Skip to content

Commit 38203bd

Browse files
authored
docs(agents): add cluster testing guidelines to AGENTS.md (#1598)
Document the build pipeline quirks that affect anyone deploying a patched dashboard image to a cluster: - Compile TypeScript before building the Docker image (lib/ is copied, not src/) - Always build multiarch (amd64+arm64) to avoid arch mismatch failures - Use a fresh image tag or imagePullPolicy=Always to avoid stale node cache - Patch the CheCluster CR instead of the Deployment directly, as the operator silently reverts direct Deployment patches - Do not delegate Docker/cluster commands to background agents Assisted-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Oleksii Kurinnyi <okurinny@redhat.com>
1 parent 08039c1 commit 38203bd

1 file changed

Lines changed: 57 additions & 0 deletions

File tree

AGENTS.md

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,63 @@ yarn lint:fix
112112
- **No skipping**: All three steps are mandatory for every surgical change
113113
- **Fix immediately**: Do not defer fixing test, format, or lint failures
114114

115+
## Testing Changes on a Cluster
116+
117+
### MANDATORY: Compile TypeScript before building the Docker image
118+
119+
The Dockerfile (`build/dockerfiles/skaffold.Dockerfile`) copies **compiled artifacts** from `lib/`, not the TypeScript source. Editing `.ts` files and running the Docker build without compiling first silently produces an image with stale code — no error is raised.
120+
121+
Always compile the changed package before building:
122+
123+
```bash
124+
# Backend changes
125+
yarn workspace @eclipse-che/dashboard-backend build
126+
127+
# Frontend changes
128+
yarn workspace @eclipse-che/dashboard-frontend build
129+
130+
# Both
131+
yarn build
132+
```
133+
134+
Then build and push the image using `run/build-multiarch.sh`. Always build for **both** `linux/amd64` and `linux/arm64` — a single-arch image will fail on nodes with a different architecture:
135+
136+
```bash
137+
export IMAGE_REGISTRY_HOST=<your-registry-host> # e.g. quay.io, ghcr.io, your private registry
138+
export IMAGE_REGISTRY_USER_NAME=<your-username-or-org>
139+
export PLATFORMS=linux/amd64,linux/arm64
140+
./run/build-multiarch.sh
141+
```
142+
143+
Use `run/patch.sh` to update the dashboard image on the cluster after pushing.
144+
145+
### Use a unique image tag when iterating
146+
147+
If you push a new build under an existing tag, nodes with `imagePullPolicy: IfNotPresent` (the default) will silently reuse the cached image. Deleting a pod does **not** force a fresh pull from the registry — the node cache persists.
148+
149+
Either:
150+
- Use a fresh unique tag per build (e.g., append a timestamp or iteration counter), **or**
151+
- Set `imagePullPolicy: Always` in the operator CR before deploying (see below)
152+
153+
### Patch the CheCluster CR, not the Deployment directly
154+
155+
The dashboard Deployment (named `devspaces-dashboard` or `che-dashboard` depending on the product) is managed by the CheCluster operator. Any direct `kubectl/oc patch deploy` is silently reverted within seconds by the operator's reconcile loop.
156+
157+
All spec changes — image, imagePullPolicy, env vars — must go through the CheCluster CR. Use `run/patch.sh` for the common case of updating the image alone. For other changes such as `imagePullPolicy`, patch the CR directly:
158+
159+
```bash
160+
# Find the CheCluster CR name and namespace first:
161+
kubectl get checluster --all-namespaces
162+
163+
# Then patch — adjust CR name, namespace, and container name to match your deployment:
164+
kubectl patch checluster <cr-name> -n <namespace> --type=json \
165+
-p='[{"op":"replace","path":"/spec/components/dashboard/deployment/containers/0","value":{"name":"che-dashboard","image":"<image>","imagePullPolicy":"Always"}}]'
166+
```
167+
168+
### Do not use background agents for Docker or cluster commands
169+
170+
Background agents cannot respond to interactive `dangerouslyDisableSandbox` permission prompts. Docker builds, `kubectl`, and `oc` commands that need sandbox bypass must be run directly in the main session, not delegated to a background agent.
171+
115172
## Red Hat Compliance and Responsible AI Rules
116173

117174
See `./redhat-compliance-and-responsible-ai.md`.

0 commit comments

Comments
 (0)