diff --git a/build/scripts/minikube-tests/minikube-checluster-patch.yaml b/build/scripts/minikube-tests/minikube-checluster-patch.yaml new file mode 100644 index 000000000..f3f230daf --- /dev/null +++ b/build/scripts/minikube-tests/minikube-checluster-patch.yaml @@ -0,0 +1,83 @@ +# +# Copyright (c) 2019-2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# +# Contributors: +# Red Hat, Inc. - initial API and implementation +# + +apiVersion: org.eclipse.che/v2 +spec: + components: + pluginRegistry: + openVSXURL: https://open-vsx.org + deployment: + containers: + - resources: + request: + cpu: '50m' + limits: + cpu: '50m' + devfileRegistry: + deployment: + containers: + - resources: + request: + cpu: '50m' + limits: + cpu: '50m' + cheServer: + deployment: + containers: + - resources: + limits: + cpu: '500m' + dashboard: + deployment: + containers: + - resources: + request: + cpu: '50m' + limits: + cpu: '50m' + database: + deployment: + containers: + - resources: + request: + cpu: '50m' + limits: + cpu: '50m' + networking: + auth: + gateway: + deployment: + containers: + - name: gateway + resources: + request: + cpu: '50m' + limits: + cpu: '50m' + - name: configbump + resources: + request: + cpu: '50m' + limits: + cpu: '50m' + - name: oauth-proxy + resources: + request: + cpu: '50m' + limits: + cpu: '50m' + - name: kube-rbac-proxy + resources: + request: + cpu: '50m' + limits: + cpu: '50m' diff --git a/build/scripts/minikube-tests/test-helm.sh b/build/scripts/minikube-tests/test-helm.sh index fcdc4b56e..d985247f0 100755 --- a/build/scripts/minikube-tests/test-helm.sh +++ b/build/scripts/minikube-tests/test-helm.sh @@ -27,7 +27,10 @@ trap "catchFinish" EXIT SIGINT runTest() { # Deploy Eclipse Che to have Cert Manager and Dex installed - chectl server:deploy --batch --platform minikube + chectl server:deploy \ + --batch \ + --platform minikube \ + --che-operator-cr-patch-yaml "${OPERATOR_REPO}/build/scripts/minikube-tests/minikube-checluster-patch.yaml" # Read OIDC configuration local IDENTITY_PROVIDER_URL=$(kubectl get checluster/eclipse-che -n ${NAMESPACE} -o jsonpath='{.spec.networking.auth.identityProviderURL}') @@ -41,14 +44,28 @@ runTest() { # Prepare HelmCharts HELMCHART_DIR=/tmp/chectl-helmcharts - OPERATOR_DEPLOYMENT="${HELMCHART_DIR}"/templates/che-operator.Deployment.yaml rm -rf "${HELMCHART_DIR}" cp -r "${OPERATOR_REPO}/helmcharts/next" "${HELMCHART_DIR}" + # Set custom image + OPERATOR_DEPLOYMENT="${HELMCHART_DIR}"/templates/che-operator.Deployment.yaml buildAndCopyCheOperatorImageToMinikube yq -riSY '.spec.template.spec.containers[0].image = "'${OPERATOR_IMAGE}'"' "${OPERATOR_DEPLOYMENT}" yq -riSY '.spec.template.spec.containers[0].imagePullPolicy = "Never"' "${OPERATOR_DEPLOYMENT}" + # Patch CheCluster CR to limit resources (see minikube-checluster-patch.yaml) + CHECLUSTER_CR="${HELMCHART_DIR}"/templates/org_v2_checluster.yaml + yq -riY '.spec.components = null' ${CHECLUSTER_CR} + yq -riY '.spec.components.pluginRegistry.openVSXURL = "https://open-vsx.org"' ${CHECLUSTER_CR} + for component in pluginRegistry devfileRegistry database dashboard; do + yq -riY '.spec.components.'${component}'.deployment.containers[0].resources = {limits: {cpu: "50m"}, request: {cpu: "50m"}}' ${CHECLUSTER_CR} + done + yq -riY '.spec.components.cheServer.deployment.containers[0].resources.limits.cpu = "500m"' ${CHECLUSTER_CR} + gatewayComponent=(kube-rbac-proxy oauth-proxy configbump gateway) + for i in {0..3}; do + yq -riY '.spec.networking.auth.gateway.deployment.containers['$i'] = {name: "'${gatewayComponent[$i]}'", resources: {limits: {cpu: "50m"}, request: {cpu: "50m"}}}' ${CHECLUSTER_CR} + done + # Deploy Eclipse Che with Helm pushd "${HELMCHART_DIR}" helm install che \ diff --git a/build/scripts/minikube-tests/test-operator.sh b/build/scripts/minikube-tests/test-operator.sh index a8f5ddd44..6e24495d9 100755 --- a/build/scripts/minikube-tests/test-operator.sh +++ b/build/scripts/minikube-tests/test-operator.sh @@ -29,7 +29,12 @@ runTest() { buildAndCopyCheOperatorImageToMinikube yq -riSY '.spec.template.spec.containers[0].image = "'${OPERATOR_IMAGE}'"' "${CURRENT_OPERATOR_VERSION_TEMPLATE_PATH}/che-operator/kubernetes/operator.yaml" yq -riSY '.spec.template.spec.containers[0].imagePullPolicy = "IfNotPresent"' "${CURRENT_OPERATOR_VERSION_TEMPLATE_PATH}/che-operator/kubernetes/operator.yaml" - chectl server:deploy --batch --platform minikube --templates "${CURRENT_OPERATOR_VERSION_TEMPLATE_PATH}" + + chectl server:deploy \ + --batch \ + --platform minikube \ + --templates "${CURRENT_OPERATOR_VERSION_TEMPLATE_PATH}" \ + --che-operator-cr-patch-yaml "${OPERATOR_REPO}/build/scripts/minikube-tests/minikube-checluster-patch.yaml" pushd ${OPERATOR_REPO} make wait-eclipseche-version VERSION="next" NAMESPACE=${NAMESPACE} diff --git a/build/scripts/minikube-tests/test-upgrade-from-stable-to-next.sh b/build/scripts/minikube-tests/test-upgrade-from-stable-to-next.sh index 351bd26e9..a18e29bf8 100755 --- a/build/scripts/minikube-tests/test-upgrade-from-stable-to-next.sh +++ b/build/scripts/minikube-tests/test-upgrade-from-stable-to-next.sh @@ -27,7 +27,11 @@ trap "catchFinish" EXIT SIGINT runTest() { # Deploy stable version - chectl server:deploy --platform minikube --batch --templates ${LAST_OPERATOR_VERSION_TEMPLATE_PATH} + chectl server:deploy \ + --batch \ + --platform minikube \ + --templates ${LAST_OPERATOR_VERSION_TEMPLATE_PATH} \ + --che-operator-cr-patch-yaml "${OPERATOR_REPO}/build/scripts/minikube-tests/minikube-checluster-patch.yaml" # Update to next version buildAndCopyCheOperatorImageToMinikube diff --git a/build/scripts/minikube-tests/test-upgrade-from-stable-to-stable.sh b/build/scripts/minikube-tests/test-upgrade-from-stable-to-stable.sh index 4fd2914da..4965d9971 100755 --- a/build/scripts/minikube-tests/test-upgrade-from-stable-to-stable.sh +++ b/build/scripts/minikube-tests/test-upgrade-from-stable-to-stable.sh @@ -26,7 +26,12 @@ source "${OPERATOR_REPO}/build/scripts/minikube-tests/common.sh" trap "catchFinish" EXIT SIGINT runTest() { - chectl server:deploy --platform minikube --templates ${PREVIOUS_OPERATOR_VERSION_TEMPLATE_PATH} --batch + chectl server:deploy \ + --batch \ + --platform minikube \ + --templates ${PREVIOUS_OPERATOR_VERSION_TEMPLATE_PATH} \ + --che-operator-cr-patch-yaml "${OPERATOR_REPO}/build/scripts/minikube-tests/minikube-checluster-patch.yaml" + chectl server:update --templates ${LAST_OPERATOR_VERSION_TEMPLATE_PATH} --batch # Wait until Eclipse Che is deployed diff --git a/pkg/deploy/pluginregistry/pluginregistry_deployment.go b/pkg/deploy/pluginregistry/pluginregistry_deployment.go index ff7e70759..4c78d48d8 100644 --- a/pkg/deploy/pluginregistry/pluginregistry_deployment.go +++ b/pkg/deploy/pluginregistry/pluginregistry_deployment.go @@ -55,6 +55,11 @@ func (p *PluginRegistryReconciler) getPluginRegistryDeploymentSpec(ctx *chetypes resources, probePath) + if ctx.CheCluster.Spec.Components.PluginRegistry.OpenVSXURL == "" { + // Add time to start embedded VSX registry + deployment.Spec.Template.Spec.Containers[0].LivenessProbe.InitialDelaySeconds = 300 + } + deploy.EnsurePodSecurityStandards(deployment, constants.DefaultSecurityContextRunAsUser, constants.DefaultSecurityContextFsGroup) deploy.CustomizeDeployment(deployment, ctx.CheCluster.Spec.Components.PluginRegistry.Deployment) return deployment