coredns to 1
* [preview] use out of the box coredns
* remove tweak for containerd readiness in cloudinit.yaml
* [sshgateway] use ssh CA to auth
* change name
* add error log
* fix
* mark volume optional
* [installer] validate ssh-ca secret
* Revert "[installer] validate ssh-ca secret"
This reverts commit ca6ede78a7b5a720fd315eca32eb277cb5063069.
We must support the scenario where the installer has the secret, but, it is not in the cluster yet.
---------
Co-authored-by: Kyle Brennan <kyle@gitpod.io>
* Enable leader election in ws-manager-mk2
* Update go modules
* Move workspace activity to CRD
* Remove workspace activity
* Cleanup
* Update ws-manager-mk2 CRD
* Cleanup
* Restore lastActivity logic
* TEST
* Disable observability
* Start the grpc server after leader election
* Bount the source of subscribers to an informer
* Cleanup
* Avoid deepCopy
* Remove goroutine to execute OnReconcile
* Refactor last activity to be consistent acrtoss the controllers
* Address feedback
