Allow to use wget in addition to curl when installing workspace agent + terminal agent #4029
Conversation
benoitf
added
kind/enhancement
benoitf
requested review from
tolusha,
voievodin,
JamesDrummond and
skabashnyuk
|
@benoitf Should we add wget or curl to custom recipe requirements? |
|
@JamesDrummond it's not a requirement : if it's not there it's installed |
|
Build success. https://ci.codenvycorp.com/job/che-pullrequests-build/1894/ |
|
I don't see pros in installing curl if scripts are adapted to work with wget. Wget is more lightweight and widespread. It is also usually pre-installed in most linux distros |
|
@tolusha WDYT? |
|
@benoitf |
|
So I'm +1 on this PR. I also +1 on installing wget instead of curl if both are missing. |
|
I also see that all of the language servers agents (c#, json, php, python, TS) can be improved in the same way. It would be great if someone managed that. |
|
@benoitf WDYT about installing wget instead of curl in case both are missing? BTW I don't see use-case when usage of curl is needed at all since I can't imagine situation when curl is present and wget is not. |
|
so after some investigation, my changes are working fine on http
yes it works when agent binaries are on a mounted directory. For these one we don't use curl or wget, we use file directly
|
Can you elaborate on that. I'm not really following you. |
If we try on http there is still a 443 redirect so it fails as well so we need to add ca-certificates or openssl packages or by adding GNU wget package (not busybox) + --no-check-certificate (or also add the ca-certificates package) so
|
|
Thank for the detailed explanation. Situation is clear for me now. |
|
I think @riuvshin is against serving it by non secured protocol. |
|
@garagatyi yes I was thinking as you, to check http protocol (http/https) before requiring extra packages and to install packages only if they're really required @riuvshin as I understand, the access to the resources are accessed by the swarm nodes that are close to the workspace master so I'm not sure to see what are the benefits on forcing https over http for /agent-binaries/. It's a read-only operation and we don't provide any security/token details. |
|
@benoitf does this pr cover using |
|
@riuvshin It does not cover this way but it's something that could be great if you agree. small recap: for now, it is using curl. So on alpine it requires to install curl but we have wget |
|
ok I've got the idea need to check if we can do this with hapoxy, i mean allow some path tobe http when https is on |
|
@benoitf here is my branch I believe this will work codenvy/codenvy@835a17b |
|
@riuvshin Ok I'm not sure how to test ssl install quickly |
|
@benoitf that is not easy to test locally I think I can play with it on stg tomorrow |
|
|
||
| # no curl, no wget, install curl | ||
| if [ ${CURL_INSTALLED} = false ] && [ ${WGET_INSTALLED} = false ]; then | ||
| { PACKAGES=${PACKAGES}" curl"; } |
There was a problem hiding this comment.
I think this statement can be simplified by removing curly brackets
| AGENT_BINARIES_URI=${DOWNLOAD_AGENT_BINARIES_URI} | ||
| fi | ||
|
|
||
| AGENT_BINARIES_URI=${DOWNLOAD_AGENT_BINARIES_URI} |
There was a problem hiding this comment.
Looks like either this or line 169 is not needed
|
|
||
| # no curl, no wget, install curl | ||
| if [ ${CURL_INSTALLED} = false ] && [ ${WGET_INSTALLED} = false ]; then | ||
| { PACKAGES=${PACKAGES}" curl"; } |
| curl -s ${AGENT_BINARIES_URI} | tar xzf - -C ${CHE_DIR}/ws-agent | ||
| else | ||
| # use wget | ||
| wget -qO- ${AGENT_BINARIES_URI} | tar xzf - -C ${CHE_DIR}/ws-agent |
There was a problem hiding this comment.
Wget downloading section for terminal agent is more complex. Can you elaborate on why they differ and why we can't make them pretty the same?
There was a problem hiding this comment.
I don't know, I follow the same approach than curl/terminal agent section which is already complex ^^ https://github.com/eclipse/che/blob/master/agents/exec/src/main/resources/org.eclipse.che.terminal.script.sh#L162-L166
It's due to different sed expressions
sed 's/${PREFIX}/'${PREFIX}'/g'); vs sed 's/-${PREFIX}//g');
like if we need to support different naming scheme for the terminal agent file but I don't know the reason
There was a problem hiding this comment.
I don't mean PREFIX stuff. I mean that terminal script uses spider mode in wget and check if current wget doesn't have certificates stuff
|
I need to make a change to replace https by http if https is used |
…ybox version) but not curl by default so, we could check that either curl or wget is installed instead of only checking if curl is installed as we only need to download binaries which wget can perform easily as well Change-Id: I7d02fb70f5f2fb03432072f4f33ff27532c8601e Signed-off-by: Florent BENOIT <fbenoit@codenvy.com>
…n a busybox version) but not curl by default Change-Id: I5e95d345ab2ed83d1fc90b914f33d9e006c80226 Signed-off-by: Florent BENOIT <fbenoit@codenvy.com>
|
ok, PR updated |
|
@JamesDrummond it's ok for release notes ? |
|
Build success. https://ci.codenvycorp.com/job/che-pullrequests-build/2332/ |
benoitf
removed
the
status/code-review
|
This should improve UX in certain situations a lot! |
… + terminal agent (eclipse-che#4029) * For example alpine images have natively wget tool installed (in a busybox version) but not curl by default so, we could check that either curl or wget is installed instead of only checking if curl is installed as we only need to download binaries which wget can perform easily as well Change-Id: I7d02fb70f5f2fb03432072f4f33ff27532c8601e Signed-off-by: Florent BENOIT <fbenoit@codenvy.com>
What does this PR do?
For example alpine images have natively wget tool installed (in a busybox version) but not curl by default
So, we could check that either curl or wget is installed instead of only checking if curl is installed as we only need to download binaries which wget can perform easily as well
It is speeding up the first boot of the workspaces based on this configuration. (small alpine images)
What issues does this PR fix or reference?
#4024
Changelog
Allow to use wget instead of only curl for installing ws agent or terminal agent
Release Notes
Allow to use wget instead of only curl for installing ws agent or terminal agent
Docs PR
N/A
Change-Id: I7d02fb70f5f2fb03432072f4f33ff27532c8601e
Signed-off-by: Florent BENOIT fbenoit@codenvy.com