Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds support for linking using service binding without the service binding operator #4905

Merged
merged 9 commits into from
Aug 2, 2021
Merged

Adds support for linking using service binding without the service binding operator #4905

merged 9 commits into from
Aug 2, 2021

Conversation

mik-dass
Copy link
Contributor

@mik-dass mik-dass commented Jul 12, 2021
edited by dharmit
Loading

What type of PR is this?

/kind feature

What does this PR do / why we need it:

It adds support for linking using service binding without the service binding operator.

Which issue(s) this PR fixes:

Fixes #4940
Fixes #4543

PR acceptance criteria:

  • Unit test

  • Integration test

  • Documentation

  • Update changelog

  • I have read the test guidelines

How to test changes / Special notes to the reviewer:

Linking with other components

  • Start a cluster without the service binding operator
  • Create two components
  • Links them together odo link <component-1> --context <component-0-directory>
  • Trigger odo push --context <component-0-directory>
  • A link should be created between them and secrets should be injected into component-0's deployment.

Linking with services

  • Start a cluster without the service binding operator but with csv support
  • Create one component and a service
  • Links them together odo link <service-name> --context <component-0-directory>
  • Trigger odo push --context <component-0-directory>
  • A link should be created between them and secrets should be injected into component-0's deployment.

The option --bind-as-files should also work in the above scenarios.

@openshift-ci openshift-ci bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. Required by Prow. kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation labels Jul 12, 2021
@feloy
Copy link
Contributor

feloy commented Jul 13, 2021

@mik-dass You will need to skip the call to UpdateKubernetesInlineComponentsOwnerReferences() when SBR is not supported

@mik-dass mik-dass force-pushed the linking-without-operator branch 3 times, most recently from fbe69c7 to d949218 Compare July 14, 2021 15:00
kadel
kadel reviewed Jul 14, 2021
View reviewed changes
pkg/service/service.go Outdated
@@ -935,11 +943,17 @@ func (d *DynamicCRD) AddComponentLabelsToCRD(labels map[string]string) {

// PushServiceFromKubernetesInlineComponents updates service(s) from Kubernetes Inlined component in a devfile by creating new ones or removing old ones
// returns true if the component needs to be restarted (when a service binding has been created or deleted)
func PushServiceFromKubernetesInlineComponents(client *kclient.Client, k8sComponents []devfile.Component, labels map[string]string) (bool, error) {
func PushServiceFromKubernetesInlineComponents(client *kclient.Client, k8sComponents []devfile.Component, labels map[string]string, ownerReferences metav1.OwnerReference, deployment *v1.Deployment) (bool, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why this is suddenly accepting deployment?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use it to generate the owner reference and to regenerate the service binding object for deletion of it. If all the links are deleted, we can use this to get the deployment's name back.

@kadel
Copy link
Member

kadel commented Jul 14, 2021

There is a problem with the current approach.

I have SBO and If I try to push devfile that has service and link

devfile.yaml 
commands:
- exec:
    commandLine: mvn -Dmaven.repo.local=/home/user/.m2/repository spring-boot:run
    component: tools
    group:
      isDefault: true
      kind: run
    hotReloadCapable: true
  id: run
- exec:
    commandLine: mvn clean -Dmaven.repo.local=/home/user/.m2/repository package -Dmaven.test.skip=true;
      java -Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=${DEBUG_PORT},suspend=n
      -jar target/*.jar
    component: tools
    group:
      isDefault: true
      kind: debug
  id: debug
components:
- container:
    endpoints:
    - name: 8080-tcp
      targetPort: 8080
    image: quay.io/eclipse/che-java11-maven:nightly
    memoryLimit: 768Mi
    mountSources: true
    volumeMounts:
    - name: m2
      path: /home/user/.m2
  name: tools
- name: m2
  volume:
    size: 3Gi
- kubernetes:
    inlined: |
      apiVersion: postgresql.dev4devs.com/v1alpha1
      kind: Database
      metadata:
        name: database
      spec:
        databaseName: dbname
        databasePassword: dbpass
        databaseUser: dbuser
        databaseStorageRequest: 1Gi
        image: centos/postgresql-96-centos7
        size: 1
  name: database
- kubernetes:
    inlined: |
      apiVersion: binding.operators.coreos.com/v1alpha1
      kind: ServiceBinding
      metadata:
        creationTimestamp: null
        name: java-springboot-demo-qxdm-database-database
      spec:
        application:
          group: apps
          name: java-springboot-demo-qxdm-app
          resource: deployments
          version: v1
        bindAsFiles: false
        detectBindingResources: true
        services:
        - group: postgresql.dev4devs.com
          kind: Database
          name: database
          version: v1alpha1
      status:
        secret: ""
  name: java-springboot-demo-qxdm-database-database
metadata:
  description: Spring Boot® using Java
  displayName: Spring Boot®
  globalMemoryLimit: 2674Mi
  icon: https://www.eclipse.org/che/images/logo-eclipseche.svg
  language: java
  name: java-springboot
  projectType: spring
  tags:
  - Java
  - Spring
  version: 1.1.0
schemaVersion: 2.0.0
starterProjects:
- git:
    remotes:
      origin: https://github.com/odo-devfiles/springboot-ex.git
  name: springbootproject

I get

▶ odo push

Validation
 ✓  Validating the devfile [36670ns]

Creating Kubernetes resources for component java-springboot-demo-qxdm
 ✓  Added storage m2 to java-springboot-demo-qxdm
 ✓  Waiting for component to start [6s]
 ✓  Created service "Database/database" on the cluster; refer "odo link -h" to know how to link it to the component
 ✓  Created link "java-springboot-demo-qxdm-database-database" on the cluster; component will be restarted
 ✓  Waiting for component to start [1ms]
 ✓  Waiting for component to start [6ms]
 ✗  Failed to start component with name "java-springboot-demo-qxdm". Error: Failed to create the component: Operation cannot be fulfilled on databases.postgresql.dev4devs.com "database": the object has been modified; please apply your changes to the latest version and try again

and sometimes

▶ odo push

Validation
 ✓  Validating the devfile [38109ns]

Creating Kubernetes resources for component java-springboot-demo-qxdm
 ✓  Added storage m2 to java-springboot-demo-qxdm
 ✓  Waiting for component to start [6s]
 ✓  Created service "Database/database" on the cluster; refer "odo link -h" to know how to link it to the component
 ✓  Created link "java-springboot-demo-qxdm-database-database" on the cluster; component will be restarted
 ✓  Waiting for component to start [1ms]
 ✓  Waiting for component to start [6ms]

Applying URL changes
 ✓  URL 8080-tcp: http://8080-tcp-app-test.apps-crc.testing/ created

Syncing to component java-springboot-demo-qxdm
 ✓  Checking files for pushing [5ms]
 ✓  Syncing files to the component [342ms]

Executing devfile commands for component java-springboot-demo-qxdm
 ✓  Waiting for component to start [2ms]
 ✓  Executing run command "mvn -Dmaven.repo.local=/home/user/.m2/repository spring-boot:run", if not running [1s]
 ✗  Failed to start component with name "java-springboot-demo-qxdm". Error: Failed to create the component: the supervisord program devrun not found

It looks like the problem is in the order in which resources are created.
Deploymet is created
than it waits for pod to be in running state
now it creates SB and starts syncing code
SB updates Deployment and Pod get restarted
odo fails because pod got restarted while syncing

@mik-dass
Copy link
Contributor Author

odo fails because pod got restarted while syncing

I have already pushed a fix for this issue. Please let me know it the new changes work for you.

@mik-dass
Copy link
Contributor Author

/test v4.7-integration-e2e

@redhat-developer redhat-developer deleted a comment from openshift-ci bot Jul 15, 2021
feloy
feloy reviewed Jul 15, 2021
View reviewed changes
pkg/kclient/deployments.go Outdated Show resolved Hide resolved
pkg/kclient/deployments.go Show resolved Hide resolved
feloy
feloy reviewed Jul 15, 2021
View reviewed changes
tests/integration/operatorhub/cmd_link_test.go
@@ -32,7 +33,7 @@ var _ = Describe("odo link command tests for OperatorHub", func() {
BeforeEach(func() {
// wait till odo can see that all operators installed by setup script in the namespace
odoArgs := []string{"catalog", "list", "services"}
operators := []string{"redis-operator", "service-binding-operator"}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should be better to adapt the value of operators depending on the value of os.Getenv("KUBERNETES")

feloy
feloy reviewed Jul 15, 2021
View reviewed changes
pkg/component/component.go Outdated Show resolved Hide resolved
@mik-dass mik-dass force-pushed the linking-without-operator branch 2 times, most recently from 7594e12 to 1d4fcd7 Compare July 16, 2021 14:22
@mik-dass
Copy link
Contributor Author 

[odo]  NAME                                       COUNT  REASON       MESSAGE                        
[odo] 
[odo]  api-app-65d865f89c-sq7m6.16924ef474df009a  10     FailedMount  MountVolume.SetUp failed for   
[odo]                                                                 volume "redis-link" : secret   
[odo]                                                                 "redis-link-da39a3ee" not      
[odo]                                                                 found

/retest

@mik-dass
Copy link
Contributor Author 


    No future change is possible.  Bailing out early after 0.469s.
      
    Running oc with args [oc annotate istag/nodejs:latest --namespace=nodejs-14 tags=builder --overwrite]
    Expected
        <int>: 1
    to match exit code:
        <int>: 0
    /go/src/github.com/openshift/odo/tests/helper/helper_cmd_wrapper.go:99

/retest

@mik-dass mik-dass force-pushed the linking-without-operator branch 3 times, most recently from 7585728 to c819588 Compare July 21, 2021 07:40
@mik-dass
Copy link
Contributor Author

/test v4.7-integration-e2e

@prietyc123
Copy link
Contributor

/test psi-kubernetes-integration-e2e

feloy
feloy reviewed Jul 28, 2021
View reviewed changes
pkg/component/component.go Outdated
}

for _, u := range list.Items {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can put this for block in the if ok block

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

pkg/component/component.go Outdated
@@ -1612,6 +1618,50 @@ func setLinksServiceNames(client *occlient.Client, linkedSecrets []SecretMount)
}
}

if !ok {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could use else here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@mik-dass mik-dass mentioned this pull request Jul 29, 2021
Closed
1 task
@feloy
Copy link
Contributor

feloy commented Jul 29, 2021

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. Required by Prow. label Jul 29, 2021
@mik-dass mik-dass mentioned this pull request Jul 29, 2021
Merged
5 tasks
@dharmit dharmit mentioned this pull request Jul 29, 2021
Closed
1 task
@kadel
Copy link
Member

kadel commented Jul 29, 2021

There is a problem.
On OpenShift without SBO it fails :-(

▶ odo push -v 4
I0729 16:27:16.207386  110343 preference.go:220] The path for preference file is /home/tomas/.odo/preference.yaml
I0729 16:27:16.207447  110343 segment.go:214] Checking telemetry enable status
I0729 16:27:16.207456  110343 util.go:786] HTTPGetRequest: https://raw.githubusercontent.com/openshift/odo/master/build/VERSION
I0729 16:27:16.207471  110343 context.go:141] absolute devfile path: '/home/tomas/Code/odo-examples/spring-petclinic/devfile.yaml'
I0729 16:27:16.207479  110343 context.go:92] absolute devfile path: '/home/tomas/Code/odo-examples/spring-petclinic/devfile.yaml'
I0729 16:27:16.207513  110343 util.go:807] Response will be cached in /tmp/odohttpcache for 1h0m0s
I0729 16:27:16.207787  110343 util.go:820] Cached response used.
I0729 16:27:16.208048  110343 content.go:33] converted devfile YAML to JSON
I0729 16:27:16.208376  110343 apiVersion.go:42] devfile schemaVersion: '2.0.0'
I0729 16:27:16.208493  110343 helper.go:41] devfile apiVersion '2.0.0' is supported
I0729 16:27:16.214337  110343 schema.go:46] validated devfile schema
I0729 16:27:16.215888  110343 validate.go:45] Successfully validated devfile sections
I0729 16:27:16.215901  110343 validate.go:45] Successfully validated devfile sections
I0729 16:27:17.163336  110343 context.go:141] absolute devfile path: '/home/tomas/Code/odo-examples/spring-petclinic/devfile.yaml'
I0729 16:27:17.163353  110343 context.go:92] absolute devfile path: '/home/tomas/Code/odo-examples/spring-petclinic/devfile.yaml'
I0729 16:27:17.163700  110343 content.go:33] converted devfile YAML to JSON
I0729 16:27:17.163782  110343 apiVersion.go:42] devfile schemaVersion: '2.0.0'
I0729 16:27:17.163791  110343 helper.go:41] devfile apiVersion '2.0.0' is supported
I0729 16:27:17.168477  110343 schema.go:46] validated devfile schema
I0729 16:27:17.168676  110343 validate.go:45] Successfully validated devfile sections

Validation
 •  Validating the devfile  ...
I0729 16:27:17.189982  110343 command.go:171] Build command: build
I0729 16:27:17.189991  110343 command.go:178] Run command: run
 ✓  Validating the devfile [65740ns]

Creating Services for component java-springboot
I0729 16:27:17.196630  110343 kclient.go:215] Checking if "clusterserviceversions" resource supported
I0729 16:27:17.197740  110343 service.go:313] Getting list of services
I0729 16:27:17.197761  110343 operators.go:36] Fetching list of operators installed in cluster
I0729 16:27:17.211890  110343 service.go:331] Getting services started from operator: postgresql-operator.v0.1.1
I0729 16:27:17.211906  110343 service.go:465] Getting instances of: backups.postgresql.dev4devs.com
I0729 16:27:17.213545  110343 service.go:465] Getting instances of: databases.postgresql.dev4devs.com
I0729 16:27:17.215005  110343 operators.go:36] Fetching list of operators installed in cluster
 ✓  Created service "Database/postgresql" on the cluster; refer "odo link -h" to know how to link it to the component

Creating Kubernetes resources for component java-springboot
I0729 16:27:17.223981  110343 preference.go:220] The path for preference file is /home/tomas/.odo/preference.yaml
I0729 16:27:17.427204  110343 kubernetes.go:57] Creating a PVC with name m2-java-springboot-app and labels map[app:app app.kubernetes.io/instance:java-springboot app.kubernetes.io/managed-by:odo app.kubernetes.io/managed-by-version:v2.2.3 app.kubernetes.io/part-of:app app.kubernetes.io/storage-name:m2 component:java-springboot storage-name:m2]
 ✓  Added storage m2 to java-springboot
I0729 16:27:17.487797  110343 utils.go:223] Updating container tools entrypoint with supervisord
I0729 16:27:17.487822  110343 utils.go:107] Updating container tools with supervisord volume mounts
I0729 16:27:17.487834  110343 utils.go:117] Updating container tools env with run command
I0729 16:27:17.487842  110343 utils.go:170] Updating container tools env with debug command
I0729 16:27:17.487850  110343 utils.go:196] Updating container tools env with debug command's debugPort
I0729 16:27:17.642494  110343 adapter.go:534] Creating deployment java-springboot-app
I0729 16:27:17.642521  110343 adapter.go:535] The component name is java-springboot
I0729 16:27:17.643226  110343 kclient.go:264] Kubernetes version is "v1.20.0+87cc9a4"
I0729 16:27:17.643246  110343 kclient.go:276] Cluster has support for SSA: true
I0729 16:27:18.215977  110343 adapter.go:587] Successfully created component java-springboot
I0729 16:27:18.802769  110343 adapter.go:595] Successfully created Service for component java-springboot
I0729 16:27:18.802794  110343 deployments.go:150] Waiting for java-springboot-app deployment rollout
 •  Waiting for component to start  ...
I0729 16:27:18.804819  110343 deployments.go:183] Deployment Condition: {"type":"Progressing","status":"True","lastUpdateTime":"2021-07-29T14:27:18Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"NewReplicaSetCreated","message":"Created new replica set \"java-springboot-app-749d6c46fb\""}
I0729 16:27:18.804836  110343 deployments.go:201] Waiting for deployment spec update to be observed...
I0729 16:27:19.103875  110343 deployments.go:183] Deployment Condition: {"type":"Progressing","status":"True","lastUpdateTime":"2021-07-29T14:27:18Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"NewReplicaSetCreated","message":"Created new replica set \"java-springboot-app-749d6c46fb\""}
I0729 16:27:19.103907  110343 deployments.go:183] Deployment Condition: {"type":"Available","status":"False","lastUpdateTime":"2021-07-29T14:27:18Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"MinimumReplicasUnavailable","message":"Deployment does not have minimum availability."}
I0729 16:27:19.103920  110343 deployments.go:190] Waiting for deployment "java-springboot-app" rollout to finish: 0 out of 1 new replicas have been updated...
I0729 16:27:19.103934  110343 deployments.go:201] Waiting for deployment spec update to be observed...
I0729 16:27:20.127873  110343 deployments.go:183] Deployment Condition: {"type":"Available","status":"False","lastUpdateTime":"2021-07-29T14:27:18Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"MinimumReplicasUnavailable","message":"Deployment does not have minimum availability."}
I0729 16:27:20.127911  110343 deployments.go:183] Deployment Condition: {"type":"Progressing","status":"True","lastUpdateTime":"2021-07-29T14:27:20Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"ReplicaSetUpdated","message":"ReplicaSet \"java-springboot-app-749d6c46fb\" is progressing."}
I0729 16:27:20.127924  110343 deployments.go:194] Waiting for deployment "java-springboot-app" rollout to finish: 0 of 1 updated replicas are available...
I0729 16:27:20.127939  110343 deployments.go:201] Waiting for deployment spec update to be observed...
I0729 16:27:30.590155  110343 deployments.go:183] Deployment Condition: {"type":"Available","status":"True","lastUpdateTime":"2021-07-29T14:27:30Z","lastTransitionTime":"2021-07-29T14:27:30Z","reason":"MinimumReplicasAvailable","message":"Deployment has minimum availability."}
I0729 16:27:30.590180  110343 deployments.go:183] Deployment Condition: {"type":"Progressing","status":"True","lastUpdateTime":"2021-07-29T14:27:30Z","lastTransitionTime":"2021-07-29T14:27:18Z","reason":"NewReplicaSetAvailable","message":"ReplicaSet \"java-springboot-app-749d6c46fb\" has successfully progressed."}
 ✓  Waiting for component to start [12s]
I0729 16:27:30.590241  110343 deployments.go:197] Deployment "java-springboot-app" successfully rolled out
I0729 16:27:30.590254  110343 deployments.go:201] Waiting for deployment spec update to be observed...
I0729 16:27:30.590301  110343 preference.go:220] The path for preference file is /home/tomas/.odo/preference.yaml
I0729 16:27:30.590433  110343 pods.go:40] Waiting for component=java-springboot pod
I0729 16:27:31.048369  110343 pods.go:70] Status of java-springboot-app-749d6c46fb-j4kp7 pod is Running
I0729 16:27:31.048488  110343 pods.go:74] Pod Conditions: {"type":"Initialized","status":"True","lastProbeTime":null,"lastTransitionTime":"2021-07-29T14:27:26Z"}
I0729 16:27:31.048501  110343 pods.go:74] Pod Conditions: {"type":"Ready","status":"True","lastProbeTime":null,"lastTransitionTime":"2021-07-29T14:27:29Z"}
I0729 16:27:31.048513  110343 pods.go:74] Pod Conditions: {"type":"ContainersReady","status":"True","lastProbeTime":null,"lastTransitionTime":"2021-07-29T14:27:29Z"}
I0729 16:27:31.048526  110343 pods.go:74] Pod Conditions: {"type":"PodScheduled","status":"True","lastProbeTime":null,"lastTransitionTime":"2021-07-29T14:27:19Z"}
I0729 16:27:31.048648  110343 pods.go:79] Container Status: {"name":"tools","state":{"running":{"startedAt":"2021-07-29T14:27:29Z"}},"lastState":{},"ready":true,"restartCount":0,"image":"quay.io/eclipse/che-java11-maven:nightly","imageID":"quay.io/eclipse/che-java11-maven@sha256:57da16336a6a655aeee8699130b3e69143d175058c0019c8a692790bdd6bca97","containerID":"cri-o://4b205ac2cbd8c6f95e56cc64e2ae7c2a55b52a54acb4cabf548de03d9f15b171","started":true}
I0729 16:27:31.048661  110343 pods.go:83] Pod java-springboot-app-749d6c46fb-j4kp7 is Running
I0729 16:27:31.048720  110343 kclient.go:215] Checking if "servicebindings" resource supported
I0729 16:27:31.058602  110343 kclient.go:215] Checking if "clusterserviceversions" resource supported
I0729 16:27:31.062572  110343 kclient.go:215] Checking if "deployments" resource supported
 ✗  Failed to start component with name "java-springboot". Error: Failed to create the component: failed to create service(s) associated with the component: customresourcedefinitions.apiextensions.k8s.io "databases.postgresql.dev4devs.com" is forbidden: User "developer" cannot get resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope

@mik-dass
Copy link
Contributor Author

The service and link related integration tests passed for me on a 4.7 cluster without the service binding operator.

@kadel
Copy link
Member

kadel commented Jul 29, 2021
edited
Loading

I've been testing this with following two devfiles, where the second one is slightly modified version what is in one of the tests and I'm not able to make it work with my crc.

devfile.yaml 
commands:
- exec:
    commandLine: mvn clean -Dmaven.repo.local=/home/user/.m2/repository package -Dmaven.test.skip=true
    component: tools
    group:
      isDefault: true
      kind: build
  id: build
- exec:
    commandLine: mvn -Dmaven.repo.local=/home/user/.m2/repository spring-boot:run
    component: tools
    group:
      isDefault: true
      kind: run
  id: run
- exec:
    commandLine: java -Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=${DEBUG_PORT},suspend=n
      -jar target/*.jar
    component: tools
    group:
      isDefault: true
      kind: debug
  id: debug
components:
- container:
    endpoints:
    - name: 8080-tcp
      targetPort: 8080
    env:
    - name: SPRING_PROFILES_ACTIVE
      value: postgresql
    image: quay.io/eclipse/che-java11-maven:nightly
    memoryLimit: 768Mi
    mountSources: true
    volumeMounts:
    - name: m2
      path: /home/user/.m2
  name: tools
- name: m2
  volume:
    size: 3Gi
- kubernetes:
    inlined: |
      apiVersion: binding.operators.coreos.com/v1alpha1
      kind: ServiceBinding
      metadata:
        creationTimestamp: null
        name: petclinic-database-postgresql
      spec:
        application:
          group: apps
          name: java-springboot-app
          resource: deployments
          version: v1
        bindAsFiles: false
        detectBindingResources: true
        services:
        - group: postgresql.dev4devs.com
          kind: Database
          name: postgresql
          version: v1alpha1
      status:
        secret: ""
  name: petclinic-database-postgresql
- kubernetes:
    inlined: |
      apiVersion: postgresql.dev4devs.com/v1alpha1
      kind: Database
      metadata:
        annotations:
          service.binding/database: path={.spec.databaseName}
          service.binding/password: path={.spec.databasePassword}
          service.binding/username: path={.spec.databaseUser}
        name: postgresql
      spec:
        databaseName: example
        databasePassword: postgres
        databaseStorageRequest: 1Gi
        databaseUser: postgres
        image: centos/postgresql-96-centos7
        size: 1
  name: postgresql
metadata:
  description: Spring Boot® using Java
  displayName: Spring Boot®
  globalMemoryLimit: 2674Mi
  icon: https://www.eclipse.org/che/images/logo-eclipseche.svg
  language: java
  name: java-springboot
  projectType: spring
  tags:
  - Java
  - Spring
  version: 1.1.0
schemaVersion: 2.0.0
starterProjects:
- git:
    remotes:
      origin: https://github.com/odo-devfiles/springboot-ex.git
  name: springbootproject
devfile.yaml 
commands:
- exec:
    commandLine: "true"
    component: runtime
    group:
      isDefault: true
      kind: build
    workingDir: /project
  id: install
- exec:
    commandLine: "sleep infinity"
    component: runtime
    group:
      isDefault: true
      kind: run
    workingDir: /project
  id: run
- exec:
    commandLine: npm run debug
    component: runtime
    group:
      isDefault: true
      kind: debug
    workingDir: /project
  id: debug
- exec:
    commandLine: npm test
    component: runtime
    group:
      isDefault: true
      kind: test
    workingDir: /project
  id: test
components:
- container:
    endpoints:
    - name: http-3000
      targetPort: 3000
    image: registry.access.redhat.com/ubi8/nodejs-14:latest
    memoryLimit: 300Mi
    mountSources: true
    sourceMapping: /project
  name: runtime
- kubernetes:
    inlined: |
      apiVersion: redis.redis.opstreelabs.in/v1beta1
      kind: Redis
      metadata:
        name: myredis
      spec:
        redisExporter:
          enabled: true
          image: 'quay.io/opstree/redis-exporter:1.0'
          imagePullPolicy: Always
          resources:
            requests:
              cpu: 100m
              memory: 128Mi
            limits:
              cpu: 100m
              memory: 128Mi
        kubernetesConfig:
          image: 'quay.io/opstree/redis:v6.2'
          imagePullPolicy: IfNotPresent
          resources:
            requests:
              cpu: 101m
              memory: 128Mi
            limits:
              cpu: 101m
              memory: 128Mi
          redisSecret:
            name: redis-secret
            key: password
          serviceType: LoadBalancer
        redisConfig: {}
        storage:
          volumeClaimTemplate:
            spec:
              accessModes:
                - ReadWriteOnce
              resources:
                requests:
                  storage: 1Gi
  name: myredis
- kubernetes:
    inlined: |
      apiVersion: binding.operators.coreos.com/v1alpha1
      kind: ServiceBinding
      metadata:
        creationTimestamp: null
        name: redis-link
      spec:
        application:
          group: apps
          name: nodejs-app
          resource: deployments
          version: v1
        bindAsFiles: true
        detectBindingResources: true
        services:
        - group: redis.redis.opstreelabs.in
          kind: Redis
          name: myredis
          version: v1beta1
      status:
        secret: ""
  name: redis-link
metadata:
  description: Stack with Node.js 14
  displayName: Node.js Runtime
  language: nodejs
  name: nodejs
  projectType: nodejs
  tags:
  - NodeJS
  - Express
  - ubi8
  version: 1.0.1
schemaVersion: 2.0.0
starterProjects:
- git:
    remotes:
      origin: https://github.com/odo-devfiles/nodejs-ex.git
  name: nodejs-starter

Always the same error

 ✗  Failed to start component with name "nodejs". Error: Failed to create the component: failed to create service(s) associated with the component: customresourcedefinitions.apiextensions.k8s.io "redis.redis.redis.opstreelabs.in" is forbidden: User "developer" cannot get resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope

It looks like odo or something in odo is trying to get cluster wide CustomResourceDefinitions. Default RBAC rules prohibit "normal" users ("developer" on crc) to list cluster wide resources.

Running make test-operator-hub against my crc fails as well for me.

@feloy
Copy link
Contributor

feloy commented Jul 30, 2021

The error comes from this line, the error seems to come from the Service Binding Operator library:

			_, err = processingPipeline.Process(&serviceBinding)

feloy
feloy reviewed Jul 30, 2021
View reviewed changes
pkg/service/link.go
return false, err
}

secrets, err := client.ListSecrets(componentlabels.GetSelector(labels[componentlabels.ComponentLabel], labels[applabels.ApplicationLabel]))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please catch this error

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. Required by Prow. label Jul 30, 2021
@mik-dass
Copy link
Contributor Author

The error comes from this line, the error seems to come from the Service Binding Operator library:

@kadel @feloy I have raised an issue on the service binding repo redhat-developer/service-binding-operator#1003 . I have also added a simpler error message for now in case the pipeline throws a forbidden type of error.

@sonarcloud
Copy link

sonarcloud bot commented Jul 30, 2021

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 8 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. Required by Prow. label Aug 2, 2021
@kadel
Copy link
Member

kadel commented Aug 2, 2021

/approve

@openshift-ci
Copy link

openshift-ci bot commented Aug 2, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kadel

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. Required by Prow. label Aug 2, 2021
@openshift-ci openshift-ci bot merged commit 2e661bf into redhat-developer:main Aug 2, 2021
@mik-dass mik-dass deleted the linking-without-operator branch August 2, 2021 17:09
@feelchar
Copy link

hi i want to a qxdm tools ,do you have guys

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kadel kadel kadel left review comments

@feloy feloy feloy left review comments

@dharmit dharmit dharmit approved these changes

@mohammedzee1000 mohammedzee1000 Awaiting requested review from mohammedzee1000

Assignees

@dharmit dharmit

@feloy feloy

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. Required by Prow. kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation lgtm Indicates that a PR is ready to be merged. Required by Prow.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

odo push does not work with SBO v0.9.0 allow linking using ServiceBinding without ServiceBindingOperator
6 participants
@mik-dass @feloy @kadel @prietyc123 @dharmit @feelchar