feat: Add a CheCluster property to avoid automatic creation of users … (#1508)
* feat: Add a CheCluster property to avoid automatic creation of users namespaces Signed-off-by: Anatolii Bazko <abazko@redhat.com>pull/1511/head
Anatolii Bazko
GitHub
parent
ed352c9864
commit
24f0db2417
|
|
@ -377,6 +377,7 @@ func TestConvertFrom(t *testing.T) {
|
|||
DevEnvironments: chev2.CheClusterDevEnvironments{
|
||||
DefaultNamespace: chev2.DefaultNamespace{
|
||||
Template: "WorkspaceNamespaceName",
|
||||
AutoProvision: pointer.BoolPtr(true),
|
||||
},
|
||||
TrustedCerts: &chev2.TrustedCerts{
|
||||
GitTrustedCertsConfigMapName: "che-git-self-signed-cert",
|
||||
|
|
@ -545,6 +546,7 @@ func TestConvertFrom(t *testing.T) {
|
|||
assert.Equal(t, checlusterv1.Spec.Server.SingleHostGatewayConfigSidecarImage, "ConfigSidecarImage")
|
||||
assert.Equal(t, checlusterv1.Spec.Server.SingleHostGatewayImage, "GatewayImage")
|
||||
assert.Equal(t, checlusterv1.Spec.Server.WorkspaceNamespaceDefault, "WorkspaceNamespaceName")
|
||||
assert.Equal(t, checlusterv1.Spec.Server.AllowAutoProvisionUserNamespace, pointer.BoolPtr(true))
|
||||
assert.Equal(t, checlusterv1.Spec.Server.WorkspaceDefaultEditor, "DefaultEditor")
|
||||
assert.Equal(t, checlusterv1.Spec.Server.WorkspaceDefaultComponents, []devfile.Component{{Name: "universal-developer-image"}})
|
||||
assert.Equal(t, checlusterv1.Spec.Server.WorkspacePodNodeSelector, map[string]string{"a": "b", "c": "d"})
|
||||
|
|
|
|||
|
|
@ -163,6 +163,7 @@ func TestConvertTo(t *testing.T) {
|
|||
CheClusterRoles: "CheClusterRoles_1,CheClusterRoles_2",
|
||||
CheWorkspaceClusterRole: "CheWorkspaceClusterRole",
|
||||
WorkspaceNamespaceDefault: "WorkspaceNamespaceDefault",
|
||||
AllowAutoProvisionUserNamespace: pointer.BoolPtr(true),
|
||||
WorkspaceDefaultEditor: "WorkspaceDefaultEditor",
|
||||
WorkspaceDefaultComponents: []devfile.Component{
|
||||
{
|
||||
|
|
@ -414,6 +415,7 @@ func TestConvertTo(t *testing.T) {
|
|||
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.TrustedCerts.GitTrustedCertsConfigMapName, "che-git-self-signed-cert")
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.DefaultNamespace.Template, "WorkspaceNamespaceDefault")
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.DefaultNamespace.AutoProvision, pointer.BoolPtr(true))
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.DefaultEditor, "WorkspaceDefaultEditor")
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.DefaultComponents, []devfile.Component{{Name: "universal-developer-image"}})
|
||||
assert.Equal(t, checlusterv2.Spec.DevEnvironments.NodeSelector, map[string]string{"a": "b", "c": "d"})
|
||||
|
|
|
|||
|
|
@ -89,6 +89,7 @@ func (dst *CheCluster) convertFrom_Server(src *chev2.CheCluster) error {
|
|||
dst.Spec.Server.NonProxyHosts = strings.Join(src.Spec.Components.CheServer.Proxy.NonProxyHosts, "|")
|
||||
dst.Spec.Server.ProxySecret = src.Spec.Components.CheServer.Proxy.CredentialsSecretName
|
||||
}
|
||||
dst.Spec.Server.AllowAutoProvisionUserNamespace = src.Spec.DevEnvironments.DefaultNamespace.AutoProvision
|
||||
dst.Spec.Server.WorkspaceNamespaceDefault = src.Spec.DevEnvironments.DefaultNamespace.Template
|
||||
dst.Spec.Server.WorkspacePodNodeSelector = utils.CloneMap(src.Spec.DevEnvironments.NodeSelector)
|
||||
|
||||
|
|
|
|||
|
|
@ -112,6 +112,7 @@ func (src *CheCluster) convertTo_DevEnvironments(dst *chev2.CheCluster) error {
|
|||
}
|
||||
|
||||
dst.Spec.DevEnvironments.DefaultNamespace.Template = src.Spec.Server.WorkspaceNamespaceDefault
|
||||
dst.Spec.DevEnvironments.DefaultNamespace.AutoProvision = src.Spec.Server.AllowAutoProvisionUserNamespace
|
||||
dst.Spec.DevEnvironments.NodeSelector = utils.CloneMap(src.Spec.Server.WorkspacePodNodeSelector)
|
||||
|
||||
for _, v := range src.Spec.Server.WorkspacePodTolerations {
|
||||
|
|
|
|||
|
|
@ -136,6 +136,10 @@ type CheClusterSpecServer struct {
|
|||
// +optional
|
||||
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:com.tectonic.ui:hidden"
|
||||
AllowUserDefinedWorkspaceNamespaces bool `json:"allowUserDefinedWorkspaceNamespaces"`
|
||||
// Indicates if is allowed to automatically create a user namespace.
|
||||
// If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
// +optional
|
||||
AllowAutoProvisionUserNamespace *bool `json:"allowAutoProvisionUserNamespace,omitempty"`
|
||||
// Deprecated. The value of this flag is ignored.
|
||||
// The Che Operator will automatically detect whether the router certificate is self-signed and propagate it to other components, such as the Che server.
|
||||
// +optional
|
||||
|
|
|
|||
|
|
@ -286,6 +286,11 @@ func (in *CheClusterSpecMetrics) DeepCopy() *CheClusterSpecMetrics {
|
|||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *CheClusterSpecServer) DeepCopyInto(out *CheClusterSpecServer) {
|
||||
*out = *in
|
||||
if in.AllowAutoProvisionUserNamespace != nil {
|
||||
in, out := &in.AllowAutoProvisionUserNamespace, &out.AllowAutoProvisionUserNamespace
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
if in.DisableInternalClusterSVCNames != nil {
|
||||
in, out := &in.DisableInternalClusterSVCNames, &out.DisableInternalClusterSVCNames
|
||||
*out = new(bool)
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ type CheClusterSpec struct {
|
|||
// +optional
|
||||
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=1
|
||||
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Development environments"
|
||||
// +kubebuilder:default:={defaultComponents: {{name: universal-developer-image, container: {image: "quay.io/devfile/universal-developer-image:ubi8-38da5c2"}}}, defaultEditor: eclipse/che-theia/latest, storage: {pvcStrategy: per-user}, defaultNamespace: {template: <username>-che}, secondsOfInactivityBeforeIdling:1800, secondsOfRunBeforeIdling:-1}
|
||||
// +kubebuilder:default:={defaultComponents: {{name: universal-developer-image, container: {image: "quay.io/devfile/universal-developer-image:ubi8-38da5c2"}}}, defaultEditor: eclipse/che-theia/latest, storage: {pvcStrategy: per-user}, defaultNamespace: {template: <username>-che, autoProvision: true}, secondsOfInactivityBeforeIdling:1800, secondsOfRunBeforeIdling:-1}
|
||||
DevEnvironments CheClusterDevEnvironments `json:"devEnvironments"`
|
||||
// Che components configuration.
|
||||
// +optional
|
||||
|
|
@ -76,7 +76,7 @@ type CheClusterDevEnvironments struct {
|
|||
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
|
||||
// User's default namespace.
|
||||
// +optional
|
||||
// +kubebuilder:default:={template: <username>-che}
|
||||
// +kubebuilder:default:={template: <username>-che, autoProvision: true}
|
||||
DefaultNamespace DefaultNamespace `json:"defaultNamespace,omitempty"`
|
||||
// Trusted certificate settings.
|
||||
// +optional
|
||||
|
|
@ -347,6 +347,11 @@ type DefaultNamespace struct {
|
|||
// +kubebuilder:default:=<username>-che
|
||||
// +kubebuilder:validation:Pattern=<username>|<userid>
|
||||
Template string `json:"template,omitempty"`
|
||||
// Indicates if is allowed to automatically create a user namespace.
|
||||
// If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
// +optional
|
||||
// +kubebuilder:default:=true
|
||||
AutoProvision *bool `json:"autoProvision,omitempty"`
|
||||
}
|
||||
|
||||
type DashboardHeaderMessage struct {
|
||||
|
|
|
|||
|
|
@ -138,7 +138,7 @@ func (in *CheClusterDevEnvironments) DeepCopyInto(out *CheClusterDevEnvironments
|
|||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
}
|
||||
out.DefaultNamespace = in.DefaultNamespace
|
||||
in.DefaultNamespace.DeepCopyInto(&out.DefaultNamespace)
|
||||
if in.TrustedCerts != nil {
|
||||
in, out := &in.TrustedCerts, &out.TrustedCerts
|
||||
*out = new(TrustedCerts)
|
||||
|
|
@ -406,6 +406,11 @@ func (in *Database) DeepCopy() *Database {
|
|||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DefaultNamespace) DeepCopyInto(out *DefaultNamespace) {
|
||||
*out = *in
|
||||
if in.AutoProvision != nil {
|
||||
in, out := &in.AutoProvision, &out.AutoProvision
|
||||
*out = new(bool)
|
||||
**out = **in
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultNamespace.
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ metadata:
|
|||
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
|
||||
repository: https://github.com/eclipse-che/che-operator
|
||||
support: Eclipse Foundation
|
||||
name: eclipse-che-preview-openshift.v7.53.0-666.next
|
||||
name: eclipse-che-preview-openshift.v7.53.0-670.next
|
||||
namespace: placeholder
|
||||
spec:
|
||||
apiservicedefinitions: {}
|
||||
|
|
@ -1389,7 +1389,7 @@ spec:
|
|||
maturity: stable
|
||||
provider:
|
||||
name: Eclipse Foundation
|
||||
version: 7.53.0-666.next
|
||||
version: 7.53.0-670.next
|
||||
webhookdefinitions:
|
||||
- admissionReviewVersions:
|
||||
- v1
|
||||
|
|
|
|||
|
|
@ -1266,6 +1266,11 @@ spec:
|
|||
images involved in a Che deployment. This is particularly
|
||||
useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create
|
||||
a user namespace. If it set to false, then user namespace
|
||||
must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored.
|
||||
Defines that a user is allowed to specify a Kubernetes namespace,
|
||||
|
|
@ -5540,6 +5545,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -7060,9 +7066,16 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create
|
||||
a user namespace. If it set to false, then user namespace
|
||||
must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in
|
||||
|
|
|
|||
|
|
@ -1225,6 +1225,11 @@ spec:
|
|||
involved in a Che deployment. This is particularly useful to
|
||||
install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a
|
||||
user namespace. If it set to false, then user namespace must
|
||||
be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines
|
||||
that a user is allowed to specify a Kubernetes namespace, or
|
||||
|
|
@ -5397,6 +5402,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -6867,9 +6873,16 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create
|
||||
a user namespace. If it set to false, then user namespace
|
||||
must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance,
|
||||
|
|
|
|||
|
|
@ -841,6 +841,9 @@ spec:
|
|||
airGapContainerRegistryOrganization:
|
||||
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
|
||||
type: boolean
|
||||
|
|
@ -3706,6 +3709,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -4642,9 +4646,14 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
|
||||
|
|
|
|||
|
|
@ -836,6 +836,9 @@ spec:
|
|||
airGapContainerRegistryOrganization:
|
||||
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
|
||||
type: boolean
|
||||
|
|
@ -3701,6 +3704,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -4637,9 +4641,14 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
|
||||
|
|
|
|||
|
|
@ -841,6 +841,9 @@ spec:
|
|||
airGapContainerRegistryOrganization:
|
||||
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
|
||||
type: boolean
|
||||
|
|
@ -3706,6 +3709,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -4642,9 +4646,14 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
|
||||
|
|
|
|||
|
|
@ -836,6 +836,9 @@ spec:
|
|||
airGapContainerRegistryOrganization:
|
||||
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
|
||||
type: boolean
|
||||
|
|
@ -3701,6 +3704,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -4637,9 +4641,14 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
|
||||
|
|
|
|||
|
|
@ -836,6 +836,9 @@ spec:
|
|||
airGapContainerRegistryOrganization:
|
||||
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
|
||||
type: string
|
||||
allowAutoProvisionUserNamespace:
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
allowUserDefinedWorkspaceNamespaces:
|
||||
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
|
||||
type: boolean
|
||||
|
|
@ -3701,6 +3704,7 @@ spec:
|
|||
name: universal-developer-image
|
||||
defaultEditor: eclipse/che-theia/latest
|
||||
defaultNamespace:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
secondsOfInactivityBeforeIdling: 1800
|
||||
secondsOfRunBeforeIdling: -1
|
||||
|
|
@ -4637,9 +4641,14 @@ spec:
|
|||
type: string
|
||||
defaultNamespace:
|
||||
default:
|
||||
autoProvision: true
|
||||
template: <username>-che
|
||||
description: User's default namespace.
|
||||
properties:
|
||||
autoProvision:
|
||||
default: true
|
||||
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
|
||||
type: boolean
|
||||
template:
|
||||
default: <username>-che
|
||||
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
|
||||
|
|
|
|||
|
|
@ -101,6 +101,7 @@ const (
|
|||
DefaultPvcStorageStrategy = "per-user"
|
||||
PerWorkspacePVCStorageStrategy = "per-workspace"
|
||||
CommonPVCStorageStrategy = "common"
|
||||
DefaultAutoProvision = true
|
||||
DefaultWorkspaceJavaOpts = "-XX:MaxRAM=150m -XX:MaxRAMFraction=2 -XX:+UseParallelGC " +
|
||||
"-XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 " +
|
||||
"-Dsun.zip.disableMemoryMapping=true " +
|
||||
|
|
|
|||
|
|
@ -55,6 +55,7 @@ type CheConfigMap struct {
|
|||
CheInfraKubernetesServiceAccountName string `json:"CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME"`
|
||||
CheInfraKubernetesUserClusterRoles string `json:"CHE_INFRA_KUBERNETES_USER__CLUSTER__ROLES"`
|
||||
DefaultTargetNamespace string `json:"CHE_INFRA_KUBERNETES_NAMESPACE_DEFAULT"`
|
||||
NamespaceCreationAllowed string `json:"CHE_INFRA_KUBERNETES_NAMESPACE_CREATION__ALLOWED"`
|
||||
PvcStrategy string `json:"CHE_INFRA_KUBERNETES_PVC_STRATEGY"`
|
||||
PvcClaimSize string `json:"CHE_INFRA_KUBERNETES_PVC_QUANTITY"`
|
||||
WorkspacePvcStorageClassName string `json:"CHE_INFRA_KUBERNETES_PVC_STORAGE__CLASS__NAME"`
|
||||
|
|
@ -171,6 +172,10 @@ func (s *CheServerReconciler) getCheConfigMapData(ctx *chetypes.DeployContext) (
|
|||
|
||||
}
|
||||
workspaceNamespaceDefault := ctx.CheCluster.GetDefaultNamespace()
|
||||
namespaceCreationAllowed := strconv.FormatBool(constants.DefaultAutoProvision)
|
||||
if ctx.CheCluster.Spec.DevEnvironments.DefaultNamespace.AutoProvision != nil {
|
||||
namespaceCreationAllowed = strconv.FormatBool(*ctx.CheCluster.Spec.DevEnvironments.DefaultNamespace.AutoProvision)
|
||||
}
|
||||
|
||||
cheAPI := "https://" + ctx.CheHost + "/api"
|
||||
var pluginRegistryInternalURL, devfileRegistryInternalURL string
|
||||
|
|
@ -203,6 +208,7 @@ func (s *CheServerReconciler) getCheConfigMapData(ctx *chetypes.DeployContext) (
|
|||
CheInfraKubernetesServiceAccountName: cheWorkspaceServiceAccount,
|
||||
CheInfraKubernetesUserClusterRoles: cheUserClusterRoleNames,
|
||||
DefaultTargetNamespace: workspaceNamespaceDefault,
|
||||
NamespaceCreationAllowed: namespaceCreationAllowed,
|
||||
TlsSupport: "true",
|
||||
K8STrustCerts: "true",
|
||||
CheLogLevel: cheLogLevel,
|
||||
|
|
|
|||
Loading…
Reference in New Issue