[ports-plugin] don't prompt user to redirect endpoints with exposure: none
#301
Conversation
The JWT proxy was removed as of Che 7.42 and is no longer used. See Che issue eclipse-che/che#21275 for details. Signed-off-by: Angel Misevski <[email protected]>
…n ports-plugin If an endpoint exists in the devfile and has exposure: none, we shouldn't prompt the user to expose that endpoint if a process starts listening on localhost. Signed-off-by: Angel Misevski <[email protected]>
If a process starts that is listening to localhost (and is thus inaccessible from outside the pod), we show a prompt to the user to add it to Code's redirect routes. However, if the process is listening on a port that matches a public endpoint in the devfile, we should prompt differently, noting the potential error, since the user intends to use the endpoint route instead of a redirect route. Signed-off-by: Angel Misevski <[email protected]>
amisevsk
requested review from
azatsarynnyy,
RomanNikitenko,
vitaliy-guliy and
l0rd
as code owners
|
Click here to review and test in web IDE: |
&message=Dev%20cluster%20(for%20maintainers)&logo=eclipseche&color=525C86&labelColor=FDB940)
|
The smoke test failure is due to a current quay.io outage |
There was a problem hiding this comment.
I tested the patch with my test project and I can confirm that it works as described above.
I just had to modify the last line in the test.js script to listen on 2223 instead of 2222 according to the edpoints declared in the provided test Devfile.
Thanks @amisevsk for your PR and for removing the obsolete code.
|
I rerun the smoke tests. |
Ah yeah, I fixed that in my tests but I fixed it in the DevWorkspace and forgot to update the devfile. I will update the sample devfile 👍 |
|
I confused a bit. Why do we have the first prompt if we have the same definition for 2220 and 1110? Anyway, I haven't played yet with http server bind to a specific ip/host. |
The first prompt is because the server that's listening on port 2220 is only listening on localhost (instead of 0.0.0.0), and so would be inaccessible from outside the container. To connect to this server, we would need an in-container proxy (which is what Code will do if you accept the prompt) -- the route/ingress created for port 2220 will not be able to connect. Previously, the user would see the same prompt as for other non-exposed endpoints (e.g. if you listen on port 9999), where Code is asking if you want it to proxy connections to 9999 within the container. I changed the prompt to point out the potential issue, since the public endpoint suggests the user wants to use that endpoint's URL to connect instead of a redirect route/ingress.
|
|
For reference, this is what the prompts look like in the current main branch:
The first one in this screenshot is due to eclipse-che/che#22655. The second one is the generic "your process is listening on localhost instead of 0.0.0.0", which is changed in this PR to reflect that an endpoint exists and isn't being used. |
What does this PR do?
Updates how endpoints are handled in the ports plugin:
exposure: none, do not prompt the user to redirect this portexposure: public, change the redirect prompt to mention this specifically, as it may indicate unexpected behavior in the editor (redirecting a process rather than serving it over the defined endpoint in the devfile)This PR also removes some old JWT handling code, since we don't use JWT anymore.
What issues does this PR fix?
Closes eclipse-che/che#22655
How to test this PR?
The easiest way to test this PR is via this devfile https://gist.github.com/amisevsk/2f11f0e282b93dc6413b0dd360437a7b and the following simple script (
test.js):The devfile has six endpoints:
1110,1111, and1112arepublic,internal, andnoneendpoints (in that order) for testing "listen on 0.0.0.0"2220,2221, and2222arepublic,internal, andnoneendpoints (in that order) for testing "listen on localhost"If you run the
test.jsscript, you should see:Two prompts -- one for the public endpoint and one warning/prompt for the public-internal endpoint
Four logs in the ports plugins output pane: