archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
9,635 Commits 1,231 Branches 1,883 Tags
Commit Graph

35 Commits

Author SHA1 Message Date
Pudong
b465d06617
Uniformly use proxy to get the configuration of configcat (#16942) 
* Uniformly use proxy to get the configuration of configcat

* Add configcat enabled in workspace info api

* enabled configcat in ide-service
 2023-03-23 11:01:15 +01:00
Manuel Alejandro de Brito Fontes
5b30eb5b8c
Remove unused caCertSecret (#16793) 
* Add trust.cert-manager.io for to bundle CA certificates

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

* Configure CA volume and volumemount in components

* Update ws-manager golden files

* Deploy trust manager in preview

* Remove duplicated volume

* Update installer golden files

* Generate a bundle only for registry-facade

* Update golden files

* Fix initcontainer volume mounts

* Update golden files

* Fix registry-facade certificate

* Update golden files

* Disable skip_verify

* Enable force conflict with apply server side

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

* Avoid random werft namespace errors

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

---------

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
 2023-03-21 11:44:13 +01:00
Thomas Schubart
c800175c72
[ws-manager-mk2] Protect tokens (#16806) 
* [wsman-mk2] Create token secret

* [installer] Fix casing for namespace type metadata

* [installer] Create secrets namespace

* [installer] Configure roles and bindings

* [installer] Move namespace constant to common pkg

* [installer] Create permissions for ws-daemon

* [wsman-mk2] Watch on multiple ns

* [ws-daemon] Use token secret

* [wsman-mk2] Remove secret from initializer

* [wsman-mk2] Test token secret

* [werft] Fix document index

* [installer] Update render tests

* [wsman-mk2] Fix imports

* [wsman-mk2] Ensure maintenance controller required permissions

* [wsman-mk2] Retry deleting secret

* [installer] Ensure objects in secrets namespace are only created with mk2 option
 2023-03-15 12:57:07 +01:00
Manuel Alejandro de Brito Fontes
97f8d4b802
Ensure the spread of pods on different nodes (#16810) 
* Ensure the spread of pods on different nodes

* Replace string ClusterFirst

* Replace Always string in DNSPolicy

* Fix registry-facade affinity

* Fix ws-proxy affinity

* Address feedback

* Update golden files
 2023-03-15 10:21:07 +01:00
Milan Pavlik
4269a7ce42
[installer] Add OpenTelemetry env variables to tracing (#16668) 
* [installer] Add OpenTelemetry env variables to tracing

* fix
 2023-03-09 09:02:45 +01:00
Manuel Alejandro de Brito Fontes
ec6b911f24
Simplify image-builder-mk3 and registry-facade init containers (#16633) 
* Simplify image-builder-mk3 and registry-facade init containers

* Include new image-builder-mk3-wsman deployment

* Wait before updating node labels

* Ensure the loop runs more than once
 2023-03-03 19:48:01 +01:00
Gero Posmyk-Leinemann
11caa55346 [installer] Replace flag withoutWorkspaceComponents with 'Kind != "Full"' 2023-02-02 11:17:40 +01:00
Simon Emms
6ef48d59c6 [installer]: refactor message bus config to use an external secret 
Previously, this was defined as a Helm secret inline. Now, this uses the
way that the Installer supports by default.
 2023-01-23 14:45:30 +01:00
Simon Emms
1ad65e73b7 [installer]: promote common.podConfig to main config 2023-01-20 11:04:28 +01:00
Milan Pavlik
08504033f4 [installer] Reduce duplication when extracting experimental webapp config 2023-01-11 15:46:51 +01:00
Gero Posmyk-Leinemann
8a03b3a156 [installer, gitpod-db] Introduce database.ssl.ca 2022-12-15 12:29:24 -03:00
Milan Pavlik
6d52267ce6 [iam] Mount database secret as a file 2022-12-14 04:49:24 -03:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Tarun Pothulapati
c2eb0c15d1 [installer] manually set allowPrivilegeEscalation to false 
This PR manually sets the `allowPrivilegeEscalation` container
config to false where we don't need extra capabilities. This
is needed as not setting this explicitely could mean that
it could still be `true` based on other settings.

This also helps us future proof on any behaviour changes around
this.

Signed-off-by: Tarun Pothulapati <tarun@gitpod.io>
 2022-12-05 06:28:15 -03:00
Manuel Alejandro de Brito Fontes
def55ee7ba Add option to add authentication to Jaeger and custom tags 2022-10-11 13:51:26 +02:00
Simon Emms
90ee6fdc06 [installer]: set proxy server configuration in installer 2022-09-13 12:38:14 +02:00
mustard
c8d0dd11ab [installer] add configcat env for proxy 2022-09-09 12:25:24 +02:00
Simon Emms
36adc7d118 Revert "[installer]: remove all podsecuritypolicies" 
This reverts commit 1c6693b8481141364d41c3428a99c0bc655556a7.
 2022-08-23 20:42:39 +02:00
Simon Emms
1c6693b848 [installer]: remove all podsecuritypolicies 
This is deprecated in kubernetes 1.21 and removed in 1.25 and it's not
really used in this setup
 2022-08-22 15:00:39 +02:00
Manuel Alejandro de Brito Fontes
14095f470b Refactor configuration of localhost address, metric and debug ports 2022-07-23 11:19:18 -03:00
Thomas Schubart
88e5beb8d6 [bridge] Regularly check for class updates 2022-07-06 23:15:53 +05:30
Gero Posmyk-Leinemann
09dbf29160 [db] Remove DeletedEntryGC and all references 2022-06-27 15:41:36 +05:30
Manuel Alejandro de Brito Fontes
624021f2f2 Simplify configuration of KubeRBACProxyContainerWithConfig and remove collision 2022-06-03 18:07:52 +05:30
Andrew Farries
1119e5578b Add WebappTracingEnv function 
Define it and WorkspaceTracingEnv in terms of a new `tracingEnv`
function. `WorkspaceTracingEnv` and `WebappTracingEnv` pass the
`*tracing` argument from the Workspace config and the WebApp
config respectively.
 2022-05-11 13:25:26 +05:30
Andrew Farries
7363937d54 Rename TracingEnv to WorkspaceTracingEnv 2022-05-11 13:25:26 +05:30
Andrew Farries
32a430364a Add disableMigration to webapp config 
Use it to skip rendering:
* the `migration' job.
* the `dbinit-session` job.
* the `dbinit-scripts` configmaps.
 2022-05-05 19:40:21 +05:30
Gero Posmyk-Leinemann
f70a58cea9 [installer] Fix shortname usage 2022-05-03 21:48:19 +05:30
Milan Pavlik
6d7e8c587e [public-api] Add kube-rbac proxy container to deployment 2022-04-29 14:36:15 +05:30
Andrew Farries
c8358e87ee Add ResourceRequirements function to common 
Take a default set of ResourceRequirements and override them if any
resource config for the given component is present in the `experimental`
section.
 2022-04-28 20:04:14 +05:30
Andrew Farries
e9619f792f Add common.Replicas function 
To allow lookup of replica counts. Defaults to one if there is no
replica count configured for a component.
 2022-04-26 13:14:38 +05:30
Simon Emms
948ae5192b [installer]: add DropImageRepo functionality to RepoName 
This moves the ImageName and RepoName functions to the RenderContext
struct.
 2022-04-21 18:26:33 +05:30
Andrew Farries
3fdd2d9754 Rename common.Affinity to NodeAffinity 2022-04-20 02:48:32 +05:30
Gero Posmyk-Leinemann
37feff2c4a [proxy] REplace GITPOD_INSTALLATION_LONGNAME with "<region>.<shortname>" 2022-04-19 20:33:32 +05:30
Manuel Alejandro de Brito Fontes
44ef47089b Remove unused labels 2022-03-04 13:42:11 +05:30
Simon Emms
4820e804bb [installer]: move to /install 2022-02-22 17:03:02 +05:30