* [server] Move /ready to /startup, and rename code to StartupController (because it's used by the StartupProbe)
Tool: gitpod/catfood.gitpod.cloud
* [server] Introduce special /ready handler that only returns "false" during the shutdown phase
Tool: gitpod/catfood.gitpod.cloud
* [server] Introduce ReadinessController and probe at /ready
Tool: gitpod/catfood.gitpod.cloud
* [server] Move /live and /ready endpoints to a separate express app and port
Tool: gitpod/catfood.gitpod.cloud
* [memory-bank] task-related learnings
Tool: gitpod/catfood.gitpod.cloud
* [server] Introduce `server_readiness_probe` feature flag so we can disable the ReadinessProbe if required
Tool: gitpod/catfood.gitpod.cloud
* docs: formalize Product Requirements Document workflow
- Add PRD workflow to systemPatterns.md as a standardized development process
- Update .clinerules with instructions to follow the PRD workflow
- Update activeContext.md and progress.md to reference the new workflow
This formalizes the process we used for implementing the server readiness probe feature.
Tool: gitpod/catfood.gitpod.cloud
* [server] ReadinessProbe: add redis as dependency
Tool: gitpod/catfood.gitpod.cloud
* review comments
Tool: gitpod/catfood.gitpod.cloud
* [dev] Remove outdated gopls config
Tool: gitpod/catfood.gitpod.cloud
* [server] Fix import
Tool: gitpod/catfood.gitpod.cloud
* [node-labeler] Refactor node labeling to use taints instead of labels
* [agent-smith] Add toleration to daemonset
* Add workspace component tolerations to various Gitpod components if it running in Full installation
* Apply suggestions from code review
Co-authored-by: Kyle Brennan <kyle@gitpod.io>
* Update components/node-labeler/cmd/run.go
Co-authored-by: Kyle Brennan <kyle@gitpod.io>
---------
Co-authored-by: Kyle Brennan <kyle@gitpod.io>
* [server config] Introduce isDedicatedInstallation, and use it to replace isSIngleOrgInstallation
incl. further cleanup around getConfiguration and server config
* [server, dashboard] Remove enableDedicatedOnboardingFlow feature flag and replace is with getInstallationConfiguration.IsDedicatedInstallation
* [dashboard, server] Remove "sinlgeOrgMode"
* [server] OrganizationService: block createTeam consistently for org-owned users
* [server, dashboard] Introduce "enable_multi_org" feature flag to allow admin-user to create organizations
* [dashboard] introduce "/?orgSlug=", which allows to pre-select an org in a "create workspace" URL (e.g. "/?orgSlug=org1#github.com/my/repo")
* [db] Auto-delete container "test-mysql" if it's already present
* fix tests
* [dashboard] Check if localStorage is available before using it
* [dashboard] SSOLogin: fix orgSlug source precedence to: path/search/localStorage
* [server] Deny "joinOrganization" for org-owned users
* Gpl/970-multi-org-tests (#20436)
* fix tests for real
* [server] Create OrgService.createOrgOwnedUser, and use that across tests to fix the "can't join org" permission issues
* Update components/server/src/orgs/organization-service.ts
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* Use `__Host-` prefix for cookie
* Fix tests
* Remove domain from cookie
* Fix logout
* remove unused fn
* fix user logout properly
* [server] Make domain-only cookie work for GitHub oauth login
... by adding additional step so we can set the cookie for the base domain only
* test: fix by redirecting before callbacl/authorize
* [server] SessionHandler: Allow to login with both primary and secondary cookies
* [server] Clear 2ndary cookie on logout
* Fix filtering cookie values when primary cookie is empty
* Fix logouts
* Fix tests
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* [public-api] add dummy service for testing
* [public-api] proxy dummy to server
* [public-api] hello service server impl
* [server] fix API contribution bindings
* [dashboard] emulate unary call
* only if actually called
* [dummy] auth
* fix tests
* [server] add interceptor to public api
* add server side observability
* fix port name
* change to unimplemented for unknown methods
* [public-api] client metrics
* fix metrics imports
* align server metrics
* actually fix metrics
* add feature flags
* fix server side streams
* [dashboard] hook error reporting
* rebase and fix imports
* feature flagged metrics from dashboard
* revert GRPC_TYPE
* address feedback
* Make db waiter to wait latest migration
* Move generate out of build
* Remove conn require
* Allow to ignore migration check
* Use shell
* Use fail and remote useless log
* Generate service-waiter txt when create migration
* Revert "Generate service-waiter txt when create migration"
This reverts commit 11c12b83544a448f9784f8aa94cdfd69cfb15f45.
* Add log
* Implement user account verification with LinkedIn during onboarding
* updating connect with linked-in banner
* removing unused imports
* Store token, fix binding
* Refactor LinkedInToken to LinkedInProfile
* Actually write the LinkedIn secret to the server config
* Fetch LinkedIn user profile and email address
* Add creationTime column to d_b_linked_in_profile
* Add more debug logging
* Fix LinkedIn API calls, mount LinkedInProfileDB
* Also bind LinkedInProfileDB
* Add LinkedIn scope r_liteprofile
* Enhance LinkedIn profile retrieval, store the profile, ensure uniqueness
* Align with UX spec and complete onboarding flow
* Prevent the LinkedIn button from auto-submitting the onboarding form
* Address nits (LinkedInService to /src and minor spacing)
---------
Co-authored-by: Brad Harris <bmharris@gmail.com>
* Add trust.cert-manager.io for to bundle CA certificates
Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
* Configure CA volume and volumemount in components
* Update ws-manager golden files
* Deploy trust manager in preview
* Remove duplicated volume
* Update installer golden files
* Generate a bundle only for registry-facade
* Update golden files
* Fix initcontainer volume mounts
* Update golden files
* Fix registry-facade certificate
* Update golden files
* Disable skip_verify
* Enable force conflict with apply server side
Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
* Avoid random werft namespace errors
Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
---------
Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
