From 48db0ea5b8bfec77ae77bfe0d74fc32dae1e3d74 Mon Sep 17 00:00:00 2001
From: Eugene Ivantsov <yivantso@redhat.com>
Date: Fri, 22 Mar 2019 11:02:34 +0200
Subject: [PATCH] Add docs

---
 deploy/crds/org_v1_che_cr.yaml | 56 +++++++++++++++++++++++++-------
 pkg/apis/org/v1/che_types.go   | 59 +++++++++++++++++++++++++++++++---
 2 files changed, 100 insertions(+), 15 deletions(-)

diff --git a/deploy/crds/org_v1_che_cr.yaml b/deploy/crds/org_v1_che_cr.yaml
index d4cee814d..17b6b0e74 100644
--- a/deploy/crds/org_v1_che_cr.yaml
+++ b/deploy/crds/org_v1_che_cr.yaml
@@ -15,57 +15,91 @@ metadata:
   name: eclipse-che
 spec:
   server:
+    # server image used in Che deployment
     cheImage: ''
+    # tag of an image used in Che deployment
     cheImageTag: ''
     # defaults to `che`. When set to `codeready`, CodeReady Workspaces is deployed
     # the difference is in images, labels, exec commands
     cheFlavor: ''
-    # when set to true the operator will attempt to get a secret in openshift router namespace
-    # to add it to Java trust store of Che server. Requires cluster-admin provileges for operator service account
+    # when set to true the operator will attempt to get a secret in OpenShift router namespace
+    # to add it to Java trust store of Che server. Requires cluster-admin privileges for operator service account
     selfSignedCert:
     # TLS mode for Che. Make sure you either have public cert, or set selfSignedCert to true
     tlsSupport:
+    # protocol+hostname of a proxy server. Automatically added as JAVA_OPTS and https(s)_proxy
+    # to Che server and workspaces containers
     proxyURL: ''
+    # port of a proxy server
     proxyPort: ''
+    # username for a proxy server
     proxyUser: ''
+    # password for a proxy user
     proxyPassword: ''
+    # a list of non-proxy hosts. Use | as delimiter, eg localhost|my.host.com|123.42.12.32
     nonProxyHosts: ''
+    # an endpoint serving plugin definitions. Defaults to https://che-plugin-registry.openshift.io
     pluginRegistryUrl: ''
   database:
     # when set to true, the operator skips deploying Postgres, and passes connection details of existing DB to Che server
+    # otherwise a Postgres deployment is created
     externalDb:
+    # Postgres Database hostname that Che server uses to connect to. Defaults to postgres
     chePostgresHostname: ''
+    # Postgres Database port that Che server uses to connect to. Defaults to 5432
     chePostgresPort: ''
+    # Postgres user that Che server when making a db connection. Defaults to pgche
     chePostgresUser: ''
+    # password of a postgres user. Auto-generated when left blank
     chePostgresPassword: ''
+    # Postgres database name that Che server uses to connect to. Defaults to dbche
     chePostgresDb: ''
+    # Postgres deployment in format image:tag. Defaults to registry.access.redhat.com/rhscl/postgresql-96-rhel7:1-25
+    postgresImage: ''
   storage:
-    # defaults to 'common' (one PVC for all workspacees). Can be 'unique' (PVC per volume), or 'per-workspace'
+    # persistent volume claim strategy for Che server. Can be common (all workspaces PVCs in one volume),
+    # per-workspace (one PVC per workspace for all declared volumes) and unique (one PVC per declared volume). Defaults to common
     pvcStrategy: ''
-    # default to 1Gi
+    # size of a persistent volume claim for workspaces. Defaults to 1Gi
     pvcClaimSize: ''
-    # use a special pod to pre-create subpaths in a common volume
+    # instruct Che server to launch a special pod to precreate a subpath in a PV
     preCreateSubPaths: true
+    # image:tag for preCreateSubPaths jobs
+    pvcJobsImage:
   auth:
-    # when set to true, the operator skips deploying Keycloak,
-    #and passes connection details of existing Keycloak auth server to Che server
+    # instructs operator on whether or not to deploy Keycloak/RH SSO instance. When set to true provision connection details
     externalKeycloak:
+    # retrieved from respective route/ingress unless explicitly specified in CR (when ExternalKeycloak is true)
     keycloakURL: ''
+    # password for keycloak database user. Auto generated if left blank
     keycloakPostgresPassword: ''
+    # desired admin username of Keycloak admin user (applicable only when ExternalKeycloak is false)
     keycloakAdminUserName: ''
+    # desired password of Keycloak admin user (applicable only when ExternalKeycloak is false)
     keycloakAdminPassword: 'admin'
+    # name of a keycloak realm. This realm will be created, when ExternalKeycloak is true, otherwise passed to Che server
     keycloakRealm: ''
+    # id of a keycloak client. This client will be created, when ExternalKeycloak is false, otherwise passed to Che server
     keycloakClientId: ''
+    # instructs an Operator to enable OpenShift v3 identity provider in Keycloak,
+    # as well as create respective oAuthClient and configure Che configMap accordingly
     openShiftoAuth:
-    openShiftApiUrl: ''
+    # name of oAuthClient used in OpenShift v3 identity provider in Keycloak realm. Auto generated if left blank
+    oAuthClientName: ''
+    # secret used in oAuthClient. Auto generated if left blank
+    oAuthSecret: ''
+    # image:tag used in Keycloak deployment
+    keycloakImage: ''
   k8s:
     # your global ingress domain
     ingressDomain: '192.168.99.101.nip.io'
-    # defaults to nginx
+    # kubernetes.io/ingress.class, defaults to nginx
     ingressClass: ''
-    # default to multi-host - <ingress-name>-<namespace>.<global-ingress-domain>
+    # IngressStrategy is the way ingresses are created.
+    # Can be multi-host (host is explicitly provided in ingress, <ingress-name>-<namespace>.<global-ingress-domain>),
+    # single-host (host is provided, path based rules, <ingress-domain>/path) and default-host *(no host is provided, path based rules)
     ingressStrategy: ''
-    # tls secret name will be used in ingress tls spec
+    # secret name used for tls termination
     tlsSecretName: ''
 
 
diff --git a/pkg/apis/org/v1/che_types.go b/pkg/apis/org/v1/che_types.go
index 42870ef04..47071c127 100644
--- a/pkg/apis/org/v1/che_types.go
+++ b/pkg/apis/org/v1/che_types.go
@@ -30,61 +30,107 @@ type CheClusterSpec struct {
 }
 
 type CheClusterSpecServer struct {
+	// CheImage is a server image used in Che deployment
 	CheImage string `json:"cheImage"`
+	// CheImageTag is a tag of an image used in Che deployment
 	CheImageTag string `json:"cheImageTag"`
+	// CheFlavor is an installation flavor. Can be 'che' - upstream or 'codeready' - CodeReady Workspaces. Defaults to 'che'
 	CheFlavor string `json:"cheFlavor"`
+	// CheHost is an env consumer by server. Detected automatically from Che route
 	CheHost string `json:"cheHost"`
+	// CheLostLevel is log level for Che server: INFO or DEBUG. Defaults to INFO
 	CheLogLevel string `json:"cheLogLevel"`
+	// CheDebug is debug mode for Che server. Defaults to false
 	CheDebug string `json:"cheDebug"`
+	// SelfSignedCert signal about the necessity to get OpenShift router tls secret
+	// and extract certificate to add it to Java trust store for Che server
 	SelfSignedCert bool `json:"selfSignedCert"`
+	// TlsSupport instructs an operator to deploy Che in TLS mode, ie with TLS routes or ingresses
 	TlsSupport bool `json:"tlsSupport"`
+	// PluginRegistryUrl is an endpoint serving plugin definitions. Defaults to https://che-plugin-registry.openshift.io
 	PluginRegistryUrl string `json:"pluginRegistryUrl"`
+	// ProxyURL is protocol+hostname of a proxy server. Automatically added as JAVA_OPTS and https(s)_proxy
+	// to Che server and workspaces containers
 	ProxyURL string `json:"proxyURL"`
+	// ProxyPort is port of a proxy server
 	ProxyPort string `json:"proxyPort"`
+	// NonProxyHosts is a list of non-proxy hosts. Use | as delimiter, eg localhost|my.host.com|123.42.12.32
 	NonProxyHosts string `json:"nonProxyHosts"`
+	// ProxyUser is username for a proxy server
 	ProxyUser string `json:"proxyUser"`
+	// ProxyPassword is password for a proxy user
 	ProxyPassword string `json:"proxyPassword"`
 }
 
 type CheClusterSpecDB struct {
-
+	// ExternalDB instructs the operator either to skip deploying Postgres,
+	// and passes connection details of existing DB to Che server (when set to true)
+	// or a new Postgres deployment is created
 	ExternalDB bool `json:"externalDb"`
+	// ChePostgresDBHostname is Postgres Database hostname that Che server uses to connect to. Defaults to postgres
 	ChePostgresDBHostname string `json:"chePostgresHostName"`
+	// ChePostgresPort is Postgres Database port that Che server uses to connect to. Defaults to 5432
 	ChePostgresPort string `json:"chePostgresPort"`
+	// ChePostgresUser is Postgres user that Che server when making a db connection. Defaults to pgche
 	ChePostgresUser string `json:"chePostgresUser"`
+	// ChePostgresPassword is password of a postgres user. Auto-generated when left blank
 	ChePostgresPassword string `json:"chePostgresPassword"`
+	// ChePostgresDb is Postgres database name that Che server uses to connect to. Defaults to dbche
 	ChePostgresDb string `json:"chePostgresDb"`
+	// PostgresImage is an image used in Postgres deployment in format image:tag. Defaults to registry.access.redhat.com/rhscl/postgresql-96-rhel7:1-25
 	PostgresImage string `json:"postgresImage"`
 }
 
 type CheClusterSpecAuth struct {
-
+	// ExternalKeycloak instructs operator on whether or not to deploy Keycloak/RH SSO instance. When set to true provision connection details
 	ExternalKeycloak bool `json:"externalKeycloak"`
+	// KeycloakURL is retrieved from respective route/ingress unless explicitly specified in CR (when ExternalKeycloak is true)
 	KeycloakURL string `json:"keycloakURL"`
+	// KeycloakAdminUserName is a desired admin username of Keycloak admin user (applicable only when ExternalKeycloak is false)
 	KeycloakAdminUserName string `json:"keycloakAdminUserName"`
+	// KeycloakAdminPassword is a desired password of Keycloak admin user (applicable only when ExternalKeycloak is false)
 	KeycloakAdminPassword string `json:"keycloakAdminPassword"`
+	// KeycloakRealm is name of a keycloak realm. When ExternalKeycloak is false this realm will be created, otherwise passed to Che server
 	KeycloakRealm string `json:"keycloakRealm"`
+	// KeycloakClientId is id of a keycloak client. When ExternalKeycloak is false this client will be created, otherwise passed to Che server
 	KeycloakClientId string `json:"keycloakClientId"`
+	// KeycloakPostgresPassword is password for keycloak database user. Auto generated if left blank
 	KeycloakPostgresPassword string `json:"keycloakPostgresPassword"`
+	// UpdateAdminPassword forces the default admin Che user to update password on first login. False by default
 	UpdateAdminPassword bool `json:"updateAdminPassword"`
+	// OpenShiftOauth instructs an Operator to enable OpenShift v3 identity provider in Keycloak,
+	// as well as create respective oAuthClient and configure Che configMap accordingly
 	OpenShiftOauth bool `json:"openShiftoAuth"`
+	// OauthClientName is name of oAuthClient used in OpenShift v3 identity provider in Keycloak realm. Auto generated if left blank
 	OauthClientName string `json:"oAuthClientName"`
+	// OauthSecret is secret used in oAuthClient. Auto generated if left blank
 	OauthSecret string `json:"oAuthSecret"`
+	// KeycloakImage is image:tag used in Keycloak deployment
 	KeycloakImage string `json:"keycloakImage"`
 }
 
 
 type CheClusterSpecStorage struct {
+	// PvcStrategy is a persistent volume claim strategy for Che server. Can be common (all workspaces PVCs in one volume),
+	// per-workspace (one PVC per workspace for all declared volumes) and unique (one PVC per declared volume). Defaults to common
 	PvcStrategy string `json:"pvcStrategy"`
+	// PvcClaimSize is size of a persistent volume claim for workspaces. Defaults to 1Gi
 	PvcClaimSize string `json:"pvcClaimSize"`
+	// PreCreateSubPaths instructs Che server to launch a special pod to precreate a subpath in a PV
 	PreCreateSubPaths bool `json:"preCreateSubPaths"`
+	// PvcJobsImage is image:tag for preCreateSubPaths jobs
 	PvcJobsImage string `json:"pvcJobsImage"`
 }
 
 type CheClusterSpecK8SOnly struct {
+	// IngressDomain is a global ingress domain for a k8s cluster. Must be explicitly specified in CR. There are no defaults
 	IngressDomain string `json:"ingressDomain"`
+	// IngressStrategy is the way ingresses are created. Casn be multi-host (host is explicitly provided in ingress),
+	// single-host (host is provided, path based rules) and default-host *(no host is provided, path based rules)
 	IngressStrategy string `json:"ingressStrategy"`
+	// IngressClass is kubernetes.io/ingress.class, defaults to nginx
 	IngressClass string `json:"ingressClass"`
+	// secret name used for tls termination
 	TlsSecretName string `json:"tlsSecretName"`
 }
 
@@ -92,17 +138,22 @@ type CheClusterSpecK8SOnly struct {
 type CheClusterStatus struct {
 	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
 	// Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file
+	// DbProvisoned indicates if or not a Postgres instance has been provisioned with db and user
 	DbProvisoned bool `json:"dbProvisioned"`
+	// KeycloakProvisoned indicates if or not a Keycloak instance has been provisioned with realm, client, user
 	KeycloakProvisoned bool `json:"keycloakProvisioned"`
+	// OpenShiftoAuthProvisioned indicates if or not a Keycloak instance has been provisioned identity provider and oAuthclient
 	OpenShiftoAuthProvisioned bool `json:"openShiftoAuthProvisioned"`
+	// CheClusterRunning is status of a cluster. Can be Available, Unavailable, Available, Rolling Update in Progress
 	CheClusterRunning string `json:"cheClusterRunning"`
+	// CheVersion is current Che version retrieved from image tag
 	CheVersion string `json:"cheVersion"`
+	// CheURL is Che protocol+route/ingress
 	CheURL string `json:"cheURL"`
+	// KeycloakURL is Keycloak protocol+route/ingress
 	KeycloakURL string `json:"keycloakURL"`
 }
 
-
-
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
 // CheCluster is the Schema for the ches API