che-server icon indicating copy to clipboard operation
che-server copied to clipboard
verified publisher icon eclipse-che

Add Azure DevOps Server support

Open vinokurig opened this issue 1 year ago • 5 comments

What does this PR do?

  • Add Azure DevOps Server support to use with PAT ONLY, as the azure Devops Api does not support oauth2, see: https://github.com/eclipse-che/che/issues/23306#issuecomment-2589501831
  • Change the gitconfig storage configmap to a secret because we are going to mount sensitive data to the devworkspace system scope gitconfig, see: https://github.com/eclipse-che/che-dashboard/pull/1313

Depends on https://github.com/eclipse-che/che-dashboard/pull/1313

Screenshot/screencast of this PR

What issues does this PR fix or reference?

fixes https://github.com/eclipse-che/che/issues/23306

How to test this PR?

  1. Deploy che with the pull request image: quay.io/eclipse/che-server:pr-754 and quay.io/eclipse/che-dashboard:pr-1313
  2. In the Dev azure Server instance create a personal access token with full access.
  3. Create a personal access token, use the Organization input to enter the Collection name.
  4. Start a workspace from an azure devops server repository with a devfile.

See: workspace starts with the devfile resolve.

PR Checklist

As the author of this Pull Request I made sure that:

Release Notes

Reviewers

Reviewers, please comment how you tested the PR when approving it.

vinokurig avatar Jan 20 '25 14:01 vinokurig

/retest

vinokurig avatar Jan 21 '25 15:01 vinokurig

/retest

vinokurig avatar Jan 22 '25 07:01 vinokurig

/retest

vinokurig avatar Feb 19 '25 14:02 vinokurig

@vinokurig: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/v14-gitlab-with-oauth-setup-flow 7681e711cd0cc2b2171326894ffe05458f6236f0 link true /test v14-gitlab-with-oauth-setup-flow

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci[bot] avatar Mar 03 '25 13:03 openshift-ci[bot]

@vinokurig : after the review of this feature demo, I can admit that adding extraheader under the [http] section manually, with need to encode the personal access token and enter it in the 'Import Git Config' text area of User Preferences, could be a challenge for regular user. Do you think it's possible to get rid of this step by reusing existing Personal Access Token entered on the 'User Preferences > Personal Access Token' page?

dmytro-ndp avatar Mar 04 '25 15:03 dmytro-ndp

@dmytro-ndp That's a good point, we have discussed it with @ibuziuk and decided to keep the manual flow to be sure that this logic will not break the factory flow with other providers. Since we are adding authorization header to all git requests we want user to be aware of that and if something goes wrong, the user will be able to revert the header. When we are sure that this is safe we will add a mechanism that will automatically add the configuration to the workspace gitconfig.

vinokurig avatar Mar 04 '25 15:03 vinokurig

@vinokurig : hello FYI:

verification of https://github.com/eclipse-che/che/issues/23306 issue fix up has been passed.

See test details below:

Test scenario to check https://github.com/eclipse-che/che/issues/23306 issue:

  1. Deploy che with the pull request image: quay.io/eclipse/che-server:pr-754.
  2. In the Dev azure Server instance create a personal access token with full access.
  3. Create a personal access token, use the Organization input to enter the Collection name.
  4. Change gitconfig according to documentation
  5. Start a workspace from an azure devops server repository with a devfile.
  6. Create new file and commit changes to new brach.
  7. Push changes and check them on Azure Server test repo page.

SkorikSergey avatar Mar 12 '25 11:03 SkorikSergey

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ibuziuk, SkorikSergey, vinokurig

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar Mar 12 '25 11:03 openshift-ci[bot]

@vinokurig After adding token according to this documentation I have also started workspace from private repo GitHub Enterprise Server(OAuth accepted). Workspace started successfully but project was not cloned. After removing token from gitconfig works as expected. Selection_101 Selection_099

SkorikSergey avatar Mar 12 '25 12:03 SkorikSergey

@vinokurig I think we should at very least mention this caveat in the docs

ibuziuk avatar Mar 12 '25 15:03 ibuziuk

Build 3.20 :: server_3.x/389: Console, Changes, Git Data

devspacesbuild avatar Mar 13 '25 07:03 devspacesbuild

Build 3.20 :: sync-to-downstream_3.x/8902: Console, Changes, Git Data

devspacesbuild avatar Mar 13 '25 07:03 devspacesbuild

Build 3.20 :: get-sources-rhpkg-container-build_3.x/9021: Console, Changes, Git Data

devspacesbuild avatar Mar 13 '25 07:03 devspacesbuild

Build 3.20 :: get-sources-rhpkg-container-build_3.x/9021: FAILURE

server : 3.x :: Failed in 66972204 : BREW:BUILD/STATUS:UNKNOWN
FAILURE:; copied to quay

devspacesbuild avatar Mar 13 '25 07:03 devspacesbuild