Mario Loriedo

A possible solution to investigate here are AWS Short Lived Credentials: - https://github.com/openshift/cloud-credential-operator/blob/master/docs/sts.md - https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html

@AObuchow I am not able to override the security context even if I set `devEnvironments.DisableContainerBuildCapabilities: true`. My final goal is to be able to run privileged containers (in a kata-containers...

Closing as I am not able to reproduce. Thanks @AObuchow for your help.

Looks like a dex problem. @tolusha any clue?

Can you please check on what version of the DWO it is reproducible?

Opened this issue to discuss UX improvement when the workspace is restarted.

> We could work around this by always mounting a (potentially empty) merged-git-credentials secret that is only updated with new credentials secrets. This would mean the workspace isn't restarted when...

Ok, so one way to address that would be that Che creates an empty secret: ```yaml kind: Secret apiVersion: v1 metadata: name: git-credentials-secret labels: controller.devfile.io/git-credential: 'true' controller.devfile.io/watch-secret: 'true' type: Opaque...

@RomanNikitenko @amisevsk I have updated the title of this issue as, if I understand correctly, it happens only when the `git-credential` secret doesn't exist.

> added the helper extension to interact with DevWorkspace. It may be used by the custom extensions which need to work with DevWorkspace directly Is the helper related to the...