eclipse-che · skabashnyuk · Dec 21, 2020 · Dec 15, 2020 · Dec 15, 2020 · Dec 16, 2020
diff --git a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
@@ -489,6 +489,9 @@ che.infra.kubernetes.trusted_ca.src_configmap=NULL
 # Holds the copy of che.infra.kubernetes.trusted_ca.src_configmap but in a workspace namespace.
 # Content of this config map is mounted into all workspace containers including plugin brokers.
 # Do not change the config map name unless it conflicts with the already existing config map.
+# Note that the resulting config map name can be adjusted eventually to make it unique in k8s namespace.
+# The original name would be stored in `che.original_name` label.
+
 che.infra.kubernetes.trusted_ca.dest_configmap=ca-certs
 
 # Configures path on workspace containers where the CA bundle should be mount.

diff --git a/infrastructures/kubernetes/pom.xml b/infrastructures/kubernetes/pom.xml
@@ -255,11 +255,6 @@
             <artifactId>mockito-core</artifactId>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>org.mockito</groupId>
-            <artifactId>mockito-core</artifactId>
-            <scope>test</scope>
-        </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
             <artifactId>mockito-testng</artifactId>

diff --git a/...org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesEnvironmentProvisioner.java b/...org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesEnvironmentProvisioner.java
@@ -167,7 +167,6 @@ public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity)
       // 3 stage - add Kubernetes env items
       LOG.debug("Provisioning environment items for workspace '{}'", workspaceId);
       restartPolicyRewriter.provision(k8sEnv, identity);
-      uniqueNamesProvisioner.provision(k8sEnv, identity);
       resourceLimitRequestProvisioner.provision(k8sEnv, identity);
       nodeSelectorProvisioner.provision(k8sEnv, identity);
       externalServerTlsProvisioner.provision(k8sEnv, identity);
@@ -183,6 +182,7 @@ public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity)
       gitConfigProvisioner.provision(k8sEnv, identity);
       gatewayRouterProvisioner.provision(k8sEnv, identity);
       trustedCAProvisioner.provision(k8sEnv, identity);
+      uniqueNamesProvisioner.provision(k8sEnv, identity);
       LOG.debug("Provisioning Kubernetes environment done for workspace '{}'", workspaceId);
     }
   }

diff --git a/...a/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GitConfigProvisioner.java b/...a/org/eclipse/che/workspace/infrastructure/kubernetes/provision/GitConfigProvisioner.java
@@ -52,7 +52,7 @@
 @Singleton
 public class GitConfigProvisioner implements ConfigurationProvisioner<KubernetesEnvironment> {
 
-  public static final String GIT_CONFIG_MAP_NAME_SUFFIX = "-gitconfig";
+  public static final String GIT_CONFIG_MAP_NAME = "gitconfig";
 
   private static final String GIT_BASE_CONFIG_PATH = "/etc/";
   public static final String GIT_CONFIG = "gitconfig";
@@ -132,12 +132,7 @@ private Pair<String, String> getUserFromUserManager() throws NotFoundException,
   private void prepareAndProvisionGitConfiguration(
       String name, String email, KubernetesEnvironment k8sEnv, RuntimeIdentity identity) {
     prepareGitConfigurationContent(name, email)
-        .ifPresent(
-            content -> {
-              String configMapName = identity.getWorkspaceId() + GIT_CONFIG_MAP_NAME_SUFFIX;
-
-              doProvisionGitConfiguration(configMapName, content, k8sEnv);
-            });
+        .ifPresent(content -> doProvisionGitConfiguration(GIT_CONFIG_MAP_NAME, content, k8sEnv));
   }
 
   private String getStringValueOrNull(Map<String, Object> map, String key) {

diff --git a/...pse/che/workspace/infrastructure/kubernetes/provision/KubernetesTrustedCAProvisioner.java b/...pse/che/workspace/infrastructure/kubernetes/provision/KubernetesTrustedCAProvisioner.java
@@ -23,7 +23,6 @@
 import io.fabric8.kubernetes.api.model.VolumeMountBuilder;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.Optional;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
@@ -113,26 +112,21 @@ public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity runtimeID)
     }
 
     KubernetesNamespace namespace = namespaceFactory.getOrCreate(runtimeID);
-    Optional<ConfigMap> existing = namespace.configMaps().get(configMapName);
-    if (existing.isEmpty()
-        || !(existing.get().getData() == allCaCertsConfigMap.getData()
-            || existing.get().getData().equals(allCaCertsConfigMap.getData()))) {
-      // create or renew map
-      k8sEnv
-          .getConfigMaps()
-          .put(
-              configMapName,
-              new ConfigMapBuilder()
-                  .withMetadata(
-                      new ObjectMetaBuilder()
-                          .withName(configMapName)
-                          .withAnnotations(allCaCertsConfigMap.getMetadata().getAnnotations())
-                          .withLabels(configMapLabelKeyValue)
-                          .build())
-                  .withApiVersion(allCaCertsConfigMap.getApiVersion())
-                  .withData(allCaCertsConfigMap.getData())
-                  .build());
-    }
+
+    k8sEnv
+        .getConfigMaps()
+        .put(
+            configMapName,
+            new ConfigMapBuilder()
+                .withMetadata(
+                    new ObjectMetaBuilder()
+                        .withName(configMapName)
+                        .withAnnotations(allCaCertsConfigMap.getMetadata().getAnnotations())
+                        .withLabels(configMapLabelKeyValue)
+                        .build())
+                .withApiVersion(allCaCertsConfigMap.getApiVersion())
+                .withData(allCaCertsConfigMap.getData())
+                .build());
 
     for (PodData pod : k8sEnv.getPodsData().values()) {
       if (pod.getRole() == PodRole.DEPLOYMENT) {

diff --git a/...ava/org/eclipse/che/workspace/infrastructure/kubernetes/provision/SshKeysProvisioner.java b/...ava/org/eclipse/che/workspace/infrastructure/kubernetes/provision/SshKeysProvisioner.java
@@ -84,7 +84,7 @@ public class SshKeysProvisioner implements ConfigurationProvisioner<KubernetesEn
   private static final String SSH_CONFIG = "ssh_config";
   private static final String SSH_CONFIG_PATH = SSH_BASE_CONFIG_PATH + SSH_CONFIG;
 
-  private static final String SSH_CONFIG_MAP_NAME_SUFFIX = "-sshconfigmap";
+  private static final String SSH_CONFIG_MAP_NAME = "sshconfigmap";
   private static final String SSH_SECRET_NAME_SUFFIX = "-sshprivatekeys";
 
   private static final String SSH_SECRET_TYPE = "opaque";
@@ -250,7 +250,7 @@ private void doProvisionVcsSshConfig(
       sshConfigData.append(buildConfig(sshPair.getName()));
     }
 
-    String sshConfigMapName = wsId + SSH_CONFIG_MAP_NAME_SUFFIX;
+    String sshConfigMapName = SSH_CONFIG_MAP_NAME;
 
     Map<String, String> sshConfig = new HashMap<>();
     sshConfig.put(SSH_CONFIG, sshConfigData.toString());

diff --git a/...org/eclipse/che/workspace/infrastructure/kubernetes/provision/UniqueNamesProvisioner.java b/...org/eclipse/che/workspace/infrastructure/kubernetes/provision/UniqueNamesProvisioner.java
@@ -39,7 +39,8 @@
 import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData;
 
 /**
- * Makes names of Kubernetes pods and ingresses unique whole namespace by {@link Names}.
+ * Makes names of Kubernetes pods, ingresses and config maps unique whole namespace by {@link
+ * Names}.
  *
  * <p>Original names will be stored in {@link Constants#CHE_ORIGINAL_NAME_LABEL} label of renamed
  * object.

diff --git a/...ace/infrastructure/kubernetes/provision/secret/GitCredentialStorageFileSecretApplier.java b/...ace/infrastructure/kubernetes/provision/secret/GitCredentialStorageFileSecretApplier.java
@@ -64,10 +64,7 @@ public void applySecret(KubernetesEnvironment env, RuntimeIdentity runtimeIdenti
               keys.size()));
     }
     Path gitSecretFilePath = Paths.get(secretMountPath, keys.iterator().next());
-    ConfigMap gitConfigMap =
-        env.getConfigMaps()
-            .get(
-                runtimeIdentity.getWorkspaceId() + GitConfigProvisioner.GIT_CONFIG_MAP_NAME_SUFFIX);
+    ConfigMap gitConfigMap = env.getConfigMaps().get(GitConfigProvisioner.GIT_CONFIG_MAP_NAME);
     if (gitConfigMap != null) {
       Map<String, String> gitConfigMapData = gitConfigMap.getData();
       String gitConfig = gitConfigMapData.get(GitConfigProvisioner.GIT_CONFIG);

diff --git a/...eclipse/che/workspace/infrastructure/kubernetes/KubernetesEnvironmentProvisionerTest.java b/...eclipse/che/workspace/infrastructure/kubernetes/KubernetesEnvironmentProvisionerTest.java
@@ -153,7 +153,7 @@ public void performsOrderedProvisioning() throws Exception {
     provisionOrder.verify(envVarsProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verify(volumesStrategy).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verify(restartPolicyRewriter).provision(eq(k8sEnv), eq(runtimeIdentity));
-    provisionOrder.verify(uniqueNamesProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
+
     provisionOrder.verify(ramLimitProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verify(nodeSelectorProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder
@@ -170,6 +170,7 @@ public void performsOrderedProvisioning() throws Exception {
     provisionOrder.verify(gitConfigProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verify(gatewayRouterProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verify(trustedCAProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
+    provisionOrder.verify(uniqueNamesProvisioner).provision(eq(k8sEnv), eq(runtimeIdentity));
     provisionOrder.verifyNoMoreInteractions();
   }
 }
diff --git a/...g/eclipse/che/workspace/infrastructure/kubernetes/provision/GitConfigProvisionerTest.java b/...g/eclipse/che/workspace/infrastructure/kubernetes/provision/GitConfigProvisionerTest.java
@@ -205,9 +205,9 @@ public void testShouldCheckIfPodHasMountAndK8HasConfigMapForGitConfig() throws E
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -257,9 +257,9 @@ public void testShouldParseOnlyNameWhenEmailIsNotAString(String json) throws Exc
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -309,9 +309,9 @@ public void testShouldParseOnlyEmailWhenNameIsNotAString(String json) throws Exc
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -354,9 +354,9 @@ public void testShouldParseOnlyEmailWhenNameIsNotAString(String json) throws Exc
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -402,9 +402,9 @@ public void testShouldProvisionNameAndEmailFromUserManagerWhenUserPreferencesEmp
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -421,8 +421,6 @@ public void testShouldProvisionConfigForHttpsServer() throws Exception {
     when(vcsSslCertificateProvisioner.getGitServerHost()).thenReturn("https://localhost");
     when(vcsSslCertificateProvisioner.getCertPath()).thenReturn("/some/path");
 
-    when(runtimeIdentity.getWorkspaceId()).thenReturn("wksp");
-
     ObjectMeta podMeta = new ObjectMetaBuilder().withName("wksp").build();
     when(pod.getMetadata()).thenReturn(podMeta);
     when(pod.getSpec()).thenReturn(podSpec);
@@ -450,9 +448,9 @@ public void testShouldProvisionConfigForHttpsServer() throws Exception {
     assertEquals(mount.getSubPath(), "gitconfig");
 
     assertEquals(k8sEnv.getConfigMaps().size(), 1);
-    assertTrue(k8sEnv.getConfigMaps().containsKey("wksp-gitconfig"));
+    assertTrue(k8sEnv.getConfigMaps().containsKey("gitconfig"));
 
-    ConfigMap configMap = k8sEnv.getConfigMaps().get("wksp-gitconfig");
+    ConfigMap configMap = k8sEnv.getConfigMaps().get("gitconfig");
 
     assertEquals(configMap.getData().size(), 1);
     assertTrue(configMap.getData().containsKey("gitconfig"));
@@ -471,7 +469,6 @@ public void shouldNotProvisionVolumeButShouldMountInInjectablePods() throws Exce
         singletonMap(
             "theia-user-preferences", "{\"git.user.name\":\"user\",\"git.user.email\":\"email\"}");
     when(preferenceManager.find(eq("id"), eq("theia-user-preferences"))).thenReturn(preferences);
-    when(runtimeIdentity.getWorkspaceId()).thenReturn("wksp");
 
     Pod pod =
         new PodBuilder()

diff --git a/...clipse/che/workspace/infrastructure/kubernetes/provision/SshKeySecretProvisionerTest.java b/...clipse/che/workspace/infrastructure/kubernetes/provision/SshKeySecretProvisionerTest.java
@@ -144,9 +144,9 @@ public void addSshKeysConfigInPod() throws Exception {
 
     Map<String, ConfigMap> configMaps = k8sEnv.getConfigMaps();
     assertNotNull(configMaps);
-    assertTrue(configMaps.containsKey("wksp-sshconfigmap"));
+    assertTrue(configMaps.containsKey("sshconfigmap"));
 
-    ConfigMap sshConfigMap = configMaps.get("wksp-sshconfigmap");
+    ConfigMap sshConfigMap = configMaps.get("sshconfigmap");
     assertNotNull(sshConfigMap);
 
     Map<String, String> mapData = sshConfigMap.getData();

diff --git a/...infrastructure/kubernetes/provision/secret/GitCredentialStorageFileSecretApplierTest.java b/...infrastructure/kubernetes/provision/secret/GitCredentialStorageFileSecretApplierTest.java
@@ -13,6 +13,7 @@
 
 import static java.util.Collections.emptyMap;
 import static java.util.Collections.singletonMap;
+import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.GitConfigProvisioner.GIT_CONFIG_MAP_NAME;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.FileSecretApplier.ANNOTATION_MOUNT_PATH;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretApplier.ANNOTATION_AUTOMOUNT;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.SecretAsContainerResourceProvisioner.ANNOTATION_MOUNT_AS;
@@ -64,7 +65,7 @@ public void setUp() throws Exception {
     when(environment.getPodsData()).thenReturn(singletonMap("pod1", podData));
     when(podData.getRole()).thenReturn(KubernetesEnvironment.PodRole.DEPLOYMENT);
     when(podData.getSpec()).thenReturn(podSpec);
-    when(runtimeIdentity.getWorkspaceId()).thenReturn("ws-1234598");
+    lenient().when(runtimeIdentity.getWorkspaceId()).thenReturn("ws-1234598");
   }
 
   @Test(
@@ -124,10 +125,7 @@ public void shouldBeAbleToAdjustGiConfigConfigMap() throws InfrastructureExcepti
         new ConfigMapBuilder()
             .withData(ImmutableMap.of(GitConfigProvisioner.GIT_CONFIG, GIT_CONFIG_CONTENT))
             .build();
-    when(environment.getConfigMaps())
-        .thenReturn(
-            ImmutableMap.of(
-                "ws-1234598" + GitConfigProvisioner.GIT_CONFIG_MAP_NAME_SUFFIX, configMap));
+    when(environment.getConfigMaps()).thenReturn(ImmutableMap.of(GIT_CONFIG_MAP_NAME, configMap));
     // when
     secretApplier.applySecret(environment, runtimeIdentity, secret);
     // then
@@ -172,10 +170,7 @@ public void shouldThrowInfrastructureExceptionIfGitConfigAlreadyContainsSecretCo
                     GIT_CONFIG_CONTENT
                         + "[credential]\n\thelper = store --file /home/user/.git/credentials\n"))
             .build();
-    when(environment.getConfigMaps())
-        .thenReturn(
-            ImmutableMap.of(
-                "ws-1234598" + GitConfigProvisioner.GIT_CONFIG_MAP_NAME_SUFFIX, configMap));
+    when(environment.getConfigMaps()).thenReturn(ImmutableMap.of(GIT_CONFIG_MAP_NAME, configMap));
     // when
     secretApplier.applySecret(environment, runtimeIdentity, secret);
   }

diff --git a/...a/org/eclipse/che/workspace/infrastructure/openshift/OpenShiftEnvironmentProvisioner.java b/...a/org/eclipse/che/workspace/infrastructure/openshift/OpenShiftEnvironmentProvisioner.java
@@ -163,7 +163,6 @@ public void provision(OpenShiftEnvironment osEnv, RuntimeIdentity identity)
 
     // 3 stage - add OpenShift env items
     restartPolicyRewriter.provision(osEnv, identity);
-    uniqueNamesProvisioner.provision(osEnv, identity);
     routeTlsProvisioner.provision(osEnv, identity);
     resourceLimitRequestProvisioner.provision(osEnv, identity);
     nodeSelectorProvisioner.provision(osEnv, identity);
@@ -179,6 +178,7 @@ public void provision(OpenShiftEnvironment osEnv, RuntimeIdentity identity)
     gatewayRouterProvisioner.provision(osEnv, identity);
     deploymentMetadataProvisioner.provision(osEnv, identity);
     trustedCAProvisioner.provision(osEnv, identity);
+    uniqueNamesProvisioner.provision(osEnv, identity);
     LOG.debug(
         "Provisioning OpenShift environment done for workspace '{}'", identity.getWorkspaceId());
   }

diff --git a/...g/eclipse/che/workspace/infrastructure/openshift/OpenShiftEnvironmentProvisionerTest.java b/...g/eclipse/che/workspace/infrastructure/openshift/OpenShiftEnvironmentProvisionerTest.java
@@ -150,7 +150,6 @@ public void performsOrderedProvisioning() throws Exception {
     provisionOrder.verify(envVarsProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(volumesStrategy).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(restartPolicyRewriter).provision(eq(osEnv), eq(runtimeIdentity));
-    provisionOrder.verify(uniqueNamesProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(tlsRouteProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(ramLimitProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(nodeSelectorProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
@@ -167,6 +166,7 @@ public void performsOrderedProvisioning() throws Exception {
     provisionOrder.verify(gatewayRouterProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(deploymentMetadataProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verify(trustedCAProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
+    provisionOrder.verify(uniqueNamesProvisioner).provision(eq(osEnv), eq(runtimeIdentity));
     provisionOrder.verifyNoMoreInteractions();
   }
 }