fix: temporary switch to root

Ref #4429
apache · Jun 28, 2023 · 5e83a25 · 5e83a25
1 parent f6fa287
commit 5e83a25
Show file tree

Hide file tree

Showing 10 changed files with 29 additions and 50 deletions.
diff --git a/build/Dockerfile b/build/Dockerfile
@@ -19,11 +19,13 @@ ARG MAVEN_DEFAULT_VERSION="3.8.6"
 ARG MAVEN_HOME="/usr/share/maven"
 ARG MAVEN_DIST_URL="https://archive.apache.org/dist/maven/maven-3/${MAVEN_DEFAULT_VERSION}/binaries/apache-maven-${MAVEN_DEFAULT_VERSION}-bin.zip"
 ARG MVNW_DIR="/usr/share/maven/mvnw/"
+ARG MVN_REPO="/etc/maven/m2"
 
 USER 0
 
 # Maven configuration
 RUN mkdir -p ${MAVEN_HOME}
+RUN mkdir -p ${MVN_REPO}
 COPY build/_maven_overlay/ /usr/share/maven/lib/
 ADD build/_maven_overlay/logback.xml /usr/share/maven/conf/
 
@@ -40,14 +42,11 @@ RUN ${MVNW_DIR}/mvnw --version | grep "Maven home:" | sed 's/Maven home: //' >>
     && rm $(cat ${MVNW_DIR}default)/lib/maven-slf4j-provider*
 ENV MAVEN_OPTS="${MAVEN_OPTS} -Dlogback.configurationFile=${MAVEN_HOME}/conf/logback.xml"
 
-ADD build/_maven_output /tmp/local/m2
+ADD build/_maven_output ${MVN_REPO}
 ADD build/_kamelets /kamelets
 
-RUN mkdir -p /etc/maven/m2 \
-    && chgrp -R 0 /etc/maven/m2 \
-    && chmod -R g=u /etc/maven/m2 \
-    && chgrp -R 0 /tmp/local/m2 \
-    && chmod -R g=u /tmp/local/m2 \
+RUN chgrp -R 0 ${MVN_REPO} \
+    && chmod -R g=u ${MVN_REPO} \
     && chgrp -R 0 /kamelets \
     && chmod -R g=u /kamelets \
     && chgrp -R 0 ${MAVEN_HOME} \

diff --git a/e2e/commonwithcustominstall/tekton_test.go b/e2e/commonwithcustominstall/tekton_test.go
@@ -41,7 +41,7 @@ func TestTektonLikeBehavior(t *testing.T) {
 		Expect(CreateOperatorRoleBinding(ns)).To(Succeed())
 
 		Eventually(OperatorPod(ns)).Should(BeNil())
-		Expect(CreateKamelPod(ns, "tekton-task", "install", "--storage=false", "--skip-cluster-setup", "--force")).To(Succeed())
+		Expect(CreateKamelPod(ns, "tekton-task", "install", "--skip-cluster-setup", "--force")).To(Succeed())
 
 		Eventually(OperatorPod(ns)).ShouldNot(BeNil())
 	})

diff --git a/e2e/install/cli/install_test.go b/e2e/install/cli/install_test.go
@@ -98,17 +98,6 @@ func TestBasicInstallation(t *testing.T) {
 	})
 }
 
-func TestEphemeralInstallation(t *testing.T) {
-	WithNewTestNamespace(t, func(ns string) {
-		operatorID := fmt.Sprintf("camel-k-%s", ns)
-		Expect(KamelInstallWithID(operatorID, ns, "--storage=false").Execute()).To(Succeed())
-		Eventually(OperatorPod(ns)).ShouldNot(BeNil())
-		Eventually(Platform(ns)).ShouldNot(BeNil())
-		Eventually(PlatformConditionStatus(ns, v1.IntegrationPlatformConditionReady), TestTimeoutShort).
-			Should(Equal(corev1.ConditionTrue))
-	})
-}
-
 func TestAlternativeImageInstallation(t *testing.T) {
 	WithNewTestNamespace(t, func(ns string) {
 		operatorID := fmt.Sprintf("camel-k-%s", ns)

diff --git a/go.mod b/go.mod
@@ -22,7 +22,6 @@ require (
 	github.com/onsi/gomega v1.27.8
 	github.com/openshift/api v3.9.1-0.20190927182313-d4a64ec2cbd8+incompatible
 	github.com/operator-framework/api v0.13.0
-	github.com/otiai10/copy v1.12.0
 	github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.60.0
 	github.com/prometheus/client_golang v1.16.0
 	github.com/prometheus/client_model v0.4.0

diff --git a/go.sum b/go.sum
@@ -552,9 +552,6 @@ github.com/openshift/api v3.9.1-0.20190927182313-d4a64ec2cbd8+incompatible/go.mo
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/operator-framework/api v0.13.0 h1:V1vUluRwajSBdDPCnzgTWDnn5LYxLk66VPVGMw3B7Uc=
 github.com/operator-framework/api v0.13.0/go.mod h1:FTiYGm11fZQ3cSX+EQHc/UWoGZAwkGfyeHU+wMJ8jmA=
-github.com/otiai10/copy v1.12.0 h1:cLMgSQnXBs1eehF0Wy/FAGsgDTDmAqFR7rQylBb1nDY=
-github.com/otiai10/copy v1.12.0/go.mod h1:rSaLseMUsZFFbsFGc7wCJnnkTAvdc5L6VWxPE4308Ww=
-github.com/otiai10/mint v1.5.1 h1:XaPLeE+9vGbuyEHem1JNk3bYc7KKqyI/na0/mLd/Kks=
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=

diff --git a/install/Makefile b/install/Makefile
@@ -85,7 +85,6 @@ ROLEBIN_TO_CROLEBIN_PATCH := $(RBAC)/patch-rolebinding-to-clusterrolebinding
 PORTS_PATCH := patch-ports
 LOG_LEVEL_PATCH := patch-log-level
 INSTALL_DEFAULT_KAMELETS_PATCH := patch-install-default-kamelets
-INSTALL_DEFAULT_PVC_PATCH := patch-install-default-pvc
 IMAGE_PULL_POLICY_PATCH := patch-image-pull-policy-always
 WATCH_NAMESPACE_PATCH := patch-watch-namespace-global
 # Platform patches
@@ -357,12 +356,6 @@ ifeq ($(INSTALL_DEFAULT_KAMELETS),false)
 else
 	@$(call add-remove-kind-patch,$(MANAGER),remove,$(INSTALL_DEFAULT_KAMELETS_PATCH).$(YAML),Deployment)
 endif
-# Set the INSTALL_DEFAULT_PVC config depending on var
-ifeq ($(INSTALL_DEFAULT_PVC),true)
-	@$(call add-remove-kind-patch,$(MANAGER),add,$(INSTALL_DEFAULT_PVC_PATCH).$(YAML),Deployment)
-else
-	@$(call add-remove-kind-patch,$(MANAGER),remove,$(INSTALL_DEFAULT_PVC_PATCH).$(YAML),Deployment)
-endif
 ifeq ($(DRY_RUN), false)
 	@$(KUSTOMIZE) build $(KOPTIONS) $@ | kubectl apply -f -
 else

diff --git a/pkg/controller/build/build_pod.go b/pkg/controller/build/build_pod.go
@@ -113,7 +113,8 @@ var (
 )
 
 func newBuildPod(ctx context.Context, c ctrl.Reader, build *v1.Build) (*corev1.Pod, error) {
-	var ugfid int64 = 1000
+	// TODO we must find a way to run this non-root
+	var ugfid int64 = 0
 	pod := &corev1.Pod{
 		TypeMeta: metav1.TypeMeta{
 			APIVersion: corev1.SchemeGroupVersion.String(),
@@ -258,10 +259,16 @@ func addBuildTaskToPod(build *v1.Build, taskName string, pod *corev1.Pod) {
 	}
 
 	var envVars = proxyFromEnvironment()
-	envVars = append(envVars, corev1.EnvVar{
-		Name:  "HOME",
-		Value: filepath.Join(builderDir, build.Name),
-	})
+	envVars = append(envVars,
+		corev1.EnvVar{
+			Name:  "HOME",
+			Value: filepath.Join(builderDir, build.Name),
+		},
+		/*corev1.EnvVar{
+			Name:  "MAVEN_USER_HOME",
+			Value: "/usr/share/maven",
+		},*/
+	)
 
 	container := corev1.Container{
 		Name:            taskName,

diff --git a/pkg/controller/catalog/initialize.go b/pkg/controller/catalog/initialize.go
@@ -37,6 +37,7 @@ import (
 	"github.com/apache/camel-k/v2/pkg/client"
 	platformutil "github.com/apache/camel-k/v2/pkg/platform"
 	"github.com/apache/camel-k/v2/pkg/util"
+	"github.com/apache/camel-k/v2/pkg/util/defaults"
 	"github.com/apache/camel-k/v2/pkg/util/kubernetes"
 	"github.com/apache/camel-k/v2/pkg/util/s2i"
 
@@ -285,8 +286,12 @@ func initializeS2i(ctx context.Context, c client.Client, ip *v1.IntegrationPlatf
 			return fmt.Errorf("cannot create tar archive: %w", err)
 		}
 
-		err = tarEntries(archiveFile, "/usr/local/bin/kamel:/usr/local/bin/kamel",
-			"/usr/share/maven/mvnw/:/usr/share/maven/mvnw/")
+		err = tarEntries(archiveFile,
+			"/usr/local/bin/kamel:/usr/local/bin/kamel",
+			"/usr/share/maven/mvnw/:/usr/share/maven/mvnw/",
+			// Required for snapshots dependencies in the runtimes
+			defaults.LocalRepository+":"+defaults.LocalRepository,
+		)
 		if err != nil {
 			return fmt.Errorf("cannot tar path entry: %w", err)
 		}
@@ -446,7 +451,10 @@ func buildRuntimeBuilderImageSpectrum(options spectrum.Options) error {
 
 	_, err := spectrum.Build(options,
 		"/usr/local/bin/kamel:/usr/local/bin/",
-		"/usr/share/maven/mvnw/:/usr/share/maven/mvnw/")
+		"/usr/share/maven/mvnw/:/usr/share/maven/mvnw/",
+		// Required for snapshots dependencies in the runtimes
+		defaults.LocalRepository+":"+defaults.LocalRepository,
+	)
 	if err != nil {
 		return err
 	}

diff --git a/pkg/controller/integrationkit/build.go b/pkg/controller/integrationkit/build.go
@@ -107,7 +107,6 @@ func (action *buildAction) handleBuildSubmitted(ctx context.Context, kit *v1.Int
 			}
 		}
 
-		// TODO : wrap in a func
 		// We may need to change certain builder configuration values
 		operatorNamespace := platform.GetOperatorNamespace()
 		buildConfig := v1.BuilderConfigurationTasks(env.Pipeline)
@@ -129,7 +128,6 @@ func (action *buildAction) handleBuildSubmitted(ctx context.Context, kit *v1.Int
 		buildConfig.ToolImage = env.CamelCatalog.Image
 		buildConfig.BuilderPodNamespace = operatorNamespace
 		v1.SetBuilderConfigurationTasks(env.Pipeline, buildConfig)
-		/////////////////////////////
 
 		build = &v1.Build{
 			TypeMeta: metav1.TypeMeta{

diff --git a/pkg/install/optional.go b/pkg/install/optional.go
@@ -24,21 +24,10 @@ import (
 	"github.com/apache/camel-k/v2/pkg/client"
 	"github.com/apache/camel-k/v2/pkg/util/defaults"
 	logutil "github.com/apache/camel-k/v2/pkg/util/log"
-	cp "github.com/otiai10/copy"
 )
 
 // OperatorStartupOptionalTools tries to install optional tools at operator startup and warns if something goes wrong.
 func OperatorStartupOptionalTools(ctx context.Context, c client.Client, namespace string, operatorNamespace string, log logutil.Logger) {
-	// Try to copy any local runtime dependency to maven repository
-
-	// Do not change the permissions on the target
-	opt := cp.Options{
-		PermissionControl: cp.DoNothing,
-	}
-	if err := cp.Copy("/tmp/local/m2", defaults.LocalRepository, opt); err != nil {
-		log.Infof("Could not copy local runtime dependencies due to %s", err.Error())
-	}
-
 	// Try to register the OpenShift CLI Download link if possible
 	if err := OpenShiftConsoleDownloadLink(ctx, c); err != nil {
 		log.Info("Cannot install OpenShift CLI download link: skipping.")