diff --git a/api/checluster_conversion_from_test.go b/api/checluster_conversion_from_test.go index dab920eaa..eaf71bcc0 100644 --- a/api/checluster_conversion_from_test.go +++ b/api/checluster_conversion_from_test.go @@ -408,19 +408,16 @@ func TestConvertFrom(t *testing.T) { GitHub: []chev2.GitHubService{ { SecretName: "github-secret-name", - Endpoint: "github-endpoint", }, }, GitLab: []chev2.GitLabService{ { SecretName: "gitlab-secret-name", - Endpoint: "gitlab-endpoint", }, }, BitBucket: []chev2.BitBucketService{ { SecretName: "bitbucket-secret-name", - Endpoint: "bitbucket-endpoint", }, }, }, @@ -570,11 +567,8 @@ func TestConvertFrom(t *testing.T) { assert.Equal(t, checlusterv1.Spec.Storage.PerWorkspaceStrategyPVCStorageClassName, "PerWorkspaceStorageClass") assert.Equal(t, checlusterv1.Spec.GitServices.GitHub[0].SecretName, "github-secret-name") - assert.Equal(t, checlusterv1.Spec.GitServices.GitHub[0].Endpoint, "github-endpoint") assert.Equal(t, checlusterv1.Spec.GitServices.GitLab[0].SecretName, "gitlab-secret-name") - assert.Equal(t, checlusterv1.Spec.GitServices.GitLab[0].Endpoint, "gitlab-endpoint") assert.Equal(t, checlusterv1.Spec.GitServices.BitBucket[0].SecretName, "bitbucket-secret-name") - assert.Equal(t, checlusterv1.Spec.GitServices.BitBucket[0].Endpoint, "bitbucket-endpoint") } func TestShouldConvertFromWhenOnlyMemoryResourceSpecified(t *testing.T) { diff --git a/api/checluster_conversion_to_test.go b/api/checluster_conversion_to_test.go index f96ac1beb..b3b871c07 100644 --- a/api/checluster_conversion_to_test.go +++ b/api/checluster_conversion_to_test.go @@ -526,11 +526,8 @@ func TestConvertTo(t *testing.T) { assert.Equal(t, checlusterv2.Status.PostgresVersion, "PostgresVersion") assert.Equal(t, checlusterv2.Spec.GitServices.GitHub[0].SecretName, "github-secret-name") - assert.Equal(t, checlusterv2.Spec.GitServices.GitHub[0].Endpoint, "github-endpoint") assert.Equal(t, checlusterv2.Spec.GitServices.GitLab[0].SecretName, "gitlab-secret-name") - assert.Equal(t, checlusterv2.Spec.GitServices.GitLab[0].Endpoint, "gitlab-endpoint") assert.Equal(t, checlusterv2.Spec.GitServices.BitBucket[0].SecretName, "bitbucket-secret-name") - assert.Equal(t, checlusterv2.Spec.GitServices.BitBucket[0].Endpoint, "bitbucket-endpoint") } func TestShouldConvertToWhenOnlyMemoryResourceSpecified(t *testing.T) { diff --git a/api/checluster_webhook_test.go b/api/checluster_webhook_test.go index c736dfac1..c42b8a368 100644 --- a/api/checluster_webhook_test.go +++ b/api/checluster_webhook_test.go @@ -157,6 +157,9 @@ func TestValidateScmSecrets(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Namespace: "eclipse-che", Name: "gitlab-scm-secret", + Annotations: map[string]string{ + constants.CheEclipseOrgScmServerEndpoint: "gitlab-endpoint-secret", + }, }, Data: map[string][]byte{ "id": []byte("id"), @@ -189,18 +192,18 @@ func TestValidateScmSecrets(t *testing.T) { GitHub: []v2.GitHubService{ { SecretName: "github-scm-secret", + Endpoint: "github-endpoint", }, }, GitLab: []v2.GitLabService{ { SecretName: "gitlab-scm-secret", - Endpoint: "gitlab-endpoint", + Endpoint: "gitlab-endpoint-checluster", }, }, BitBucket: []v2.BitBucketService{ { SecretName: "bitbucket-scm-secret", - Endpoint: "bitbucket-endpoint", }, }, }, @@ -213,20 +216,58 @@ func TestValidateScmSecrets(t *testing.T) { githubSecret, err = k8sHelper.GetClientset().CoreV1().Secrets("eclipse-che").Get(context.TODO(), "github-scm-secret", metav1.GetOptions{}) assert.Nil(t, err) assert.Equal(t, "github", githubSecret.Annotations[constants.CheEclipseOrgOAuthScmServer]) + assert.Equal(t, "github-endpoint", githubSecret.Annotations[constants.CheEclipseOrgScmServerEndpoint]) assert.Equal(t, constants.OAuthScmConfiguration, githubSecret.Labels[constants.KubernetesComponentLabelKey]) assert.Equal(t, constants.CheEclipseOrg, githubSecret.Labels[constants.KubernetesPartOfLabelKey]) gitlabSecret, err = k8sHelper.GetClientset().CoreV1().Secrets("eclipse-che").Get(context.TODO(), "gitlab-scm-secret", metav1.GetOptions{}) assert.Nil(t, err) assert.Equal(t, "gitlab", gitlabSecret.Annotations[constants.CheEclipseOrgOAuthScmServer]) - assert.Equal(t, "gitlab-endpoint", gitlabSecret.Annotations[constants.CheEclipseOrgScmServerEndpoint]) + assert.Equal(t, "gitlab-endpoint-secret", gitlabSecret.Annotations[constants.CheEclipseOrgScmServerEndpoint]) assert.Equal(t, constants.OAuthScmConfiguration, gitlabSecret.Labels[constants.KubernetesComponentLabelKey]) assert.Equal(t, constants.CheEclipseOrg, gitlabSecret.Labels[constants.KubernetesPartOfLabelKey]) bitbucketSecret, err = k8sHelper.GetClientset().CoreV1().Secrets("eclipse-che").Get(context.TODO(), "bitbucket-scm-secret", metav1.GetOptions{}) assert.Nil(t, err) assert.Equal(t, "bitbucket", bitbucketSecret.Annotations[constants.CheEclipseOrgOAuthScmServer]) - assert.Equal(t, "bitbucket-endpoint", bitbucketSecret.Annotations[constants.CheEclipseOrgScmServerEndpoint]) + assert.Empty(t, bitbucketSecret.Annotations[constants.CheEclipseOrgScmServerEndpoint]) assert.Equal(t, constants.OAuthScmConfiguration, bitbucketSecret.Labels[constants.KubernetesComponentLabelKey]) assert.Equal(t, constants.CheEclipseOrg, bitbucketSecret.Labels[constants.KubernetesPartOfLabelKey]) } + +func TestValidateScmSecretsShouldThrowError(t *testing.T) { + checluster := &v2.CheCluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "eclipse-che", + Namespace: "eclipse-che", + }, + Spec: v2.CheClusterSpec{ + GitServices: v2.CheClusterGitServices{ + GitHub: []v2.GitHubService{ + { + SecretName: "github-scm-secret-with-errors", + }, + }, + }, + }, + } + + err := checluster.ValidateCreate() + assert.Error(t, err) + assert.Equal(t, "secret 'github-scm-secret-with-errors' not found", err.Error()) + + githubSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "eclipse-che", + Name: "github-scm-secret-with-errors", + }, + } + + k8sHelper := k8shelper.New() + _, err = k8sHelper.GetClientset().CoreV1().Secrets("eclipse-che").Create(context.TODO(), githubSecret, metav1.CreateOptions{}) + assert.Nil(t, err) + + err = checluster.ValidateCreate() + assert.Error(t, err) + assert.Equal(t, "secret 'github-scm-secret-with-errors' must contain [id, secret] keys", err.Error()) +} diff --git a/api/v1/checluster_conversion_from.go b/api/v1/checluster_conversion_from.go index fde0f5680..ede2af354 100644 --- a/api/v1/checluster_conversion_from.go +++ b/api/v1/checluster_conversion_from.go @@ -86,7 +86,6 @@ func (dst *CheCluster) convertFrom_GitServices(src *chev2.CheCluster) error { dst.Spec.GitServices.GitHub, GitHubService{ SecretName: github.SecretName, - Endpoint: github.Endpoint, }) } @@ -95,7 +94,6 @@ func (dst *CheCluster) convertFrom_GitServices(src *chev2.CheCluster) error { dst.Spec.GitServices.GitLab, GitLabService{ SecretName: gitlab.SecretName, - Endpoint: gitlab.Endpoint, }) } @@ -104,7 +102,6 @@ func (dst *CheCluster) convertFrom_GitServices(src *chev2.CheCluster) error { dst.Spec.GitServices.BitBucket, BitBucketService{ SecretName: bitbucket.SecretName, - Endpoint: bitbucket.Endpoint, }) } diff --git a/api/v1/checluster_conversion_to.go b/api/v1/checluster_conversion_to.go index 022ceeb60..0d6018c0d 100644 --- a/api/v1/checluster_conversion_to.go +++ b/api/v1/checluster_conversion_to.go @@ -78,7 +78,6 @@ func (src *CheCluster) convertTo_GitServices(dst *chev2.CheCluster) error { dst.Spec.GitServices.GitHub, chev2.GitHubService{ SecretName: github.SecretName, - Endpoint: github.Endpoint, }) } @@ -87,7 +86,6 @@ func (src *CheCluster) convertTo_GitServices(dst *chev2.CheCluster) error { dst.Spec.GitServices.GitLab, chev2.GitLabService{ SecretName: gitlab.SecretName, - Endpoint: gitlab.Endpoint, }) } @@ -96,7 +94,6 @@ func (src *CheCluster) convertTo_GitServices(dst *chev2.CheCluster) error { dst.Spec.GitServices.BitBucket, chev2.BitBucketService{ SecretName: bitbucket.SecretName, - Endpoint: bitbucket.Endpoint, }) } diff --git a/api/v1/checluster_types.go b/api/v1/checluster_types.go index 35824378a..cdc5356fb 100644 --- a/api/v1/checluster_types.go +++ b/api/v1/checluster_types.go @@ -809,47 +809,44 @@ type CheClusterGitServices struct { // GitHubService enables users to work with repositories hosted on GitHub (GitHub.com or GitHub Enterprise). type GitHubService struct { - // Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret, - // that stored in `id` and `secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. + // Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret. + // See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // GitHub server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://github.com" - Endpoint string `json:"endpoint"` + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. + // +optional + Endpoint string `json:"endpoint,omitempty"` } // GitLabService enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted). type GitLabService struct { - // Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret, - // that stored in `id` and `secret` keys respectively. + // Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret. // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // GitLab server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://gitlab.com" - Endpoint string `json:"endpoint"` + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/. + // +optional + Endpoint string `json:"endpoint,omitempty"` } // BitBucketService enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted). type BitBucketService struct { // Kubernetes secret, that contains Base64-encoded Bitbucket OAuth 1.0 or OAuth 2.0 data. - // For OAuth 1.0: private key, Bitbucket Application link consumer key and Bitbucket Application link shared secret must be stored - // in `private.key`, `consumer.key` and `shared_secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - // For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer secret must be stored - // in `id` and `secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/. + // See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + // and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // Bitbucket server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://bitbucket.org" + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. + // +optional Endpoint string `json:"endpoint,omitempty"` } diff --git a/api/v2/checluster_types.go b/api/v2/checluster_types.go index b15aeed78..7a7dd701a 100644 --- a/api/v2/checluster_types.go +++ b/api/v2/checluster_types.go @@ -613,50 +613,49 @@ type CheClusterGitServices struct { // GitHubService enables users to work with repositories hosted on GitHub (GitHub.com or GitHub Enterprise). type GitHubService struct { - // Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret, - // that stored in `id` and `secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. + // Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret. + // See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // GitHub server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://github.com" - Endpoint string `json:"endpoint"` + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. + // +optional + Endpoint string `json:"endpoint,omitempty"` // Disables subdomain isolation. + // Deprecated in favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` annotation. + // See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/. // +optional DisableSubdomainIsolation *bool `json:"disableSubdomainIsolation,omitempty"` } // GitLabService enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted). type GitLabService struct { - // Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret, - // that stored in `id` and `secret` keys respectively. + // Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret. // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // GitLab server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://gitlab.com" - Endpoint string `json:"endpoint"` + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/. + // +optional + Endpoint string `json:"endpoint,omitempty"` } // BitBucketService enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted). type BitBucketService struct { // Kubernetes secret, that contains Base64-encoded Bitbucket OAuth 1.0 or OAuth 2.0 data. - // For OAuth 1.0: private key, Bitbucket Application link consumer key and Bitbucket Application link shared secret must be stored - // in `private.key`, `consumer.key` and `shared_secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - // For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer secret must be stored - // in `id` and `secret` keys respectively. - // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/. + // See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + // and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/. // +kubebuilder:validation:Required // +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors="urn:alm:descriptor:io.kubernetes:Secret" SecretName string `json:"secretName"` // Bitbucket server endpoint URL. - // +kubebuilder:validation:Required - // +kubebuilder:default:="https://bitbucket.org" + // Deprecated in favor of `che.eclipse.org/scm-server-endpoint` annotation. + // See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. + // +optional Endpoint string `json:"endpoint,omitempty"` } diff --git a/api/v2/checluster_webhook.go b/api/v2/checluster_webhook.go index 0c1042f81..e3f24e0c2 100644 --- a/api/v2/checluster_webhook.go +++ b/api/v2/checluster_webhook.go @@ -15,9 +15,11 @@ package v2 import ( "context" "fmt" + "strconv" "strings" "golang.org/x/mod/semver" + "k8s.io/apimachinery/pkg/api/errors" "k8s.io/utils/pointer" "github.com/eclipse-che/che-operator/pkg/common/constants" @@ -125,19 +127,19 @@ func ensureSingletonCheCluster() error { func validate(checluster *CheCluster) error { for _, github := range checluster.Spec.GitServices.GitHub { - if err := validateGitHubOAuthSecret(github, checluster.Namespace); err != nil { + if err := validateOAuthSecret(github.SecretName, "github", github.Endpoint, github.DisableSubdomainIsolation, checluster.Namespace); err != nil { return err } } for _, gitlab := range checluster.Spec.GitServices.GitLab { - if err := validateGitLabOAuthSecret(gitlab, checluster.Namespace); err != nil { + if err := validateOAuthSecret(gitlab.SecretName, "gitlab", gitlab.Endpoint, nil, checluster.Namespace); err != nil { return err } } for _, bitbucket := range checluster.Spec.GitServices.BitBucket { - if err := validateBitBucketOAuthSecret(bitbucket, checluster.Namespace); err != nil { + if err := validateOAuthSecret(bitbucket.SecretName, "bitbucket", bitbucket.Endpoint, nil, checluster.Namespace); err != nil { return err } } @@ -145,60 +147,71 @@ func validate(checluster *CheCluster) error { return nil } -func validateGitHubOAuthSecret(github GitHubService, namespace string) error { - if github.SecretName == "" { +func validateOAuthSecret(secretName string, scmProvider string, serverEndpoint string, disableSubdomainIsolation *bool, namespace string) error { + if secretName == "" { return nil } + k8sHelper := k8shelper.New() + secret, err := k8sHelper.GetClientset().CoreV1().Secrets(namespace).Get(context.TODO(), secretName, metav1.GetOptions{}) + if err != nil { + if errors.IsNotFound(err) { + return fmt.Errorf("secret '%s' not found", secretName) + } + return fmt.Errorf("error reading '%s' secret", err.Error()) + } + + if err := ensureScmLabelsAndAnnotations(secret, scmProvider, serverEndpoint, disableSubdomainIsolation); err != nil { + return err + } + + switch scmProvider { + case "github": + if err := validateGitHubOAuthSecretDataKeys(secret); err != nil { + return err + } + case "gitlab": + if err := validateGitLabOAuthSecretDataKeys(secret); err != nil { + return err + } + case "bitbucket": + if err := validateBitBucketOAuthSecretDataKeys(secret); err != nil { + return err + } + } + + return nil +} + +func validateGitHubOAuthSecretDataKeys(secret *corev1.Secret) error { keys2validate := []string{constants.GitHubOAuthConfigClientIdFileName, constants.GitHubOAuthConfigClientSecretFileName} - if err := validateSecretKeys(keys2validate, github.SecretName, namespace); err != nil { - return err - } - if err := ensureScmLabelsAndAnnotations("github", github.Endpoint, github.SecretName, namespace); err != nil { - return err - } - return nil + return validateOAuthSecretDataKeys(secret, keys2validate) } -func validateGitLabOAuthSecret(gitlab GitLabService, namespace string) error { - if gitlab.SecretName == "" { - return nil - } - +func validateGitLabOAuthSecretDataKeys(secret *corev1.Secret) error { keys2validate := []string{constants.GitLabOAuthConfigClientIdFileName, constants.GitLabOAuthConfigClientSecretFileName} - if err := validateSecretKeys(keys2validate, gitlab.SecretName, namespace); err != nil { - return err - } - if err := ensureScmLabelsAndAnnotations("gitlab", gitlab.Endpoint, gitlab.SecretName, namespace); err != nil { - return err - } - return nil + return validateOAuthSecretDataKeys(secret, keys2validate) } -func validateBitBucketOAuthSecret(bitbucket BitBucketService, namespace string) error { - if bitbucket.SecretName == "" { - return nil - } - +func validateBitBucketOAuthSecretDataKeys(secret *corev1.Secret) error { oauth1Keys2validate := []string{constants.BitBucketOAuthConfigPrivateKeyFileName, constants.BitBucketOAuthConfigConsumerKeyFileName} - errOauth1Keys := validateSecretKeys(oauth1Keys2validate, bitbucket.SecretName, namespace) + errOauth1Keys := validateOAuthSecretDataKeys(secret, oauth1Keys2validate) + oauth2Keys2validate := []string{constants.BitBucketOAuthConfigClientIdFileName, constants.BitBucketOAuthConfigClientSecretFileName} - errOauth2Keys := validateSecretKeys(oauth2Keys2validate, bitbucket.SecretName, namespace) + errOauth2Keys := validateOAuthSecretDataKeys(secret, oauth2Keys2validate) + if errOauth1Keys != nil && errOauth2Keys != nil { return fmt.Errorf("secret must contain either [%s] or [%s] keys", strings.Join(oauth1Keys2validate, ", "), strings.Join(oauth2Keys2validate, ", ")) } - if err := ensureScmLabelsAndAnnotations("bitbucket", bitbucket.Endpoint, bitbucket.SecretName, namespace); err != nil { - return err - } + return nil } -func ensureScmLabelsAndAnnotations(scmProvider string, endpointUrl string, secretName string, namespace string) error { +func ensureScmLabelsAndAnnotations(secret *corev1.Secret, scmProvider string, serverEndpoint string, disableSubdomainIsolation *bool) error { patch := corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - constants.CheEclipseOrgOAuthScmServer: scmProvider, - constants.CheEclipseOrgScmServerEndpoint: endpointUrl, + constants.CheEclipseOrgOAuthScmServer: scmProvider, }, Labels: map[string]string{ constants.KubernetesPartOfLabelKey: constants.CheEclipseOrg, @@ -206,26 +219,33 @@ func ensureScmLabelsAndAnnotations(scmProvider string, endpointUrl string, secre }, }, } - patchData, _ := json.Marshal(patch) + if disableSubdomainIsolation != nil && secret.Annotations[constants.CheEclipseOrgScmGitHubDisableSubdomainIsolation] == "" { + // for backward compatability, copy CheCluster CR value into annotation + patch.Annotations[constants.CheEclipseOrgScmGitHubDisableSubdomainIsolation] = strconv.FormatBool(*disableSubdomainIsolation) + } + if serverEndpoint != "" && secret.Annotations[constants.CheEclipseOrgScmServerEndpoint] == "" { + // for backward compatability, copy CheCluster CR value into annotation + patch.Annotations[constants.CheEclipseOrgScmServerEndpoint] = serverEndpoint + } + + patchData, _ := json.Marshal(patch) k8sHelper := k8shelper.New() - if _, err := k8sHelper.GetClientset().CoreV1().Secrets(namespace).Patch(context.TODO(), secretName, types.MergePatchType, patchData, metav1.PatchOptions{}); err != nil { + if _, err := k8sHelper. + GetClientset(). + CoreV1(). + Secrets(secret.Namespace). + Patch(context.TODO(), secret.Name, types.MergePatchType, patchData, metav1.PatchOptions{}); err != nil { return err } return nil } -func validateSecretKeys(keys []string, secretName string, namespace string) error { - k8sHelper := k8shelper.New() - secret, err := k8sHelper.GetClientset().CoreV1().Secrets(namespace).Get(context.TODO(), secretName, metav1.GetOptions{}) - if err != nil { - return err - } - +func validateOAuthSecretDataKeys(secret *corev1.Secret, keys []string) error { for _, key := range keys { if len(secret.Data[key]) == 0 { - return fmt.Errorf("secret must contain [%s] keys", strings.Join(keys, ", ")) + return fmt.Errorf("secret '%s' must contain [%s] keys", secret.Name, strings.Join(keys, ", ")) } } diff --git a/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml b/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml index f6d6d3b08..d3da51fab 100644 --- a/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml +++ b/bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml @@ -77,7 +77,7 @@ metadata: operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/eclipse-che/che-operator support: Eclipse Foundation - name: eclipse-che.v7.61.0-758.next + name: eclipse-che.v7.61.0-760.next namespace: placeholder spec: apiservicedefinitions: {} @@ -146,13 +146,8 @@ spec: displayName: Bitbucket path: gitServices.bitbucket - description: 'Kubernetes secret, that contains Base64-encoded Bitbucket - OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application - link consumer key and Bitbucket Application link shared secret must - be stored in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer - secret must be stored in `id` and `secret` keys respectively. See the - following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + OAuth 1.0 or OAuth 2.0 data. See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' displayName: Secret Name path: gitServices.bitbucket[0].secretName x-descriptors: @@ -162,8 +157,8 @@ spec: displayName: GitHub path: gitServices.github - description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth - Client id and GitHub OAuth Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + Client id and GitHub OAuth Client secret. See the following page for + details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' displayName: Secret Name path: gitServices.github[0].secretName x-descriptors: @@ -173,8 +168,7 @@ spec: displayName: GitLab path: gitServices.gitlab - description: 'Kubernetes secret, that contains Base64-encoded GitHub Application - id and GitLab Application Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + id and GitLab Application Client secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' displayName: Secret Name path: gitServices.gitlab[0].secretName x-descriptors: @@ -310,13 +304,8 @@ spec: displayName: Bitbucket path: gitServices.bitbucket - description: 'Kubernetes secret, that contains Base64-encoded Bitbucket - OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application - link consumer key and Bitbucket Application link shared secret must - be stored in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer - secret must be stored in `id` and `secret` keys respectively. See the - following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + OAuth 1.0 or OAuth 2.0 data. See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' displayName: Secret Name path: gitServices.bitbucket[0].secretName x-descriptors: @@ -326,8 +315,8 @@ spec: displayName: GitHub path: gitServices.github - description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth - Client id and GitHub OAuth Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + Client id and GitHub OAuth Client secret. See the following page for + details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' displayName: Secret Name path: gitServices.github[0].secretName x-descriptors: @@ -337,8 +326,7 @@ spec: displayName: GitLab path: gitServices.gitlab - description: 'Kubernetes secret, that contains Base64-encoded GitHub Application - id and GitLab Application Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + id and GitLab Application Client secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' displayName: Secret Name path: gitServices.gitlab[0].secretName x-descriptors: @@ -1233,7 +1221,7 @@ spec: minKubeVersion: 1.19.0 provider: name: Eclipse Foundation - version: 7.61.0-758.next + version: 7.61.0-760.next webhookdefinitions: - admissionReviewVersions: - v1 diff --git a/bundle/next/eclipse-che/manifests/org.eclipse.che_checlusters.yaml b/bundle/next/eclipse-che/manifests/org.eclipse.che_checlusters.yaml index 04644f0c3..1d4f48db1 100644 --- a/bundle/next/eclipse-che/manifests/org.eclipse.che_checlusters.yaml +++ b/bundle/next/eclipse-che/manifests/org.eclipse.che_checlusters.yaml @@ -1150,19 +1150,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key - and Bitbucket Application link shared secret must be - stored in `private.key`, `consumer.key` and `shared_secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1176,17 +1172,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1198,17 +1193,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client - secret, that stored in `id` and `secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -7148,19 +7142,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key - and Bitbucket Application link shared secret must be - stored in `private.key`, `consumer.key` and `shared_secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -7174,20 +7164,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated + in favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7199,17 +7190,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client - secret, that stored in `id` and `secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/config/crd/bases/org.eclipse.che_checlusters.yaml b/config/crd/bases/org.eclipse.che_checlusters.yaml index be25781a2..309f3f092 100644 --- a/config/crd/bases/org.eclipse.che_checlusters.yaml +++ b/config/crd/bases/org.eclipse.che_checlusters.yaml @@ -1109,19 +1109,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1135,17 +1131,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1157,17 +1152,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6955,19 +6949,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -6981,20 +6971,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7006,17 +6997,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/config/manifests/bases/che-operator.clusterserviceversion.yaml b/config/manifests/bases/che-operator.clusterserviceversion.yaml index 00fb95040..b4258216a 100644 --- a/config/manifests/bases/che-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/che-operator.clusterserviceversion.yaml @@ -93,13 +93,8 @@ spec: displayName: Bitbucket path: gitServices.bitbucket - description: 'Kubernetes secret, that contains Base64-encoded Bitbucket OAuth - 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application - link consumer key and Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer - secret must be stored in `id` and `secret` keys respectively. See the following - page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + 1.0 or OAuth 2.0 data. See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' displayName: Secret Name path: gitServices.bitbucket[0].secretName x-descriptors: @@ -109,8 +104,8 @@ spec: displayName: GitHub path: gitServices.github - description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth - Client id and GitHub OAuth Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + Client id and GitHub OAuth Client secret. See the following page for details: + https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' displayName: Secret Name path: gitServices.github[0].secretName x-descriptors: @@ -120,8 +115,7 @@ spec: displayName: GitLab path: gitServices.gitlab - description: 'Kubernetes secret, that contains Base64-encoded GitHub Application - id and GitLab Application Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + id and GitLab Application Client secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' displayName: Secret Name path: gitServices.gitlab[0].secretName x-descriptors: @@ -256,13 +250,8 @@ spec: displayName: Bitbucket path: gitServices.bitbucket - description: 'Kubernetes secret, that contains Base64-encoded Bitbucket OAuth - 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application - link consumer key and Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys respectively. - See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer - secret must be stored in `id` and `secret` keys respectively. See the following - page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + 1.0 or OAuth 2.0 data. See the following pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' displayName: Secret Name path: gitServices.bitbucket[0].secretName x-descriptors: @@ -272,8 +261,8 @@ spec: displayName: GitHub path: gitServices.github - description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth - Client id and GitHub OAuth Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + Client id and GitHub OAuth Client secret. See the following page for details: + https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' displayName: Secret Name path: gitServices.github[0].secretName x-descriptors: @@ -283,8 +272,7 @@ spec: displayName: GitLab path: gitServices.gitlab - description: 'Kubernetes secret, that contains Base64-encoded GitHub Application - id and GitLab Application Client secret, that stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + id and GitLab Application Client secret. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' displayName: Secret Name path: gitServices.gitlab[0].secretName x-descriptors: diff --git a/deploy/deployment/kubernetes/combined.yaml b/deploy/deployment/kubernetes/combined.yaml index 68b542a1c..a87d11eb3 100644 --- a/deploy/deployment/kubernetes/combined.yaml +++ b/deploy/deployment/kubernetes/combined.yaml @@ -1128,19 +1128,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1154,17 +1150,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1176,17 +1171,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6974,19 +6968,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -7000,20 +6990,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7025,17 +7016,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml b/deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml index f0fdc15e5..4c7f3c7b4 100644 --- a/deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml +++ b/deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml @@ -1123,19 +1123,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1149,17 +1145,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1171,17 +1166,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6969,19 +6963,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -6995,20 +6985,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7020,17 +7011,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/deploy/deployment/openshift/combined.yaml b/deploy/deployment/openshift/combined.yaml index 5a2254fd5..87a913cd2 100644 --- a/deploy/deployment/openshift/combined.yaml +++ b/deploy/deployment/openshift/combined.yaml @@ -1128,19 +1128,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1154,17 +1150,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1176,17 +1171,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6974,19 +6968,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -7000,20 +6990,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7025,17 +7016,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/deploy/deployment/openshift/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml b/deploy/deployment/openshift/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml index 8566a8a5a..f81bb610a 100644 --- a/deploy/deployment/openshift/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml +++ b/deploy/deployment/openshift/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml @@ -1123,19 +1123,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1149,17 +1145,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1171,17 +1166,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6969,19 +6963,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -6995,20 +6985,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7020,17 +7011,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/helmcharts/next/crds/checlusters.org.eclipse.che.CustomResourceDefinition.yaml b/helmcharts/next/crds/checlusters.org.eclipse.che.CustomResourceDefinition.yaml index f0fdc15e5..4c7f3c7b4 100644 --- a/helmcharts/next/crds/checlusters.org.eclipse.che.CustomResourceDefinition.yaml +++ b/helmcharts/next/crds/checlusters.org.eclipse.che.CustomResourceDefinition.yaml @@ -1123,19 +1123,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -1149,17 +1145,16 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -1171,17 +1166,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array @@ -6969,19 +6963,15 @@ spec: hosted on Bitbucket (bitbucket.org or self-hosted). properties: endpoint: - default: https://bitbucket.org - description: Bitbucket server endpoint URL. + description: 'Bitbucket server endpoint URL. Deprecated + in favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: - private key, Bitbucket Application link consumer key and - Bitbucket Application link shared secret must be stored - in `private.key`, `consumer.key` and `shared_secret` keys - respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. - For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket - OAuth consumer secret must be stored in `id` and `secret` - keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' + Bitbucket OAuth 1.0 or OAuth 2.0 data. See the following + pages for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/ + and https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.' type: string required: - secretName @@ -6995,20 +6985,21 @@ spec: hosted on GitHub (GitHub.com or GitHub Enterprise). properties: disableSubdomainIsolation: - description: Disables subdomain isolation. + description: 'Disables subdomain isolation. Deprecated in + favor of `che.eclipse.org/scm-github-disable-subdomain-isolation` + annotation. See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: boolean endpoint: - default: https://github.com - description: GitHub server endpoint URL. + description: 'GitHub server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub OAuth Client id and GitHub OAuth Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' + GitHub OAuth Client id and GitHub OAuth Client secret. + See the following page for details: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.' type: string required: - - endpoint - secretName type: object type: array @@ -7020,17 +7011,16 @@ spec: hosted on GitLab (gitlab.com or self-hosted). properties: endpoint: - default: https://gitlab.com - description: GitLab server endpoint URL. + description: 'GitLab server endpoint URL. Deprecated in + favor of `che.eclipse.org/scm-server-endpoint` annotation. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string secretName: description: 'Kubernetes secret, that contains Base64-encoded - GitHub Application id and GitLab Application Client secret, - that stored in `id` and `secret` keys respectively. See - the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' + GitHub Application id and GitLab Application Client secret. + See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.' type: string required: - - endpoint - secretName type: object type: array diff --git a/pkg/common/constants/constants.go b/pkg/common/constants/constants.go index b097bfc5c..2fcf9e38f 100644 --- a/pkg/common/constants/constants.go +++ b/pkg/common/constants/constants.go @@ -94,13 +94,14 @@ const ( KubernetesNameLabelKey = "app.kubernetes.io/name" // Annotations - CheEclipseOrgMountPath = "che.eclipse.org/mount-path" - CheEclipseOrgMountAs = "che.eclipse.org/mount-as" - CheEclipseOrgEnvName = "che.eclipse.org/env-name" - CheEclipseOrgNamespace = "che.eclipse.org/namespace" - CheEclipseOrgOAuthScmServer = "che.eclipse.org/oauth-scm-server" - CheEclipseOrgScmServerEndpoint = "che.eclipse.org/scm-server-endpoint" - CheEclipseOrgManagedAnnotationsDigest = "che.eclipse.org/managed-annotations-digest" + CheEclipseOrgMountPath = "che.eclipse.org/mount-path" + CheEclipseOrgMountAs = "che.eclipse.org/mount-as" + CheEclipseOrgEnvName = "che.eclipse.org/env-name" + CheEclipseOrgNamespace = "che.eclipse.org/namespace" + CheEclipseOrgOAuthScmServer = "che.eclipse.org/oauth-scm-server" + CheEclipseOrgScmServerEndpoint = "che.eclipse.org/scm-server-endpoint" + CheEclipseOrgManagedAnnotationsDigest = "che.eclipse.org/managed-annotations-digest" + CheEclipseOrgScmGitHubDisableSubdomainIsolation = "che.eclipse.org/scm-github-disable-subdomain-isolation" // DevEnvironments PerUserPVCStorageStrategy = "per-user" diff --git a/pkg/deploy/server/server_deployment.go b/pkg/deploy/server/server_deployment.go index 21ffe71cf..a2ea32903 100644 --- a/pkg/deploy/server/server_deployment.go +++ b/pkg/deploy/server/server_deployment.go @@ -12,8 +12,6 @@ package server import ( - "strconv" - "github.com/eclipse-che/che-operator/pkg/common/chetypes" "github.com/eclipse-che/che-operator/pkg/common/constants" defaults "github.com/eclipse-che/che-operator/pkg/common/operator-defaults" @@ -348,12 +346,8 @@ func MountGitHubOAuthConfig(ctx *chetypes.DeployContext, deployment *appsv1.Depl mountEnv(deployment, "CHE_INTEGRATION_GITHUB_OAUTH__ENDPOINT", oauthEndpoint) } - for _, gitHubService := range ctx.CheCluster.Spec.GitServices.GitHub { - if gitHubService.SecretName == secret.Name { - if gitHubService.DisableSubdomainIsolation != nil { - mountEnv(deployment, "CHE_INTEGRATION_GITHUB_DISABLE__SUBDOMAIN__ISOLATION", strconv.FormatBool(*gitHubService.DisableSubdomainIsolation)) - } - } + if secret.Annotations[constants.CheEclipseOrgScmGitHubDisableSubdomainIsolation] != "" { + mountEnv(deployment, "CHE_INTEGRATION_GITHUB_DISABLE__SUBDOMAIN__ISOLATION", secret.Annotations[constants.CheEclipseOrgScmGitHubDisableSubdomainIsolation]) } return nil diff --git a/pkg/deploy/server/server_deployment_test.go b/pkg/deploy/server/server_deployment_test.go index 91577bf1e..4830dd2ba 100644 --- a/pkg/deploy/server/server_deployment_test.go +++ b/pkg/deploy/server/server_deployment_test.go @@ -14,8 +14,6 @@ package server import ( "os" - "k8s.io/utils/pointer" - "k8s.io/apimachinery/pkg/api/resource" "github.com/eclipse-che/che-operator/pkg/common/chetypes" @@ -303,13 +301,14 @@ func TestMountBitbucketOAuthEnvVar(t *testing.T) { func TestMountGitHubOAuthEnvVar(t *testing.T) { type testCase struct { - name string - initObjects []runtime.Object - expectedIdKeyPath string - expectedSecretKeyPath string - expectedOAuthEndpoint string - expectedVolume corev1.Volume - expectedVolumeMount corev1.VolumeMount + name string + initObjects []runtime.Object + expectedIdKeyPath string + expectedSecretKeyPath string + expectedOAuthEndpoint string + expectedDisableSubdomainIsolation string + expectedVolume corev1.Volume + expectedVolumeMount corev1.VolumeMount } testCases := []testCase{ @@ -329,8 +328,9 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) { "app.kubernetes.io/component": "oauth-scm-configuration", }, Annotations: map[string]string{ - "che.eclipse.org/oauth-scm-server": "github", - "che.eclipse.org/scm-server-endpoint": "endpoint_1", + "che.eclipse.org/oauth-scm-server": "github", + "che.eclipse.org/scm-server-endpoint": "endpoint_1", + "che.eclipse.org/scm-github-disable-subdomain-isolation": "true", }, }, Data: map[string][]byte{ @@ -339,9 +339,10 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) { }, }, }, - expectedIdKeyPath: "/che-conf/oauth/github/id", - expectedSecretKeyPath: "/che-conf/oauth/github/secret", - expectedOAuthEndpoint: "endpoint_1", + expectedIdKeyPath: "/che-conf/oauth/github/id", + expectedSecretKeyPath: "/che-conf/oauth/github/secret", + expectedOAuthEndpoint: "endpoint_1", + expectedDisableSubdomainIsolation: "true", expectedVolume: corev1.Volume{ Name: "github-oauth-config", VolumeSource: corev1.VolumeSource{ @@ -376,6 +377,9 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) { value = utils.GetEnvByName("CHE_INTEGRATION_GITHUB_OAUTH__ENDPOINT", container.Env) assert.Equal(t, testCase.expectedOAuthEndpoint, value) + value = utils.GetEnvByName("CHE_INTEGRATION_GITHUB_DISABLE__SUBDOMAIN__ISOLATION", container.Env) + assert.Equal(t, testCase.expectedDisableSubdomainIsolation, value) + volume := test.FindVolume(deployment.Spec.Template.Spec.Volumes, "github-oauth-config") assert.NotNil(t, volume) assert.Equal(t, testCase.expectedVolume, volume) @@ -472,185 +476,3 @@ func TestMountGitLabOAuthEnvVar(t *testing.T) { }) } } - -func TestMountGitHubDisableSubdomainIsolationEnvVar(t *testing.T) { - type testCase struct { - name string - cheCluster *chev2.CheCluster - initObjects []runtime.Object - expectedDisableSubdomainIsolation string - } - - testCases := []testCase{ - { - name: "Test #1", - cheCluster: &chev2.CheCluster{ - ObjectMeta: metav1.ObjectMeta{ - Name: "eclipse-che", - Namespace: "eclipse-che", - }, - Spec: chev2.CheClusterSpec{ - GitServices: chev2.CheClusterGitServices{ - GitHub: []chev2.GitHubService{ - { - DisableSubdomainIsolation: pointer.BoolPtr(true), - SecretName: "github-oauth-config", - }, - }, - }, - }, - }, - initObjects: []runtime.Object{ - &corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "github-oauth-config", - Namespace: "eclipse-che", - Labels: map[string]string{ - "app.kubernetes.io/part-of": "che.eclipse.org", - "app.kubernetes.io/component": "oauth-scm-configuration", - }, - Annotations: map[string]string{ - "che.eclipse.org/oauth-scm-server": "github", - }, - }, - }, - }, - expectedDisableSubdomainIsolation: "true", - }, - { - name: "Test #2", - cheCluster: &chev2.CheCluster{ - ObjectMeta: metav1.ObjectMeta{ - Name: "eclipse-che", - Namespace: "eclipse-che", - }, - Spec: chev2.CheClusterSpec{ - GitServices: chev2.CheClusterGitServices{ - GitHub: []chev2.GitHubService{ - { - DisableSubdomainIsolation: pointer.BoolPtr(false), - SecretName: "github-oauth-config", - }, - }, - }, - }, - }, - initObjects: []runtime.Object{ - &corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "github-oauth-config", - Namespace: "eclipse-che", - Labels: map[string]string{ - "app.kubernetes.io/part-of": "che.eclipse.org", - "app.kubernetes.io/component": "oauth-scm-configuration", - }, - Annotations: map[string]string{ - "che.eclipse.org/oauth-scm-server": "github", - }, - }, - }, - }, - expectedDisableSubdomainIsolation: "false", - }, - { - name: "Test #3", - cheCluster: &chev2.CheCluster{ - ObjectMeta: metav1.ObjectMeta{ - Name: "eclipse-che", - Namespace: "eclipse-che", - }, - Spec: chev2.CheClusterSpec{ - GitServices: chev2.CheClusterGitServices{ - GitHub: []chev2.GitHubService{ - { - SecretName: "github-oauth-config", - }, - }, - }, - }, - }, - initObjects: []runtime.Object{ - &corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "github-oauth-config", - Namespace: "eclipse-che", - Labels: map[string]string{ - "app.kubernetes.io/part-of": "che.eclipse.org", - "app.kubernetes.io/component": "oauth-scm-configuration", - }, - Annotations: map[string]string{ - "che.eclipse.org/oauth-scm-server": "github", - }, - }, - }, - }, - expectedDisableSubdomainIsolation: "", - }, - { - name: "Test #4", - cheCluster: &chev2.CheCluster{ - ObjectMeta: metav1.ObjectMeta{ - Name: "eclipse-che", - Namespace: "eclipse-che", - }, - Spec: chev2.CheClusterSpec{ - GitServices: chev2.CheClusterGitServices{ - GitHub: []chev2.GitHubService{ - { - SecretName: "NOT-FOUND-SECRET", - DisableSubdomainIsolation: pointer.BoolPtr(true), - }, - }, - }, - }, - }, - initObjects: []runtime.Object{ - &corev1.Secret{ - TypeMeta: metav1.TypeMeta{ - Kind: "Secret", - APIVersion: "v1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "github-oauth-config", - Namespace: "eclipse-che", - Labels: map[string]string{ - "app.kubernetes.io/part-of": "che.eclipse.org", - "app.kubernetes.io/component": "oauth-scm-configuration", - }, - Annotations: map[string]string{ - "che.eclipse.org/oauth-scm-server": "github", - }, - }, - }, - }, - expectedDisableSubdomainIsolation: "", - }, - } - - for _, testCase := range testCases { - t.Run(testCase.name, func(t *testing.T) { - ctx := test.GetDeployContext(testCase.cheCluster, testCase.initObjects) - - server := NewCheServerReconciler() - deployment, err := server.getDeploymentSpec(ctx) - assert.Nil(t, err, "Unexpected error %v", err) - - container := &deployment.Spec.Template.Spec.Containers[0] - - value := utils.GetEnvByName("CHE_INTEGRATION_GITHUB_DISABLE__SUBDOMAIN__ISOLATION", container.Env) - assert.Equal(t, testCase.expectedDisableSubdomainIsolation, value) - }) - } -}