[server] Switch from Env to Config

[geropl]

Fixes #4650.

Companion PR: https://github.com/gitpod-com/gitpod/pull/5862

TL;DR

This replaces Env (derived from env variables and relying on manual de-/serialization) with Config derived from a ConfigMap whose structure (mostly) matches the values.yaml. To ensure we don't break stuff on deployment this comes with a restrictive safety check.

About

This PR does away with the old Env/EnvEE classes and replaces it with a Config shape which can be loaded from a config file of that exact same shape in server-configmap.yaml. In consequence a lot of the de-/serializing logic in Env got superfluous, and (nearly) all defaults moved to values.yaml:components.server.

For the initial deployment server on startups compares old and new config to make sure we didn't introduce an unwanted config drift.

Code-wise the most important parts are in:
- server-configmap.yaml
- server-deployment.yaml
- values.yaml
- config.ts

Besides this, changes fall into these categories:

• name normalizations so values.yaml and Config names map directly
• grouping of some values where it made sense
• removal of dead code and config
• validation that checks that old and new config are identical

ToDo

• see if Config/-Serialized should be reversed
• make integration tests work again
• compare and validate devstaging config
• compare and validate staging config
• adjust staging/production values
  • Companion PR: https://github.com/gitpod-com/gitpod/pull/5862
  • deploy to staging and check config

Future work

• derive schema from shape and use that for validation

[jankeromnes]

Removing the automatic review requests as this is still Draft. 😊

[jankeromnes]

Wow, quite a big change! 💪 I took a quick look, and didn't notice anything obviously broken.

What is the testing strategy to deploy this without accidentally breaking something subtle?

• I like the old/new comparison check (did you try it by introducing some temporary small change?)

• But I think we should also test this on staging really well (e.g. workspace backups, workspace downloads, prebuilds, the GitHub App, payments all could seem somewhat at risk and should be well tested)

Also, there are several import { Env } and import { EnvEE } left in various files. I know some of them are for comparison, but I'm not sure all remaining imports are still needed. Please double-check.

[jankeromnes]

Do we still use this BrandingParser? Can we remove it?

[geropl]

see next comment.

[jankeromnes]

Did you decide to keep it?

[geropl]

Yes. There were some places where we use two fields. And I did not want to increase the complexity of this PR even more by a) making the decision here, and
b) changing that code/API as well.

[geropl]

Wow, quite a big change!

This is actually the 2nd, bigger PR. The Config shape was already introduced before.

What is the testing strategy to deploy this without accidentally breaking something subtle?

There are two things we can check:

Manually

As Config has already been introduced, current prod/staging versions print there Config shape (the one derived from Env) to stdout on startup. Once we deployed the new version, we should compare those manually. But there have been a few additions, and also fixes to getConfigFromOldEnv, so this is not perfect.

==> This helps to ensure that there is no drift in the values files (we have to slightly adjust those as well).

Automatically

There are three things we have to verify (in this review) to make this work:

1. env vars in server-deployment were not changed semantically
2. env.ts was not changed semantically
3. the getConfigFromOldEnv in config.ts is correct (mostly straight forward, should be easy to verify)

==> This ensures that at least given the same input (chart), there is no difference between Env and Config.

I like the old/new comparison check (did you try it by introducing some temporary small change?)

Not sure what you mean with "temporary small changes"? I used this to find all discrepancies, so the "negative" as well as "positive" case works if that is what you mean.

But I think we should also test this on staging really well (e.g. workspace backups, workspace downloads, prebuilds, the GitHub App, payments all could seem somewhat at risk and should be well tested)

If we do the two checks above really thoroughly I don't think this is necessary.

Also, there are several import { Env } and import { EnvEE } left in various files. I know some of them are for comparison, but I'm not sure all remaining imports are still needed. Please double-check.

Did that, it's all for the comparison to work. 👍

[JanKoehnlein]

You called it config everywhere else. Why not here?

[JanKoehnlein]

Not used here. Should we push it down to subclass?

[JanKoehnlein]

Not used here, either. Push down to subclass?

[JanKoehnlein]

Why did you remove TheiaPluginController in this PR?

[geropl]

We don't use it anymore.

[JanKoehnlein]

Apart from some nitty comments

/lgtm

[roboquat]

LGTM label has been added.

Git tree hash: c6fa5afedfe24a0016883c22f118fd4dc854fd8f

[roboquat]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JanKoehnlein

Associated issue: #4650

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [JanKoehnlein]
• components/gitpod-protocol/OWNERS [JanKoehnlein]
• components/server/OWNERS [JanKoehnlein]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment