From 7c0cc65f8d1d064a01fb2c6611bdf496d11d1f33 Mon Sep 17 00:00:00 2001 From: Raimund Hook Date: Tue, 24 Oct 2023 13:02:29 +0100 Subject: [PATCH] Allow remote dev images to be specified by ENV variables EE: true Changelog: changed --- config/initializers/1_settings.rb | 8 +++++++ .../remote_development/workspace_variable.rb | 3 ++- ee/lib/remote_development/settings.rb | 24 +++++++++++++++++++ .../project_cloner_component_injector.rb | 4 ++-- .../create/tools_component_injector.rb | 5 ++-- .../project_cloner_component_injector_spec.rb | 14 +++++++++++ .../create/tools_component_injector_spec.rb | 14 +++++++++++ 7 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 ee/lib/remote_development/settings.rb diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index bbb55a901010ae..023ea28a726859 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -2,6 +2,7 @@ require_relative '../settings' require_relative '../object_store_settings' +require_relative '../../ee/lib/remote_development/settings' require_relative '../smime_signature_settings' # Default settings @@ -992,6 +993,13 @@ Settings.zoekt['password_file'] ||= Rails.root.join('.gitlab_zoekt_password') end +# +# Remote Development +# +Gitlab.ee do + RemoteDevelopment::Settings.initialize_settings(settings: Settings) +end + # # Repositories # diff --git a/ee/app/models/remote_development/workspace_variable.rb b/ee/app/models/remote_development/workspace_variable.rb index 40e1737a4e53be..59957564a0cfa8 100644 --- a/ee/app/models/remote_development/workspace_variable.rb +++ b/ee/app/models/remote_development/workspace_variable.rb @@ -24,7 +24,8 @@ class WorkspaceVariable < ApplicationRecord attr_encrypted :value, mode: :per_attribute_iv, - key: Settings.attr_encrypted_db_key_base_32, + # TODO: Change this to be injected via config + key: ::Settings.attr_encrypted_db_key_base_32, algorithm: 'aes-256-gcm' end end diff --git a/ee/lib/remote_development/settings.rb b/ee/lib/remote_development/settings.rb new file mode 100644 index 00000000000000..1a7ec28a3e8d15 --- /dev/null +++ b/ee/lib/remote_development/settings.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +module RemoteDevelopment + class Settings + # @return void + # @param [::GitlabSettings::Settings] settings + def self.initialize_settings(settings:) + settings['remote_development'] ||= {} + + settings_and_defaults = [ + [:project_editor_image, ''], + [:project_editor_tag, ''], + [:project_cloner_image, ''], + [:project_cloner_tag, ''] + ] + + settings_and_defaults.each do |setting_name, default_value| + env_var_name = "GITLAB_REMOTE_DEVELOPMENT_#{setting_name.to_s.upcase}" + # noinspection RubyResolve - + settings.remote_development[setting_name.to_s] ||= ENV[env_var_name] || default_value + end + end + end +end diff --git a/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb b/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb index 36b4f11bce16a1..8aced6d7f86443 100644 --- a/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb +++ b/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb @@ -21,8 +21,8 @@ def self.inject(value) # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/408448 # replace the alpine/git docker image with one that is published by gitlab for security / reliability # reasons - image_name = 'alpine/git' - image_tag = '2.36.3' + image_name = Settings.remote_development.project_cloner_image || 'alpine/git' + image_tag = Settings.remote_development.project_cloner_tag || '2.36.3' clone_dir = "#{volume_path}/#{project.path}" project_url = project.http_url_to_repo project_ref = project.default_branch diff --git a/ee/lib/remote_development/workspaces/create/tools_component_injector.rb b/ee/lib/remote_development/workspaces/create/tools_component_injector.rb index b8637e3cec1cb8..d6f4a0ac3a8876 100644 --- a/ee/lib/remote_development/workspaces/create/tools_component_injector.rb +++ b/ee/lib/remote_development/workspaces/create/tools_component_injector.rb @@ -131,8 +131,9 @@ def self.inject_tools_component(processed_devfile, tools_dir) # @return [Array] def self.tools_components(tools_dir) # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/409775 - choose image based on which editor is passed. - image_name = 'registry.gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector' - image_tag = '7' + image_name = Settings.remote_development.project_editor_image || + 'registry.gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector' + image_tag = Settings.remote_development.project_editor_tag || '7' [ { diff --git a/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb b/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb index d35515347fc37f..319ef1af00bb3a 100644 --- a/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb +++ b/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb @@ -15,6 +15,7 @@ let(:expected_processed_devfile_name) { 'example.project-cloner-injected-devfile.yaml' } let(:expected_processed_devfile) { YAML.safe_load(read_devfile(expected_processed_devfile_name)).to_h } let(:component_name) { "gl-cloner-injector" } + let(:other_registry_image_name) { 'other.registry.com/alpine/git' } let(:value) do { params: { @@ -36,4 +37,17 @@ it "injects the project cloner component" do expect(returned_value[:processed_devfile]).to eq(expected_processed_devfile) end + + context 'when the project_cloner_image setting is configured' do + before do + Settings.remote_development.project_cloner_image = other_registry_image_name + end + + it 'injects the specified image instead of the default' do + components = returned_value.dig(:processed_devfile, "components") + editor_injector_component = components.find { |component| component.fetch("name") == component_name } + + expect(editor_injector_component.dig('container', 'image')).to eq("#{other_registry_image_name}:2.36.3") + end + end end diff --git a/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb b/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb index 1c7dea278e161f..a71746f01ca87a 100644 --- a/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb +++ b/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb @@ -6,6 +6,7 @@ include_context 'with remote development shared fixtures' let(:agent) { create(:ee_cluster_agent, :with_remote_development_agent_config) } + let(:other_registry_image_name) { 'other.registry.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector' } let(:input_processed_devfile_name) { 'example.flattened-devfile.yaml' } let(:input_processed_devfile) { YAML.safe_load(read_devfile(input_processed_devfile_name)).to_h } let(:expected_processed_devfile_name) { 'example.tools-injected-devfile.yaml' } @@ -43,4 +44,17 @@ expect(returned_value[:processed_devfile]).to eq(expected_processed_devfile) end end + + context 'when the project_editor_image setting is configured' do + before do + Settings.remote_development.project_editor_image = other_registry_image_name + end + + it 'injects the specified image instead of the default' do + components = returned_value.dig(:processed_devfile, "components") + editor_injector_component = components.find { |component| component.fetch("name") == component_name } + + expect(editor_injector_component.dig('container', 'image')).to eq("#{other_registry_image_name}:2") + end + end end -- GitLab