diff --git a/core/che-core-api-model/src/main/java/org/eclipse/che/api/core/model/workspace/config/ServerConfig.java b/core/che-core-api-model/src/main/java/org/eclipse/che/api/core/model/workspace/config/ServerConfig.java index dc88f8bc1d..272bc1018b 100644 --- a/core/che-core-api-model/src/main/java/org/eclipse/che/api/core/model/workspace/config/ServerConfig.java +++ b/core/che-core-api-model/src/main/java/org/eclipse/che/api/core/model/workspace/config/ServerConfig.java @@ -227,26 +227,6 @@ public interface ServerConfig { } } - /** - * This is checking if the attributes configure the server to be exposed on a subdomain if we're - * on single-host. It has no effect on other server exposure strategies. - */ - static boolean isRequireSubdomain(Map attributes) { - return AttributesEvaluator.booleanAttr(attributes, REQUIRE_SUBDOMAIN, false); - } - - /** - * Modify the attributes to configure the server to be exposed on a subdomain if we're on - * single-host. It has no effect on other server exposure strategies. - */ - static void setRequireSubdomain(Map attributes, boolean value) { - if (value) { - attributes.put(REQUIRE_SUBDOMAIN, Boolean.TRUE.toString()); - } else { - attributes.remove(REQUIRE_SUBDOMAIN); - } - } - /** * Finds the unsecured paths configuration in the provided attributes.s * @@ -299,11 +279,6 @@ public interface ServerConfig { default boolean isDiscoverable() { return isDiscoverable(getAttributes()); } - - /** @see #isRequireSubdomain(Map) */ - default boolean isRequireSubdomain() { - return isRequireSubdomain(getAttributes()); - } } // helper class for the default methods in the above interface diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java index affb9f72f0..f40491b9fc 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java @@ -24,7 +24,6 @@ import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl; import org.eclipse.che.api.workspace.server.spi.InfrastructureException; import org.eclipse.che.workspace.infrastructure.kubernetes.Annotations; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.WorkspaceExposureType; import org.eclipse.che.workspace.infrastructure.kubernetes.util.GatewayConfigmapLabels; /** @@ -36,16 +35,13 @@ public class GatewayTlsProvisioner private final boolean isTlsEnabled; private final GatewayConfigmapLabels configmapLabels; - private final TlsProvisioner nativeProvisioner; @Inject public GatewayTlsProvisioner( @Named("che.infra.kubernetes.tls_enabled") boolean isTlsEnabled, - GatewayConfigmapLabels configmapLabels, - TlsProvisionerProvider provisionerProvider) { + GatewayConfigmapLabels configmapLabels) { this.isTlsEnabled = isTlsEnabled; this.configmapLabels = configmapLabels; - this.nativeProvisioner = provisionerProvider.get(WorkspaceExposureType.NATIVE); } @Override @@ -59,8 +55,6 @@ public class GatewayTlsProvisioner useSecureProtocolForGatewayConfigMap(configMap); } } - - nativeProvisioner.provision(k8sEnv, identity); } private void useSecureProtocolForGatewayConfigMap(ConfigMap configMap) diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/AbstractExposureStrategyAwareProvider.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/AbstractExposureStrategyAwareProvider.java index a6d274b7a3..dc036c0cc0 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/AbstractExposureStrategyAwareProvider.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/AbstractExposureStrategyAwareProvider.java @@ -25,7 +25,6 @@ import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.Singl public abstract class AbstractExposureStrategyAwareProvider implements Provider { protected final T instance; - protected final Map instanceMap; /** * Constructs a new provider returning one of the instances from the provided mapping @@ -58,17 +57,9 @@ public abstract class AbstractExposureStrategyAwareProvider implements Provid if (instance == null) { throw new IllegalStateException(String.format(errorMessageTemplate, wsExposureType)); } - - instanceMap = mapping; } - /** Returns the object mapped to the configured exposure type. */ public T get() { return instance; } - - /** Returns the object mapped to the provided exposure type. */ - public T get(WorkspaceExposureType exposureType) { - return instanceMap.get(exposureType); - } } diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/CombinedSingleHostServerExposer.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/CombinedSingleHostServerExposer.java index 929190dd0e..89c9d44b88 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/CombinedSingleHostServerExposer.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/CombinedSingleHostServerExposer.java @@ -11,9 +11,11 @@ */ package org.eclipse.che.workspace.infrastructure.kubernetes.server.external; -import static java.util.stream.Collectors.toMap; +import static java.lang.Boolean.FALSE; +import static org.eclipse.che.api.core.model.workspace.config.ServerConfig.REQUIRE_SUBDOMAIN; import io.fabric8.kubernetes.api.model.ServicePort; +import java.util.HashMap; import java.util.Map; import org.eclipse.che.api.core.model.workspace.config.ServerConfig; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment; @@ -70,8 +72,18 @@ public class CombinedSingleHostServerExposer serverId = servicePort.getName(); } - Map subpathServers = getStrategyConformingServers(externalServers); - Map subdomainServers = getServersRequiringSubdomain(externalServers); + Map subpathServers = new HashMap<>(); + Map subdomainServers = new HashMap<>(); + + for (String esKey : externalServers.keySet()) { + ServerConfig serverConfig = externalServers.get(esKey); + if (Boolean.parseBoolean( + serverConfig.getAttributes().getOrDefault(REQUIRE_SUBDOMAIN, FALSE.toString()))) { + subdomainServers.put(esKey, serverConfig); + } else { + subpathServers.put(esKey, serverConfig); + } + } if (!subpathServers.isEmpty()) { subpathServerExposer.expose( @@ -83,24 +95,4 @@ public class CombinedSingleHostServerExposer k8sEnv, machineName, serviceName, serverId, servicePort, subdomainServers); } } - - @Override - public Map getStrategyConformingServers( - Map externalServers) { - return externalServers - .entrySet() - .stream() - .filter(e -> !e.getValue().isRequireSubdomain()) - .collect(toMap(Map.Entry::getKey, Map.Entry::getValue)); - } - - @Override - public Map getServersRequiringSubdomain( - Map externalServers) { - return externalServers - .entrySet() - .stream() - .filter(e -> e.getValue().isRequireSubdomain()) - .collect(toMap(Map.Entry::getKey, Map.Entry::getValue)); - } } diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/ExternalServerExposer.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/ExternalServerExposer.java index a645d48b98..dfce43eee9 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/ExternalServerExposer.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/external/ExternalServerExposer.java @@ -12,7 +12,6 @@ package org.eclipse.che.workspace.infrastructure.kubernetes.server.external; import io.fabric8.kubernetes.api.model.ServicePort; -import java.util.Collections; import java.util.Map; import org.eclipse.che.api.core.model.workspace.config.ServerConfig; import org.eclipse.che.commons.annotation.Nullable; @@ -49,28 +48,4 @@ public interface ExternalServerExposer { String serverId, ServicePort servicePort, Map externalServers); - - /** - * Returns the servers from the provided map that should be deployed using the current configured - * server exposure strategy. - * - * @param externalServers all the external servers that are being deployed - * @return a view of the provided map - */ - default Map getStrategyConformingServers( - Map externalServers) { - return externalServers; - } - - /** - * Returns the servers from the provided map that should be deployed on a subdomain regardless of - * the current configured server exposure strategy. - * - * @param externalServers all the external servers that are being deployed - * @return a view of the provided map - */ - default Map getServersRequiringSubdomain( - Map externalServers) { - return Collections.emptyMap(); - } } diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/DefaultSecureServerExposer.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/DefaultSecureServerExposer.java index da4e4b5be4..c6b0077b38 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/DefaultSecureServerExposer.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/DefaultSecureServerExposer.java @@ -93,32 +93,6 @@ public class DefaultSecureServerExposer Map secureServers) throws InfrastructureException { - Map conformingServers = - exposer.getStrategyConformingServers(secureServers); - Map subdomainServers = - exposer.getServersRequiringSubdomain(secureServers); - - if (!conformingServers.isEmpty()) { - doExpose( - k8sEnv, pod, machineName, serviceName, serverId, servicePort, false, conformingServers); - } - - if (!subdomainServers.isEmpty()) { - doExpose( - k8sEnv, pod, machineName, serviceName, serverId, servicePort, true, subdomainServers); - } - } - - private void doExpose( - T k8sEnv, - PodData pod, - String machineName, - @Nullable String serviceName, - @Nullable String serverId, - ServicePort servicePort, - boolean requireSubdomain, - Map secureServers) - throws InfrastructureException { ServicePort exposedServicePort = proxyProvisioner.expose( k8sEnv, @@ -127,7 +101,6 @@ public class DefaultSecureServerExposer serviceName, servicePort, servicePort.getProtocol(), - requireSubdomain, secureServers); exposer.expose( diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/ProxyProvisioner.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/ProxyProvisioner.java index 072aa4e60e..a91b39e19f 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/ProxyProvisioner.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/ProxyProvisioner.java @@ -38,8 +38,6 @@ public interface ProxyProvisioner { * @param backendServiceName service name that will be exposed * @param backendServicePort service port that will be exposed * @param protocol protocol that will be used for exposed port - * @param requireSubdomain if true, the supplied servers are supposed to require a subdomain, if - * false the servers are considered to follow the configured exposure strategy * @param secureServers secure servers to expose * @return JWTProxy service port that expose the specified one * @throws InfrastructureException if any exception occurs during port exposing @@ -51,7 +49,6 @@ public interface ProxyProvisioner { @Nullable String backendServiceName, ServicePort backendServicePort, String protocol, - boolean requireSubdomain, Map secureServers) throws InfrastructureException; diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/AbstractJwtProxyProvisioner.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/AbstractJwtProxyProvisioner.java index becf406e81..c45e7ddddd 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/AbstractJwtProxyProvisioner.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/AbstractJwtProxyProvisioner.java @@ -51,7 +51,6 @@ import org.eclipse.che.workspace.infrastructure.kubernetes.environment.Kubernete import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData; import org.eclipse.che.workspace.infrastructure.kubernetes.server.ServerServiceBuilder; import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.ProxyProvisioner; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.factory.JwtProxyConfigBuilderFactory; @@ -74,9 +73,7 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { private final Map attributes; private final String serviceName; private final ExternalServiceExposureStrategy externalServiceExposureStrategy; - private final MultiHostExternalServiceExposureStrategy multiHostExternalServiceExposureStrategy; private final CookiePathStrategy cookiePathStrategy; - private final MultiHostCookiePathStrategy multihostCookiePathStrategy; private final String imagePullPolicy; private int availablePort; private final KeyPair keyPair; @@ -100,9 +97,7 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { KeyPair signatureKeyPair, JwtProxyConfigBuilderFactory jwtProxyConfigBuilderFactory, ExternalServiceExposureStrategy externalServiceExposureStrategy, - MultiHostExternalServiceExposureStrategy multiHostStrategy, CookiePathStrategy cookiePathStrategy, - MultiHostCookiePathStrategy multihostCookiePathStrategy, String jwtProxyImage, String memoryLimitBytes, String cpuLimitCores, @@ -113,9 +108,7 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { this.proxyConfigBuilder = jwtProxyConfigBuilderFactory.create(workspaceId); this.jwtProxyImage = jwtProxyImage; this.externalServiceExposureStrategy = externalServiceExposureStrategy; - this.multiHostExternalServiceExposureStrategy = multiHostStrategy; this.cookiePathStrategy = cookiePathStrategy; - this.multihostCookiePathStrategy = multihostCookiePathStrategy; this.imagePullPolicy = imagePullPolicy; this.serviceName = generate(SERVER_PREFIX, SERVER_UNIQUE_PART_SIZE) + "-jwtproxy"; @@ -163,7 +156,6 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { String backendServiceName, ServicePort backendServicePort, String protocol, - boolean requireSubdomain, Map secureServers) throws InfrastructureException { Preconditions.checkArgument( @@ -205,13 +197,6 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { k8sEnv.getServices().get(serviceName).getSpec().getPorts().add(exposedPort); - CookiePathStrategy actualCookiePathStrategy = - requireSubdomain ? multihostCookiePathStrategy : cookiePathStrategy; - ExternalServiceExposureStrategy actualExposureStrategy = - requireSubdomain - ? multiHostExternalServiceExposureStrategy - : externalServiceExposureStrategy; - // JwtProxySecureServerExposer creates no service for the exposed secure servers and // assumes everything will be proxied from localhost, because JWT proxy is collocated // with the workspace pod (because it is added to the environment as an injectable pod). @@ -227,8 +212,8 @@ abstract class AbstractJwtProxyProvisioner implements ProxyProvisioner { "http://" + backendServiceName + ":" + backendServicePort.getTargetPort().getIntVal(), excludes, cookiesAuthEnabled == null ? false : cookiesAuthEnabled, - actualCookiePathStrategy.get(serviceName, exposedPort), - actualExposureStrategy.getExternalPath(serviceName, exposedPort.getName())); + cookiePathStrategy.get(serviceName, exposedPort), + externalServiceExposureStrategy.getExternalPath(serviceName, exposedPort.getName())); k8sEnv .getConfigMaps() .get(getConfigMapName()) diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java index 29e895bfdf..56a8bacf7e 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisioner.java @@ -21,7 +21,6 @@ import org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException; import org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManager; import org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException; import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.factory.JwtProxyConfigBuilderFactory; /** @@ -51,9 +50,7 @@ public class JwtProxyProvisioner extends AbstractJwtProxyProvisioner { SignatureKeyManager signatureKeyManager, JwtProxyConfigBuilderFactory jwtProxyConfigBuilderFactory, ExternalServiceExposureStrategy externalServiceExposureStrategy, - MultiHostExternalServiceExposureStrategy multiHostStrategy, CookiePathStrategy cookiePathStrategy, - MultiHostCookiePathStrategy multiHostCookiePathStrategy, @Named("che.server.secure_exposer.jwtproxy.image") String jwtProxyImage, @Named("che.server.secure_exposer.jwtproxy.memory_limit") String memoryLimitBytes, @Named("che.server.secure_exposer.jwtproxy.cpu_limit") String cpuLimitCores, @@ -64,9 +61,7 @@ public class JwtProxyProvisioner extends AbstractJwtProxyProvisioner { constructKeyPair(signatureKeyManager, identity), jwtProxyConfigBuilderFactory, externalServiceExposureStrategy, - multiHostStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, jwtProxyImage, memoryLimitBytes, cpuLimitCores, diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/MultiHostCookiePathStrategy.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/MultiHostCookiePathStrategy.java deleted file mode 100644 index 9d491d9bd9..0000000000 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/MultiHostCookiePathStrategy.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright (c) 2012-2018 Red Hat, Inc. - * This program and the accompanying materials are made - * available under the terms of the Eclipse Public License 2.0 - * which is available at https://www.eclipse.org/legal/epl-2.0/ - * - * SPDX-License-Identifier: EPL-2.0 - * - * Contributors: - * Red Hat, Inc. - initial API and implementation - */ -package org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy; - -import static org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy.MULTI_HOST_STRATEGY; - -import javax.inject.Singleton; - -/** - * A specialization of the {@link CookiePathStrategy} for multi-host server strategy. We need this - * declared specifically to be able to use both the configured strategy and multi-host in case of - * workspaces with mixed endpoints. - */ -@Singleton -public class MultiHostCookiePathStrategy extends CookiePathStrategy { - public MultiHostCookiePathStrategy() { - super(MULTI_HOST_STRATEGY); - } -} diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisioner.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisioner.java index 7890d8fe9c..5ff019c683 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisioner.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisioner.java @@ -23,7 +23,6 @@ import org.eclipse.che.api.core.model.workspace.config.ServerConfig; import org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity; import org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException; import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.factory.JwtProxyConfigBuilderFactory; /** @@ -37,9 +36,7 @@ public class PassThroughProxyProvisioner extends AbstractJwtProxyProvisioner { public PassThroughProxyProvisioner( JwtProxyConfigBuilderFactory jwtProxyConfigBuilderFactory, ExternalServiceExposureStrategy externalServiceExposureStrategy, - MultiHostExternalServiceExposureStrategy multiHostStrategy, CookiePathStrategy cookiePathStrategy, - MultiHostCookiePathStrategy multiHostCookiePathStrategy, @Named("che.server.secure_exposer.jwtproxy.image") String jwtImage, @Named("che.server.secure_exposer.jwtproxy.memory_limit") String memoryLimitBytes, @Named("che.server.secure_exposer.jwtproxy.cpu_limit") String cpuLimitCores, @@ -50,9 +47,7 @@ public class PassThroughProxyProvisioner extends AbstractJwtProxyProvisioner { constructSignatureKeyPair(), jwtProxyConfigBuilderFactory, externalServiceExposureStrategy, - multiHostStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, jwtImage, memoryLimitBytes, cpuLimitCores, diff --git a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisionerTest.java b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisionerTest.java index db4a05c4e0..ddd4eb74a6 100644 --- a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisionerTest.java +++ b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisionerTest.java @@ -14,9 +14,6 @@ package org.eclipse.che.workspace.infrastructure.kubernetes.provision; import static java.util.Collections.emptyMap; import static java.util.Collections.singletonMap; import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.eq; -import static org.mockito.Mockito.lenient; -import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; @@ -29,7 +26,6 @@ import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl; import org.eclipse.che.api.workspace.server.spi.InfrastructureException; import org.eclipse.che.workspace.infrastructure.kubernetes.Annotations; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.WorkspaceExposureType; import org.eclipse.che.workspace.infrastructure.kubernetes.util.GatewayConfigmapLabels; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; @@ -45,8 +41,6 @@ public class GatewayTlsProvisionerTest { @Mock private KubernetesEnvironment k8sEnv; @Mock private RuntimeIdentity runtimeIdentity; @Mock private GatewayConfigmapLabels gatewayConfigmapLabels; - @Mock private TlsProvisionerProvider tlsProvisionerProvider; - @Mock private TlsProvisioner nativeTlsProvisioner; private final ServerConfigImpl httpServer = new ServerConfigImpl("8080/tpc", "http", "/api", emptyMap()); @@ -58,9 +52,7 @@ public class GatewayTlsProvisionerTest { @BeforeMethod public void setUp() { - lenient().when(gatewayConfigmapLabels.isGatewayConfig(any(ConfigMap.class))).thenReturn(true); - when(tlsProvisionerProvider.get(eq(WorkspaceExposureType.NATIVE))) - .thenReturn(nativeTlsProvisioner); + when(gatewayConfigmapLabels.isGatewayConfig(any(ConfigMap.class))).thenReturn(true); } @Test(dataProvider = "tlsProvisionData") @@ -79,7 +71,7 @@ public class GatewayTlsProvisionerTest { .build(); GatewayTlsProvisioner gatewayTlsProvisioner = - new GatewayTlsProvisioner<>(tlsEnabled, gatewayConfigmapLabels, tlsProvisionerProvider); + new GatewayTlsProvisioner<>(tlsEnabled, gatewayConfigmapLabels); when(k8sEnv.getConfigMaps()).thenReturn(singletonMap("route", routeConfigMap)); @@ -123,24 +115,11 @@ public class GatewayTlsProvisionerTest { when(k8sEnv.getConfigMaps()).thenReturn(singletonMap("route", routeConfigMap)); GatewayTlsProvisioner gatewayTlsProvisioner = - new GatewayTlsProvisioner<>(true, gatewayConfigmapLabels, tlsProvisionerProvider); + new GatewayTlsProvisioner<>(true, gatewayConfigmapLabels); // when gatewayTlsProvisioner.provision(k8sEnv, runtimeIdentity); // then exception } - - @Test - public void nativeRoutesProvisioned() throws Exception { - // given - GatewayTlsProvisioner gatewayTlsProvisioner = - new GatewayTlsProvisioner<>(true, gatewayConfigmapLabels, tlsProvisionerProvider); - - // when - gatewayTlsProvisioner.provision(k8sEnv, runtimeIdentity); - - // then - verify(nativeTlsProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity)); - } } diff --git a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisionerTest.java b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisionerTest.java index bb48e67719..50997d5335 100644 --- a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisionerTest.java +++ b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxyProvisionerTest.java @@ -27,8 +27,6 @@ import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.isNull; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.never; -import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; @@ -58,7 +56,6 @@ import org.eclipse.che.multiuser.machine.authentication.server.signature.Signatu import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData; import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.factory.JwtProxyConfigBuilderFactory; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; @@ -84,10 +81,7 @@ public class JwtProxyProvisionerTest { @Mock private PublicKey publicKey; @Mock private JwtProxyConfigBuilderFactory configBuilderFactory; @Mock private ExternalServiceExposureStrategy externalServiceExposureStrategy; - @Mock private MultiHostExternalServiceExposureStrategy multiHostExternalServiceExposureStrategy; - private CookiePathStrategy cookiePathStrategy = spy(new CookiePathStrategy(MULTI_HOST_STRATEGY)); - private MultiHostCookiePathStrategy multiHostCookiePathStrategy = - spy(new MultiHostCookiePathStrategy()); + private CookiePathStrategy cookiePathStrategy = new CookiePathStrategy(MULTI_HOST_STRATEGY); private JwtProxyProvisioner jwtProxyProvisioner; private KubernetesEnvironment k8sEnv; @@ -107,9 +101,7 @@ public class JwtProxyProvisionerTest { signatureKeyManager, configBuilderFactory, externalServiceExposureStrategy, - multiHostExternalServiceExposureStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, "eclipse/che-jwtproxy", "128mb", "0.5", @@ -143,7 +135,6 @@ public class JwtProxyProvisionerTest { "terminal", port, "TCP", - false, ImmutableMap.of("server", secureServer)); // then @@ -214,7 +205,6 @@ public class JwtProxyProvisionerTest { "terminal", port, "TCP", - false, ImmutableMap.of("server1", server1, "server2", server2, "server3", server3)); } @@ -229,9 +219,7 @@ public class JwtProxyProvisionerTest { signatureKeyManager, configBuilderFactory, externalServiceExposureStrategy, - multiHostExternalServiceExposureStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, "eclipse/che-jwtproxy", "128mb", "500m", @@ -262,7 +250,6 @@ public class JwtProxyProvisionerTest { "terminal", port, "TCP", - false, ImmutableMap.of("server1", server1)); // then @@ -280,9 +267,7 @@ public class JwtProxyProvisionerTest { signatureKeyManager, configBuilderFactory, externalServiceExposureStrategy, - multiHostExternalServiceExposureStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, "eclipse/che-jwtproxy", "128mb", "0.5", @@ -302,7 +287,6 @@ public class JwtProxyProvisionerTest { "terminal", port, "TCP", - false, ImmutableMap.of("server1", server1)); // then @@ -322,9 +306,7 @@ public class JwtProxyProvisionerTest { signatureKeyManager, configBuilderFactory, externalServiceExposureStrategy, - multiHostExternalServiceExposureStrategy, cookiePathStrategy, - multiHostCookiePathStrategy, "eclipse/che-jwtproxy", "128mb", "0.5", @@ -338,14 +320,7 @@ public class JwtProxyProvisionerTest { // when jwtProxyProvisioner.expose( - k8sEnv, - podWithName(), - "machine", - null, - port, - "TCP", - false, - ImmutableMap.of("server1", server1)); + k8sEnv, podWithName(), "machine", null, port, "TCP", ImmutableMap.of("server1", server1)); // then verify(configBuilder) @@ -353,52 +328,6 @@ public class JwtProxyProvisionerTest { eq(4400), eq("http://127.0.0.1:4401"), eq(emptySet()), eq(false), eq("/"), isNull()); } - @Test - public void multiHostStrategiesUsedForServerRequiringSubdomain() throws Exception { - // given - JwtProxyConfigBuilder configBuilder = mock(JwtProxyConfigBuilder.class); - when(configBuilderFactory.create(any())).thenReturn(configBuilder); - - jwtProxyProvisioner = - new JwtProxyProvisioner( - signatureKeyManager, - configBuilderFactory, - externalServiceExposureStrategy, - multiHostExternalServiceExposureStrategy, - cookiePathStrategy, - multiHostCookiePathStrategy, - "eclipse/che-jwtproxy", - "128mb", - "0.5", - "Always", - runtimeId); - - ServerConfigImpl server1 = new ServerConfigImpl("4401/tcp", "http", "/", emptyMap()); - - ServicePort port = new ServicePort(); - port.setTargetPort(new IntOrString(4401)); - - // when - jwtProxyProvisioner.expose( - k8sEnv, - podWithName(), - "machine", - null, - port, - "TCP", - true, - ImmutableMap.of("server1", server1)); - - // then - verify(configBuilder) - .addVerifierProxy( - eq(4400), eq("http://127.0.0.1:4401"), eq(emptySet()), eq(false), eq("/"), isNull()); - verify(externalServiceExposureStrategy, never()).getExternalPath(any(), any()); - verify(cookiePathStrategy, never()).get(any(), any()); - verify(multiHostExternalServiceExposureStrategy).getExternalPath(any(), any()); - verify(multiHostCookiePathStrategy).get(any(), any()); - } - private static PodData podWithName() { ObjectMeta meta = new ObjectMeta(); meta.setName("a-pod-name"); diff --git a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxySecureServerExposerTest.java b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxySecureServerExposerTest.java index 92613e9e53..cc3428afd4 100644 --- a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxySecureServerExposerTest.java +++ b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/JwtProxySecureServerExposerTest.java @@ -12,7 +12,6 @@ package org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy; import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.isNull; @@ -23,7 +22,6 @@ import static org.mockito.Mockito.when; import com.google.common.collect.ImmutableMap; import io.fabric8.kubernetes.api.model.IntOrString; import io.fabric8.kubernetes.api.model.ServicePort; -import java.util.Collections; import java.util.Map; import org.eclipse.che.api.core.model.workspace.config.ServerConfig; import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl; @@ -75,12 +73,10 @@ public class JwtProxySecureServerExposerTest { ServicePort jwtProxyServicePort = new ServicePort(); doReturn(jwtProxyServicePort) .when(jwtProxyProvisioner) - .expose(any(), any(), anyString(), anyString(), any(), anyString(), anyBoolean(), any()); + .expose(any(), any(), anyString(), anyString(), any(), anyString(), any()); when(jwtProxyProvisioner.getServiceName()).thenReturn(JWT_PROXY_SERVICE_NAME); - when(externalServerExposer.getStrategyConformingServers(eq(servers))).thenReturn(servers); - // when secureServerExposer.expose( k8sEnv, null, MACHINE_NAME, MACHINE_SERVICE_NAME, null, machineServicePort, servers); @@ -94,7 +90,6 @@ public class JwtProxySecureServerExposerTest { eq(MACHINE_SERVICE_NAME), eq(machineServicePort), eq("TCP"), - eq(false), any()); verify(externalServerExposer) .expose( @@ -105,77 +100,4 @@ public class JwtProxySecureServerExposerTest { eq(jwtProxyServicePort), eq(servers)); } - - @Test - public void shouldUseMultiHostStrategyForSubdomainRequiringServers() throws Exception { - // given - ServicePort machineServicePort = new ServicePort(); - machineServicePort.setTargetPort(new IntOrString(8080)); - machineServicePort.setProtocol("TCP"); - Map servers = - ImmutableMap.of( - "server1", - new ServerConfigImpl("8080/tcp", "http", "/api", ImmutableMap.of("secure", "true")), - "server2", - new ServerConfigImpl("8080/tcp", "ws", "/connect", ImmutableMap.of("secure", "true"))); - - Map conformingServers = - Collections.singletonMap("server1", servers.get("server1")); - Map subdomainServers = - Collections.singletonMap("server2", servers.get("server2")); - - ServicePort jwtProxyServicePort = new ServicePort(); - doReturn(jwtProxyServicePort) - .when(jwtProxyProvisioner) - .expose(any(), any(), anyString(), anyString(), any(), anyString(), anyBoolean(), any()); - - when(jwtProxyProvisioner.getServiceName()).thenReturn(JWT_PROXY_SERVICE_NAME); - - when(externalServerExposer.getStrategyConformingServers(eq(servers))) - .thenReturn(conformingServers); - when(externalServerExposer.getServersRequiringSubdomain(eq(servers))) - .thenReturn(subdomainServers); - - // when - secureServerExposer.expose( - k8sEnv, null, MACHINE_NAME, MACHINE_SERVICE_NAME, null, machineServicePort, servers); - - // then - verify(jwtProxyProvisioner) - .expose( - eq(k8sEnv), - any(), - anyString(), - eq(MACHINE_SERVICE_NAME), - eq(machineServicePort), - eq("TCP"), - eq(false), - any()); - verify(jwtProxyProvisioner) - .expose( - eq(k8sEnv), - any(), - anyString(), - eq(MACHINE_SERVICE_NAME), - eq(machineServicePort), - eq("TCP"), - eq(true), - any()); - verify(externalServerExposer) - .expose( - eq(k8sEnv), - eq(MACHINE_NAME), - eq(JWT_PROXY_SERVICE_NAME), - isNull(), - eq(jwtProxyServicePort), - eq(conformingServers)); - verify(externalServerExposer) - .expose( - eq(k8sEnv), - eq(MACHINE_NAME), - eq(JWT_PROXY_SERVICE_NAME), - isNull(), - eq(jwtProxyServicePort), - eq(subdomainServers)); - } } diff --git a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisionerTest.java b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisionerTest.java index 435a282b9a..04354fa460 100644 --- a/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisionerTest.java +++ b/infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/server/secure/jwtproxy/PassThroughProxyProvisionerTest.java @@ -33,7 +33,6 @@ import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment; import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData; import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy; -import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy; import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.factory.JwtProxyConfigBuilderFactory; import org.mockito.testng.MockitoTestNGListener; import org.testng.annotations.Listeners; @@ -62,9 +61,7 @@ public class PassThroughProxyProvisionerTest { new PassThroughProxyProvisioner( configBuilderFactory, mock(ExternalServiceExposureStrategy.class), - mock(MultiHostExternalServiceExposureStrategy.class), new CookiePathStrategy(MULTI_HOST_STRATEGY), - new MultiHostCookiePathStrategy(), "eclipse/che-jwtproxy", "128mb", "0.5", @@ -87,7 +84,6 @@ public class PassThroughProxyProvisionerTest { "terminal", port, "TCP", - false, ImmutableMap.of("server1", server1)); // then diff --git a/wsmaster/che-core-api-workspace/src/main/java/org/eclipse/che/api/workspace/server/model/impl/ServerConfigImpl.java b/wsmaster/che-core-api-workspace/src/main/java/org/eclipse/che/api/workspace/server/model/impl/ServerConfigImpl.java index b34867763a..6e69728514 100644 --- a/wsmaster/che-core-api-workspace/src/main/java/org/eclipse/che/api/workspace/server/model/impl/ServerConfigImpl.java +++ b/wsmaster/che-core-api-workspace/src/main/java/org/eclipse/che/api/workspace/server/model/impl/ServerConfigImpl.java @@ -196,7 +196,9 @@ public class ServerConfigImpl implements ServerConfig { ServerConfig.setInternal(attributes, true); } - ServerConfig.setRequireSubdomain(attributes, devfileEndpoint); + if (devfileEndpoint) { + attributes.put(REQUIRE_SUBDOMAIN, Boolean.TRUE.toString()); + } return new ServerConfigImpl(Integer.toString(endpoint.getPort()), protocol, path, attributes); }