Prepare your workstation
------------------------

TODO: tidy and flesh out.

The theory of devcontainers is that you don't need to set up your development
environment on your workstation. However, there are some things that you will
need to do once only to get started.

- Install podman 4.2 or higher OR install a recent version of Docker
- Install vscode 1.73 or newer
- Optionally install autossh, a socks proxy to communicate with your
  kubernetes cluster if it is not directly accessible from your workstation
  (e.g. working from home)
- make sure you have a kubectl configuration set up in $HOME/.kube/config
  that points to your kubernetes cluster

The following script can be used to launch a socks proxy once you
have installed autossh::

    #!/bin/bash
    if pgrep autossh; then
    echo "autossh is already running"
    else
    echo "Starting autossh"
    nohup autossh -N -D9090 -o ServerAliveInterval=10 auser@ssh.diamond.ac.uk > /tmp/autossh.log &
    fi

After installing podman make sure that the file
${HOME}/.config/containers/storage.conf specifies the overlay storage driver::

    [storage]
        driver = "overlay"
    [storage.options]
        mount_program = "/bin/fuse-overlayfs"

DLS users that want to connect to our pollux cluster can create a
.kube/config file that looks like this::

    ########################## EXAMPLE #############################################
    apiVersion: v1
    clusters:
    - cluster:
        certificate-authority: /home/USER/.kube/pollux_ca.crt
        server: https://api.pollux.diamond.ac.uk:6443
        proxy-url: socks5://localhost:9090
        name: pollux
    contexts:
    - context:
        cluster: pollux
        user: cluster-user
        namespace: bl45p
        name: cluster-user@pollux
    current-context: cluster-user@pollux
    kind: Config
    preferences: {}
    users:
    - name: cluster-user
        user:
        exec:
            apiVersion: client.authentication.k8s.io/v1beta1
            command: kubectl
            args:
            - oidc-login
            - get-token
            - --oidc-issuer-url=https://pollux-keycloak.diamond.ac.uk/auth/realms/diamond
            - --oidc-client-id=kubernetes
            - --oidc-client-secret=REDACTED
            - --grant-type=password
            - --token-cache-dir=/home/giles/.kube/cache/pollux/oidc-login

To make this work you would also need to copy from:

/dls_sw/apps/kubernetes/pollux/ca.crt

to:
pollux_ca.crt

(and replace 'USER' with your username above)