Omit scm-username annotation from the PAT secret

[vinokurig]

What does this PR do?

Ignore the che.eclipse.org/scm-username annotation when fetching token from a PAT secret. Instead fetch the username from the isValid(<token>) request.

Screenshot/screencast of this PR

What issues does this PR fix or reference?

eclipse-che/che#22344

How to test this PR?

1. Deploy che using the PR image: quay.io/ivinokur/che-server:che-22344
2. Create a PAT of any of the supported scm providers:

• Go to dashboard -> user-preferences -> Personal Access Tokens tab and create a token but enter a random string in the username input.
• Create a PAT secret in the user namespace manually but either omit the che.eclipse.org/scm-username annotation or use a random string value

3. Create a workspace from a private repository of the used scm provider.

PR Checklist

As the author of this Pull Request I made sure that:

• The Eclipse Contributor Agreement is valid
• Code produced is complete
• Code builds without errors
• Tests are covering the bugfix
• The repository devfile is up to date and works
• Sections What issues does this PR fix or reference and How to test this PR completed
• Relevant user documentation updated
• Relevant contributing documentation updated
• CI/CD changes implemented, documented and communicated

Reviewers

Reviewers, please comment how you tested the PR when approving it.

[amisevsk]

I'm confused by the three versions of isValid in this PR -- one returns a bool, one returns a string, and one returns pair<bool, string>

[artaleks9]

/retest-required

[artaleks9]

/retest-required

[tolusha]

Tested for Azure DevOps

[artaleks9]

/retest-required

[vinokurig]

/retest

[artaleks9]

@vinokurig
Verified for GitLab.com - works properly.
But for GitHub.com - there is a problem:

• The github-with-pat-setup-flow test crashes
  with PAT configured for private GitHub repo, factory resolver doesn't return 200..
• I tried to manually set up PAT for GitHub.com and run factory - and I get an error..

[vinokurig]

Rolled back the PAT scopes validation for GitHub and GitLab, created a separate issue for that: eclipse-che/che#22381

[vinokurig]

/retest-required

[ibuziuk]

why do we pass null as an argument?

[vinokurig]

If null is passed the client fetches OAuth token:

che-server/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/server/BitbucketServerApiClient.java

Lines 30 to 38 in 1657ebb

	/**
	* @param token token to override. Pass {@code null} to use token from the authentication flow.
	* @return - Retrieve the {@link BitbucketUser} matching the supplied userSlug.
	* @throws ScmItemNotFoundException
	* @throws ScmUnauthorizedException
	* @throws ScmCommunicationException
	*/
	BitbucketUser getUser(@Nullable String token)
	throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException;

[artaleks9]

/retest-required

[artaleks9]

@vinokurig
It seems, there is a some problem with deploy Che using the last quay.io/eclipse/che-server:pr-533 image of PR:

[22:31:41] → Failed to start a pod, reason: Error, exitCode: 1
[22:31:41] Eclipse Che Server pod bootstrap [failed]
[22:31:41] → Failed to start a pod, reason: Error, exitCode: 1
[22:31:41] Wait for Eclipse Che ready [failed]
[22:31:41] → Failed to start a pod, reason: Error, exitCode: 1
    Error: Command server:deploy failed with the error: Failed to start a pod,

I tried to install Che manually, but got the error with start che-server pod, here is the che-pod log:

Using custom assembly from /home/user/eclipse-che
Found a custom cert. Adding it to java trust store /home/user/cacerts based on /usr/lib/jvm/jre/lib/security/cacerts
Exception in thread "main" java.lang.Error: java.io.FileNotFoundException: /usr/lib/jvm/java-11-openjdk-11.0.20.0.8-2.el8.x86_64/lib/tzdb.dat (No such file or directory)
	at java.base/sun.util.calendar.ZoneInfoFile$1.run(ZoneInfoFile.java:261)
	at java.base/sun.util.calendar.ZoneInfoFile$1.run(ZoneInfoFile.java:251)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/sun.util.calendar.ZoneInfoFile.<clinit>(ZoneInfoFile.java:251)
	at java.base/sun.util.calendar.ZoneInfo.getTimeZone(ZoneInfo.java:588)
	at java.base/java.util.TimeZone.getTimeZone(TimeZone.java:577)
	at java.base/java.util.TimeZone.setDefaultZone(TimeZone.java:682)
	at java.base/java.util.TimeZone.getDefaultRef(TimeZone.java:653)
	at java.base/java.util.Date.normalize(Date.java:1198)
	at java.base/java.util.Date.toString(Date.java:1031)
	at java.base/sun.security.tools.keytool.Main.printX509Cert(Main.java:3537)
	at java.base/sun.security.tools.keytool.Main.addTrustedCert(Main.java:3317)
	at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:1222)
	at java.base/sun.security.tools.keytool.Main.run(Main.java:421)
	at java.base/sun.security.tools.keytool.Main.main(Main.java:414)
Caused by: java.io.FileNotFoundException: /usr/lib/jvm/java-11-openjdk-11.0.20.0.8-2.el8.x86_64/lib/tzdb.dat (No such file or directory)
	at java.base/java.io.FileInputStream.open0(Native Method)
	at java.base/java.io.FileInputStream.open(FileInputStream.java:219)
	at java.base/java.io.FileInputStream.<init>(FileInputStream.java:157)
	at java.base/sun.util.calendar.ZoneInfoFile$1.run(ZoneInfoFile.java:255)
	... 14 more

[devstudio-release]

Build 3.8 :: update-digests_3.8/132: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: operator-bundle_3.8/56: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: sync-to-downstream_3.8/67: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: get-sources-rhpkg-container-build_3.8/65: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: push-latest-container-to-quay_3.8/62: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: get-sources-rhpkg-container-build_3.8/65:

devspaces-operator-bundle : 3.8 :: Build 54189424 : quay.io/devspaces/devspaces-operator-bundle:3.8-45
SUCCESS; copied to quay; /DS_CI/push-latest-container-to-quay_3.8/62 triggered;

Bundle CSV related images:
- quay.io/devspaces/code-rhel8:3.8-24
- quay.io/devspaces/configbump-rhel8:3.8-10
- quay.io/devspaces/dashboard-rhel8:3.8-9
- quay.io/devspaces/devfileregistry-rhel8:3.8-18
- quay.io/devspaces/devspaces-rhel8-operator:3.8-12
- quay.io/devspaces/idea-rhel8:3.8-5
- quay.io/devspaces/pluginregistry-rhel8:3.8-13
- quay.io/devspaces/server-rhel8:3.8-13
- quay.io/devspaces/traefik-rhel8:3.8-11
- quay.io/devspaces/udi-rhel8:3.8-25
= registry.redhat.io/openshift4/ose-kube-rbac-proxy:v4.12.0-202307170916.p0.g94f3fde.assembly.stream
= registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0-202307071529.p0.g03e5b13.assembly.stream
= registry.redhat.io/rhscl/mongodb-36-rhel7:1-50
= registry.redhat.io/ubi8/ubi-minimal:8.8-1014

[devstudio-release]

Build 3.8 :: sync-to-downstream_3.8/67:

Build container: devspaces-operator-bundle synced; /DS_CI/get-sources-rhpkg-container-build_3.8/65 triggered; /job/DS_CI/job/dsc_3.8 triggered;

[devstudio-release]

Build 3.8 :: operator-bundle_3.8/56:

Upstream sync done; /DS_CI/sync-to-downstream_3.8/67 triggered

[devstudio-release]

Build 3.8 :: copyIIBsToQuay/1552: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: dsc_3.8/15: Console, Changes, Git Data

[devstudio-release]

Build 3.8 :: update-digests_3.8/132:

Detected new images: rebuild operator-bundle
* server; /DS_CI/operator-bundle_3.8/56 triggered

[devstudio-release]

Build 3.8 :: dsc_3.8/15:

3.8.0 CI

[devstudio-release]

Build 3.9 :: server_3.x/190: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: sync-to-downstream_3.x/3821: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: get-sources-rhpkg-container-build_3.x/3668: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: push-latest-container-to-quay_3.x/2766: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: get-sources-rhpkg-container-build_3.x/3668:

server : 3.x :: Build 54279780 : quay.io/devspaces/server-rhel8:3.9-4
SUCCESS; copied to quay; /DS_CI/push-latest-container-to-quay_3.x/2766 triggered

[devstudio-release]

Build 3.9 :: server_3.x/190:

Upstream sync done; /DS_CI/sync-to-downstream_3.x/3821 triggered

[devstudio-release]

Build 3.9 :: update-digests_3.x/3785: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: operator-bundle_3.x/1630: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: sync-to-downstream_3.x/3827: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: get-sources-rhpkg-container-build_3.x/3678: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: push-latest-container-to-quay_3.x/2774: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: copyIIBsToQuay/1563: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: get-sources-rhpkg-container-build_3.x/3678:

devspaces-operator-bundle : 3.x :: Build 54280151 : quay.io/devspaces/devspaces-operator-bundle:3.9-8
SUCCESS; copied to quay; /DS_CI/push-latest-container-to-quay_3.x/2774 triggered;

Bundle CSV related images:
- quay.io/devspaces/code-rhel8:3.9-1
- quay.io/devspaces/configbump-rhel8:3.9-5
- quay.io/devspaces/dashboard-rhel8:3.9-2
- quay.io/devspaces/devfileregistry-rhel8:3.9-6
- quay.io/devspaces/devspaces-rhel8-operator:3.9-5
- quay.io/devspaces/idea-rhel8:3.9-2
- quay.io/devspaces/pluginregistry-rhel8:3.9-6
- quay.io/devspaces/server-rhel8:3.9-4
- quay.io/devspaces/traefik-rhel8:3.9-3
- quay.io/devspaces/udi-rhel8:3.9-3
= registry.redhat.io/openshift4/ose-kube-rbac-proxy:v4.12.0-202307170916.p0.g94f3fde.assembly.stream
= registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0-202307071529.p0.g03e5b13.assembly.stream
= registry.redhat.io/rhscl/mongodb-36-rhel7:1-50
= registry.redhat.io/ubi8/ubi-minimal:8.8-1014

[devstudio-release]

Build 3.9 :: sync-to-downstream_3.x/3827:

Build container: devspaces-operator-bundle synced; /DS_CI/get-sources-rhpkg-container-build_3.x/3678 triggered; /job/DS_CI/job/dsc_3.x triggered;

[devstudio-release]

Build 3.9 :: operator-bundle_3.x/1630:

Upstream sync done; /DS_CI/sync-to-downstream_3.x/3827 triggered

[devstudio-release]

Build 3.9 :: dsc_3.x/1055: Console, Changes, Git Data

[devstudio-release]

Build 3.9 :: update-digests_3.x/3785:

Detected new images: rebuild operator-bundle
* configbump
* devfileregistry
* devspaces-operator
* machineexec
* pluginregistry
* server
* traefik
* udi; /DS_CI/operator-bundle_3.x/1630 triggered

[devstudio-release]

Build 3.9 :: copyIIBsToQuay/1563:

3.9
arches = x86_64, s390x, ppc64le;
  * LATEST DS OPERATOR BUNDLE = <a href=https://quay.io/repository/devspaces/devspaces-operator-bundle?tab=tags>registry-proxy.engineering.redhat.com/rh-osbs/devspaces-operator-bundle:3.9-8
  * LATEST DWO OPERATOR BUNDLE = <a href=https://quay.io/repository/devworkspace/devworkspace-operator-bundle?tab=tags>registry-proxy.engineering.redhat.com/rh-osbs/devworkspace-operator-bundle:0.21-7
+ s390x-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.9-v4.14-544362-533291-s390x
  + quay.io/devspaces/iib:3.9-v4.14-s390x
  + quay.io/devspaces/iib:next-v4.14-s390x
  + quay.io/devspaces/iib:3.9-v4.13-545208-533286-s390x
  + quay.io/devspaces/iib:3.9-v4.13-s390x
  + quay.io/devspaces/iib:next-v4.13-s390x
  + quay.io/devspaces/iib:3.9-v4.12-545205-533281-s390x
  + quay.io/devspaces/iib:3.9-v4.12-s390x
  + quay.io/devspaces/iib:next-v4.12-s390x
  + quay.io/devspaces/iib:3.9-v4.11-545204-533277-s390x
  + quay.io/devspaces/iib:3.9-v4.11-s390x
  + quay.io/devspaces/iib:next-v4.11-s390x
  + quay.io/devspaces/iib:3.9-v4.10-545203-533276-s390x
  + quay.io/devspaces/iib:3.9-v4.10-s390x
  + quay.io/devspaces/iib:next-v4.10-s390x
+ ppc64le-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.9-v4.14-544362-533291-ppc64le
  + quay.io/devspaces/iib:3.9-v4.14-ppc64le
  + quay.io/devspaces/iib:next-v4.14-ppc64le
  + quay.io/devspaces/iib:3.9-v4.13-545208-533286-ppc64le
  + quay.io/devspaces/iib:3.9-v4.13-ppc64le
  + quay.io/devspaces/iib:next-v4.13-ppc64le
  + quay.io/devspaces/iib:3.9-v4.12-545205-533281-ppc64le
  + quay.io/devspaces/iib:3.9-v4.12-ppc64le
  + quay.io/devspaces/iib:next-v4.12-ppc64le
  + quay.io/devspaces/iib:3.9-v4.11-545204-533277-ppc64le
  + quay.io/devspaces/iib:3.9-v4.11-ppc64le
  + quay.io/devspaces/iib:next-v4.11-ppc64le
  + quay.io/devspaces/iib:3.9-v4.10-545203-533276-ppc64le
  + quay.io/devspaces/iib:3.9-v4.10-ppc64le
  + quay.io/devspaces/iib:next-v4.10-ppc64le
+ x86_64-rhel8 IIB(s) copied:
  + quay.io/devspaces/iib:3.9-v4.14-544362-533291-x86_64
  + quay.io/devspaces/iib:3.9-v4.14-x86_64
  + quay.io/devspaces/iib:next-v4.14-x86_64
  + quay.io/devspaces/iib:3.9-v4.13-545208-533286-x86_64
  + quay.io/devspaces/iib:3.9-v4.13-x86_64
  + quay.io/devspaces/iib:next-v4.13-x86_64
  + quay.io/devspaces/iib:3.9-v4.12-545205-533281-x86_64
  + quay.io/devspaces/iib:3.9-v4.12-x86_64
  + quay.io/devspaces/iib:next-v4.12-x86_64
  + quay.io/devspaces/iib:3.9-v4.11-545204-533277-x86_64
  + quay.io/devspaces/iib:3.9-v4.11-x86_64
  + quay.io/devspaces/iib:next-v4.11-x86_64
  + quay.io/devspaces/iib:3.9-v4.10-545203-533276-x86_64
  + quay.io/devspaces/iib:3.9-v4.10-x86_64
  + quay.io/devspaces/iib:next-v4.10-x86_64