From 73bbeaafeac5abdedbd9e7903fc2a305fb9bbdca Mon Sep 17 00:00:00 2001
From: Anatolii Bazko <abazko@redhat.com>
Date: Mon, 2 May 2022 13:10:06 +0300
Subject: [PATCH] =?UTF-8?q?fix:=20Respect=20labels=20for=20workspace=20rou?=
 =?UTF-8?q?tes=20set=20in=20spec.server.CustomChe=E2=80=A6=20(#1368)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: Respect labels for workspace routes set in spec.server.CustomCheProperties[CHE_INFRA_OPENSHIFT_ROUTE_LABELS]
* Restart pods when configuration changed

Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---
 .../devworkspace/solver/endpoint_exposer.go   | 22 ++++++++++++++-----
 pkg/deploy/gateway/oauth_proxy.go             |  9 ++++++++
 pkg/deploy/registry/registry_deployment.go    |  6 +++++
 3 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/controllers/devworkspace/solver/endpoint_exposer.go b/controllers/devworkspace/solver/endpoint_exposer.go
index cd226cfcb..ba7d9d6fb 100644
--- a/controllers/devworkspace/solver/endpoint_exposer.go
+++ b/controllers/devworkspace/solver/endpoint_exposer.go
@@ -18,6 +18,7 @@ import (
 
 	dwo "github.com/devfile/devworkspace-operator/apis/controller/v1alpha1"
 	"github.com/devfile/devworkspace-operator/pkg/constants"
+	checluster "github.com/eclipse-che/che-operator/api"
 	"github.com/eclipse-che/che-operator/api/v2alpha1"
 	"github.com/eclipse-che/che-operator/controllers/devworkspace/defaults"
 	"github.com/eclipse-che/che-operator/pkg/deploy"
@@ -26,6 +27,7 @@ import (
 	networkingv1 "k8s.io/api/networking/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
@@ -40,6 +42,7 @@ type IngressExposer struct {
 type RouteExposer struct {
 	devWorkspaceID       string
 	baseDomain           string
+	labels               map[string]string
 	tlsSecretKey         string
 	tlsSecretCertificate string
 }
@@ -66,6 +69,10 @@ func (e *RouteExposer) initFrom(ctx context.Context, cl client.Client, cluster *
 	e.baseDomain = cluster.Status.WorkspaceBaseDomain
 	e.devWorkspaceID = routing.Spec.DevWorkspaceId
 
+	e.labels = map[string]string{}
+	checlusterV1 := checluster.AsV1(cluster)
+	deploy.MergeLabels(e.labels, checlusterV1.Spec.Server.CustomCheProperties["CHE_INFRA_OPENSHIFT_ROUTE_LABELS"])
+
 	if cluster.Spec.Workspaces.DomainEndpoints.TlsSecretName != "" {
 		secret := &corev1.Secret{}
 		err := cl.Get(ctx, client.ObjectKey{Name: cluster.Spec.Workspaces.DomainEndpoints.TlsSecretName, Namespace: cluster.Namespace}, secret)
@@ -133,14 +140,17 @@ func (e *IngressExposer) initFrom(ctx context.Context, cl client.Client, cluster
 
 func (e *RouteExposer) getRouteForService(endpoint *EndpointInfo) routev1.Route {
 	targetEndpoint := intstr.FromInt(int(endpoint.port))
+	labels := labels.Merge(
+		e.labels,
+		map[string]string{
+			constants.DevWorkspaceIDLabel:   e.devWorkspaceID,
+			deploy.KubernetesPartOfLabelKey: deploy.CheEclipseOrg,
+		})
 	route := routev1.Route{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      getEndpointExposingObjectName(endpoint.componentName, e.devWorkspaceID, endpoint.port, endpoint.endpointName),
-			Namespace: endpoint.service.Namespace,
-			Labels: map[string]string{
-				constants.DevWorkspaceIDLabel:   e.devWorkspaceID,
-				deploy.KubernetesPartOfLabelKey: deploy.CheEclipseOrg,
-			},
+			Name:            getEndpointExposingObjectName(endpoint.componentName, e.devWorkspaceID, endpoint.port, endpoint.endpointName),
+			Namespace:       endpoint.service.Namespace,
+			Labels:          labels,
 			Annotations:     routeAnnotations(endpoint.componentName, endpoint.endpointName),
 			OwnerReferences: endpoint.service.OwnerReferences,
 		},
diff --git a/pkg/deploy/gateway/oauth_proxy.go b/pkg/deploy/gateway/oauth_proxy.go
index 18ed31ead..4d3426af3 100644
--- a/pkg/deploy/gateway/oauth_proxy.go
+++ b/pkg/deploy/gateway/oauth_proxy.go
@@ -132,6 +132,11 @@ func skipAuthConfig(instance *orgv1.CheCluster) string {
 }
 
 func getOauthProxyContainerSpec(ctx *deploy.DeployContext) corev1.Container {
+	// append env var with ConfigMap revision to restore pod automatically when config has been changed
+	cm := &corev1.ConfigMap{}
+	exists, _ := deploy.GetNamespacedObject(ctx, "che-gateway-config-oauth-proxy", cm)
+	configMapRevision := map[bool]string{true: cm.GetResourceVersion(), false: ""}[exists]
+
 	authnImage := util.GetValue(ctx.CheCluster.Spec.Auth.GatewayAuthenticationSidecarImage, deploy.DefaultGatewayAuthenticationSidecarImage(ctx.CheCluster))
 	return corev1.Container{
 		Name:            "oauth-proxy",
@@ -172,6 +177,10 @@ func getOauthProxyContainerSpec(ctx *deploy.DeployContext) corev1.Container {
 				Name:  "no_proxy",
 				Value: ctx.Proxy.NoProxy,
 			},
+			{
+				Name:  "CM_REVISION",
+				Value: configMapRevision,
+			},
 		},
 	}
 }
diff --git a/pkg/deploy/registry/registry_deployment.go b/pkg/deploy/registry/registry_deployment.go
index ea0d0f3e3..543b6d922 100644
--- a/pkg/deploy/registry/registry_deployment.go
+++ b/pkg/deploy/registry/registry_deployment.go
@@ -28,6 +28,12 @@ func GetSpecRegistryDeployment(
 	resources corev1.ResourceRequirements,
 	probePath string) *appsv1.Deployment {
 
+	// append env var with ConfigMap revision to restore pod automatically when config has been changed
+	cm := &corev1.ConfigMap{}
+	exists, _ := deploy.GetNamespacedObject(deployContext, registryType+"-registry", cm)
+	configMapRevision := map[bool]string{true: cm.GetResourceVersion(), false: ""}[exists]
+	env = append(env, corev1.EnvVar{Name: "CM_REVISION", Value: configMapRevision})
+
 	terminationGracePeriodSeconds := int64(30)
 	name := registryType + "-registry"
 	labels, labelSelector := deploy.GetLabelsAndSelector(deployContext.CheCluster, name)