procedures: Manage extension installation in Code - OSS with ConfigMap #3012
Conversation
|
🎊 Navigate the preview: https://697215c2787245315e3aae8b--eclipse-che-docs-pr.netlify.app 🎊 |
|
Click here to review and test in web IDE: |
-525C86?logo=eclipse-che&labelColor=red){kind=icon}
RomanNikitenko
changed the title
RomanNikitenko
changed the title
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com> Assisted-by: Cursor AI
RomanNikitenko
force-pushed
the
manage-extension-installation
branch
from
2505174 to
a17f233
Compare
There was a problem hiding this comment.
Overall, looks good. I would maybe consider giving an example that demonstrates how to completely disable extensions from being installed as this may be fairly common. Specifically, it should include :
"AllowedExtensions": {
"*": false
}
If not, then it should be clear that the above block is just as important as the other 3 booleans in blocking extension installation.
One last thing to consider is it seems I needed to add some annotations to get things working if I didn't wish to apply the configmap to the eclipse-che namespace (ie. only apply it to my user's namespace). Might be good to document this.
| * BlockCliExtensionsInstallation property - when enabled, blocks installation of extensions via CLI | ||
| * BlockDefaultExtensionsInstallation property - when enabled, blocks installation of default extensions, see xref:default-extensions-for-microsoft-visual-studio-code.adoc[] | ||
| * BlockInstallFromVSIXCommandExtensionsInstallation property - when enabled, blocks installation of extensions via the workbench.extensions.command.installFromVSIX API command | ||
| * AllowedExtensions section - provides fine-grained control over Code - OSS extension installation. For conceptual background, see link:https://code.visualstudio.com/docs/setup/enterprise#_configure-allowed-extensions/[Configure allowed extensions]. |
There was a problem hiding this comment.
It might be useful to clarify that it seems this setting also serves as a restriction on extension activation. For example, in the case we discussed where someone could just insert an extension at /checode/remote/extensions/ and update the extensions.json file there, the extension does get installed, but this property blocks the activation :
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com> Assisted-by: Cursor AI
|
@rgrunber I tried to apply all your comments, please take a look at the last commit to check if everything looks good! update: I also updated screenshots in the PR description. |
…figMap Signed-off-by: Roman Nikitenko <rnikiten@redhat.com>
| controller.devfile.io/mount-as: file | ||
| controller.devfile.io/mount-path: /checode-config | ||
| controller.devfile.io/read-only: 'true' | ||
There was a problem hiding this comment.
There was a problem hiding this comment.
Hello.
Only the following labels added automatically, but not annotations:
- controller.devfile.io/mount-to-devworkspace
- controller.devfile.io/watch-configmap
It is better to use controller.devfile.io/mount-as: subpath otherwise you will override the /checode-config directory completely.
| apiVersion: v1 | ||
| metadata: | ||
| name: vscode-editor-configurations | ||
| namespace: eclipse-che |
There was a problem hiding this comment.
it's not possible to use {prod-namespace} here instead of eclipse-che
is there any other way to do it?
otherwise we need to replace the value manually for the downstream
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com>
4 participants
What does this pull request change?
Adds instructions how to manage extension installation in Code - OSS
Click here to see screenshots
Apply editor configurations changes:
What issues does this pull request fix or reference?
Che-Code PRs:
Specify the version of the product this pull request applies to
Pull Request checklist
The author and the reviewers validate the content of this pull request with the following checklist, in addition to the automated tests.
Validate language on files added or modifiedstep reports no vale warnings.Assisted-by: Cursor AI