From 32974f029ee66275cf1fa4c49cc6e7ae2c621f23 Mon Sep 17 00:00:00 2001
From: Anatolii Bazko <abazko@redhat.com>
Date: Wed, 17 Apr 2024 15:22:41 +0200
Subject: [PATCH] feat: Configure probes for che-gateway containers (#1825)

* feat: Configure probes for che-gateway containers

Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---
 .../che-operator.clusterserviceversion.yaml   |  4 +-
 pkg/deploy/gateway/gateway.go                 | 58 +++++++++++++++++++
 pkg/deploy/gateway/kube_rbac_proxy.go         | 36 ++++++++++++
 pkg/deploy/gateway/oauth_proxy.go             | 48 ++++++++++++++-
 4 files changed, 141 insertions(+), 5 deletions(-)

diff --git a/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml b/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml
index c40872474..1e177942c 100644
--- a/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml
+++ b/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml
@@ -100,7 +100,7 @@ metadata:
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/eclipse-che/che-operator
     support: Eclipse Foundation
-  name: eclipse-che.v7.84.0-862.next
+  name: eclipse-che.v7.85.0-863.next
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1032,7 +1032,7 @@ spec:
   minKubeVersion: 1.19.0
   provider:
     name: Eclipse Foundation
-  version: 7.84.0-862.next
+  version: 7.85.0-863.next
   webhookdefinitions:
     - admissionReviewVersions:
         - v1
diff --git a/pkg/deploy/gateway/gateway.go b/pkg/deploy/gateway/gateway.go
index 772416126..4f0efa3c8 100644
--- a/pkg/deploy/gateway/gateway.go
+++ b/pkg/deploy/gateway/gateway.go
@@ -491,6 +491,40 @@ func getContainersSpec(ctx *chetypes.DeployContext) []corev1.Container {
 					corev1.ResourceCPU:    resource.MustParse("0.1"),
 				},
 			},
+			ReadinessProbe: &corev1.Probe{
+				ProbeHandler: corev1.ProbeHandler{
+					HTTPGet: &corev1.HTTPGetAction{
+						Path: "/ping",
+						Port: intstr.IntOrString{
+							Type:   intstr.Int,
+							IntVal: int32(8090),
+						},
+						Scheme: corev1.URISchemeHTTP,
+					},
+				},
+				InitialDelaySeconds: 5,
+				TimeoutSeconds:      5,
+				PeriodSeconds:       5,
+				SuccessThreshold:    1,
+				FailureThreshold:    5,
+			},
+			LivenessProbe: &corev1.Probe{
+				ProbeHandler: corev1.ProbeHandler{
+					HTTPGet: &corev1.HTTPGetAction{
+						Path: "/ping",
+						Port: intstr.IntOrString{
+							Type:   intstr.Int,
+							IntVal: int32(8090),
+						},
+						Scheme: corev1.URISchemeHTTP,
+					},
+				},
+				InitialDelaySeconds: 15,
+				TimeoutSeconds:      5,
+				PeriodSeconds:       5,
+				SuccessThreshold:    1,
+				FailureThreshold:    5,
+			},
 		},
 		{
 			Name:            "configbump",
@@ -531,6 +565,30 @@ func getContainersSpec(ctx *chetypes.DeployContext) []corev1.Container {
 					},
 				},
 			},
+			ReadinessProbe: &corev1.Probe{
+				ProbeHandler: corev1.ProbeHandler{
+					Exec: &corev1.ExecAction{
+						Command: []string{"configbump", "--version"},
+					},
+				},
+				InitialDelaySeconds: 5,
+				TimeoutSeconds:      5,
+				PeriodSeconds:       5,
+				SuccessThreshold:    1,
+				FailureThreshold:    5,
+			},
+			LivenessProbe: &corev1.Probe{
+				ProbeHandler: corev1.ProbeHandler{
+					Exec: &corev1.ExecAction{
+						Command: []string{"configbump", "--version"},
+					},
+				},
+				InitialDelaySeconds: 15,
+				TimeoutSeconds:      5,
+				PeriodSeconds:       5,
+				SuccessThreshold:    1,
+				FailureThreshold:    5,
+			},
 		},
 	}
 
diff --git a/pkg/deploy/gateway/kube_rbac_proxy.go b/pkg/deploy/gateway/kube_rbac_proxy.go
index c0c5373e2..830a685b0 100644
--- a/pkg/deploy/gateway/kube_rbac_proxy.go
+++ b/pkg/deploy/gateway/kube_rbac_proxy.go
@@ -15,6 +15,8 @@ package gateway
 import (
 	"strconv"
 
+	"k8s.io/apimachinery/pkg/util/intstr"
+
 	chev2 "github.com/eclipse-che/che-operator/api/v2"
 	"github.com/eclipse-che/che-operator/pkg/common/constants"
 	defaults "github.com/eclipse-che/che-operator/pkg/common/operator-defaults"
@@ -83,6 +85,40 @@ func getKubeRbacProxyContainerSpec(instance *chev2.CheCluster) corev1.Container
 				corev1.ResourceCPU:    resource.MustParse("0.1"),
 			},
 		},
+		ReadinessProbe: &corev1.Probe{
+			ProbeHandler: corev1.ProbeHandler{
+				HTTPGet: &corev1.HTTPGetAction{
+					Path: "/ping",
+					Port: intstr.IntOrString{
+						Type:   intstr.Int,
+						IntVal: int32(8090),
+					},
+					Scheme: corev1.URISchemeHTTP,
+				},
+			},
+			InitialDelaySeconds: 5,
+			TimeoutSeconds:      5,
+			PeriodSeconds:       5,
+			SuccessThreshold:    1,
+			FailureThreshold:    5,
+		},
+		LivenessProbe: &corev1.Probe{
+			ProbeHandler: corev1.ProbeHandler{
+				HTTPGet: &corev1.HTTPGetAction{
+					Path: "/ping",
+					Port: intstr.IntOrString{
+						Type:   intstr.Int,
+						IntVal: int32(8090),
+					},
+					Scheme: corev1.URISchemeHTTP,
+				},
+			},
+			InitialDelaySeconds: 15,
+			TimeoutSeconds:      5,
+			PeriodSeconds:       5,
+			SuccessThreshold:    1,
+			FailureThreshold:    5,
+		},
 	}
 }
 
diff --git a/pkg/deploy/gateway/oauth_proxy.go b/pkg/deploy/gateway/oauth_proxy.go
index 1f6de6b13..bc4f87636 100644
--- a/pkg/deploy/gateway/oauth_proxy.go
+++ b/pkg/deploy/gateway/oauth_proxy.go
@@ -16,6 +16,8 @@ import (
 	"fmt"
 	"strings"
 
+	"k8s.io/apimachinery/pkg/util/intstr"
+
 	identityprovider "github.com/eclipse-che/che-operator/pkg/deploy/identity-provider"
 	"github.com/sirupsen/logrus"
 	"k8s.io/apimachinery/pkg/api/resource"
@@ -185,9 +187,15 @@ func getOauthProxyContainerSpec(ctx *chetypes.DeployContext) corev1.Container {
 		Name:            "oauth-proxy",
 		Image:           defaults.GetGatewayAuthenticationSidecarImage(ctx.CheCluster),
 		ImagePullPolicy: corev1.PullIfNotPresent,
-		Args: []string{
-			"--config=/etc/oauth-proxy/oauth-proxy.cfg",
-		},
+		Args: map[bool][]string{
+			true: {
+				"--config=/etc/oauth-proxy/oauth-proxy.cfg",
+			},
+			false: {
+				"--config=/etc/oauth-proxy/oauth-proxy.cfg",
+				"--ping-path=/ping",
+				"--exclude-logging-path=/ping"},
+		}[infrastructure.IsOpenShift()],
 		VolumeMounts: []corev1.VolumeMount{
 			{
 				Name:      "oauth-proxy-config",
@@ -225,6 +233,40 @@ func getOauthProxyContainerSpec(ctx *chetypes.DeployContext) corev1.Container {
 				Value: configMapRevision,
 			},
 		},
+		ReadinessProbe: &corev1.Probe{
+			ProbeHandler: corev1.ProbeHandler{
+				HTTPGet: &corev1.HTTPGetAction{
+					Path: map[bool]string{true: "/oauth/healthz", false: "/ping"}[infrastructure.IsOpenShift()],
+					Port: intstr.IntOrString{
+						Type:   intstr.Int,
+						IntVal: int32(8080),
+					},
+					Scheme: corev1.URISchemeHTTP,
+				},
+			},
+			InitialDelaySeconds: 5,
+			TimeoutSeconds:      5,
+			PeriodSeconds:       5,
+			SuccessThreshold:    1,
+			FailureThreshold:    5,
+		},
+		LivenessProbe: &corev1.Probe{
+			ProbeHandler: corev1.ProbeHandler{
+				HTTPGet: &corev1.HTTPGetAction{
+					Path: map[bool]string{true: "/oauth/healthz", false: "/ping"}[infrastructure.IsOpenShift()],
+					Port: intstr.IntOrString{
+						Type:   intstr.Int,
+						IntVal: int32(8080),
+					},
+					Scheme: corev1.URISchemeHTTP,
+				},
+			},
+			InitialDelaySeconds: 15,
+			TimeoutSeconds:      5,
+			PeriodSeconds:       5,
+			SuccessThreshold:    1,
+			FailureThreshold:    5,
+		},
 	}
 }