From 7d4f48b525bd4e93377147057e556038576ad61d Mon Sep 17 00:00:00 2001
From: Roland Grunberg <rgrunber@redhat.com>
Date: Tue, 2 Dec 2025 23:46:39 -0500
Subject: [PATCH] Set up SSHD service entirely within sshd.start.

The start process works as follows :

1. che-code-sshd-page component starts and copies all relevant resources
   (/usr/sbin/sshd, /usr/bin/ssh-keygen, /usr/lib64/libnss_wrapper.so,
   common tools, dynamics libs, /etc/ssh/sshd_config, sshd.start) into
   the /sshd volume mount.
2. che-code-sshd-page waits for existence of a file (/sshd/username) to
   be created. Once created, it can generate the landing page and
   instructions
3. che-code-sshd component configuration gets merged into the tool
   container and runs the /sshd/sshd.start command from the shared
   mount. This sets up the SSHD service.
4. Once the SSHD service is started, the /sshd mount will have the
   username needed for the landing page connection instructions, and the
   che-code-sshd-page will open

Signed-off-by: Roland Grunberg <rgrunber@redhat.com>
---
 .../che-code-sshd-insiders.yaml               | 40 ++++++++++++++----
 editors-definitions/che-code-sshd-next.yaml   | 41 +++++++++++++++----
 2 files changed, 63 insertions(+), 18 deletions(-)

diff --git a/editors-definitions/che-code-sshd-insiders.yaml b/editors-definitions/che-code-sshd-insiders.yaml
index 515a420e9..3bad3a70b 100644
--- a/editors-definitions/che-code-sshd-insiders.yaml
+++ b/editors-definitions/che-code-sshd-insiders.yaml
@@ -76,18 +76,26 @@ metadata:
       </defs>
       </svg>
 
+commands:
+  - id: start-sshd
+    exec:
+      component: che-code-sshd
+      commandLine: ( /sshd/sshd.start & )
+events:
+  postStart:
+    - start-sshd
 components:
-  - name: che-code-sshd
+  - name: che-code-sshd-page
     container:
       image: quay.io/che-incubator/che-code-sshd:insiders
-      memoryLimit: 4096Mi
-      memoryRequest: 256Mi
-      cpuLimit: 1000m
-      cpuRequest: 500m
+      memoryLimit: 256Mi
+      memoryRequest: 32Mi
+      cpuLimit: 500m
+      cpuRequest: 30m
       command:
         - sh
         - -c
-        - "nohup /entrypoint.sh & nohup /sshd.start & pushd /opt/www/ && nohup node /opt/www/server.js & tail -f /dev/null"
+        - "cp /usr/sbin/sshd /usr/bin/ssh-keygen /usr/bin/tar /usr/bin/gzip /usr/lib64/libnss_wrapper.so /usr/lib64/libpam.so.0 /usr/lib64/libeconf.so.0 /usr/lib64/libcrypt.so.2 /etc/ssh/sshd_config /sshd.start /sshd/ & while [ ! -e /sshd/username ]; do sleep 1s; done; pushd /opt/www/ && exec node /opt/www/server.js"
       endpoints:
         - name: che-code-sshd
           attributes:
@@ -99,10 +107,24 @@ components:
           secure: true
           protocol: https
       volumeMounts:
-        - name: m2
-          path: /home/user/.m2
+        - name: sshd-folder
+          path: /sshd
+    attributes:
+      app.kubernetes.io/component: che-code-sshd-page
+      app.kubernetes.io/part-of: che-code-server.eclipse.org
+  - name: che-code-sshd
+    container:
+      image: quay.io/che-incubator/che-code-sshd:insiders
+      memoryLimit: 4096Mi
+      memoryRequest: 256Mi
+      cpuLimit: 1000m
+      cpuRequest: 500m
+      volumeMounts:
+        - name: sshd-folder
+          path: /sshd
     attributes:
       app.kubernetes.io/component: che-code-sshd
       app.kubernetes.io/part-of: che-code-server.eclipse.org
-  - name: m2
+      controller.devfile.io/container-contribution: true
+  - name: sshd-folder
     volume: {}
diff --git a/editors-definitions/che-code-sshd-next.yaml b/editors-definitions/che-code-sshd-next.yaml
index 4e7922725..addb48b70 100644
--- a/editors-definitions/che-code-sshd-next.yaml
+++ b/editors-definitions/che-code-sshd-next.yaml
@@ -76,18 +76,26 @@ metadata:
       </defs>
       </svg>
 
+commands:
+  - id: start-sshd
+    exec:
+      component: che-code-sshd
+      commandLine: ( /sshd/sshd.start & )
+events:
+  postStart:
+    - start-sshd
 components:
-  - name: che-code-sshd
+  - name: che-code-sshd-page
     container:
       image: quay.io/che-incubator/che-code-sshd:next
-      memoryLimit: 4096Mi
-      memoryRequest: 256Mi
-      cpuLimit: 1000m
-      cpuRequest: 500m
+      memoryLimit: 256Mi
+      memoryRequest: 32Mi
+      cpuLimit: 500m
+      cpuRequest: 30m
       command:
         - sh
         - -c
-        - "nohup /entrypoint.sh & nohup /sshd.start & pushd /opt/www/ && nohup node /opt/www/server.js & tail -f /dev/null"
+        - "cp /usr/sbin/sshd /usr/bin/ssh-keygen /usr/bin/tar /usr/bin/gzip /usr/lib64/libnss_wrapper.so /usr/lib64/libpam.so.0 /usr/lib64/libeconf.so.0 /usr/lib64/libcrypt.so.2 /etc/ssh/sshd_config /sshd.start /sshd/ & while [ ! -e /sshd/username ]; do sleep 1s; done; pushd /opt/www/ && exec node /opt/www/server.js"
       endpoints:
         - name: che-code-sshd
           attributes:
@@ -99,10 +107,25 @@ components:
           secure: true
           protocol: https
       volumeMounts:
-        - name: m2
-          path: /home/user/.m2
+        - name: sshd-folder
+          path: /sshd
+    attributes:
+      app.kubernetes.io/component: che-code-sshd-page
+      app.kubernetes.io/part-of: che-code-server.eclipse.org
+  - name: che-code-sshd
+    container:
+      image: quay.io/che-incubator/che-code-sshd:next
+      memoryLimit: 4096Mi
+      memoryRequest: 256Mi
+      cpuLimit: 1000m
+      cpuRequest: 500m
+      volumeMounts:
+        - name: sshd-folder
+          path: /sshd
     attributes:
       app.kubernetes.io/component: che-code-sshd
       app.kubernetes.io/part-of: che-code-server.eclipse.org
-  - name: m2
+      controller.devfile.io/container-contribution: true
+  - name: sshd-folder
     volume: {}
+