diff --git a/deploy/cluster_role.yaml b/deploy/cluster_role.yaml index 783c509e6..36941bd27 100644 --- a/deploy/cluster_role.yaml +++ b/deploy/cluster_role.yaml @@ -31,3 +31,9 @@ rules: - infrastructures verbs: - get + - apiGroups: + - user.openshift.io + resources: + - users + verbs: + - list diff --git a/olm/README.md b/olm/README.md index 7e1a225c4..83a9a501a 100644 --- a/olm/README.md +++ b/olm/README.md @@ -3,7 +3,7 @@ OLM packages scripts are using some required dependencies that need to be installed - [curl](https://curl.haxx.se/) - [https://github.com/kislyuk/yq](https://github.com/kislyuk/yq) and not [http://mikefarah.github.io/yq/](http://mikefarah.github.io/yq/) - - [Operator SDK v0.8.2](https://github.com/operator-framework/operator-sdk/blob/v0.8.2/doc/user/install-operator-sdk.md) + - [Operator SDK v0.10.0](https://github.com/operator-framework/operator-sdk/blob/v0.10.0/doc/user/install-operator-sdk.md) If these dependencies are not installed, `docker-run.sh` can be used as a container bootstrap to run a given script with the appropriate dependencies. diff --git a/olm/docker-run.sh b/olm/docker-run.sh index d1cd1c590..e1be4ddfa 100755 --- a/olm/docker-run.sh +++ b/olm/docker-run.sh @@ -17,7 +17,7 @@ GIT_ROOT_DIRECTORY=$(git rev-parse --show-toplevel) IMAGE_NAME="eclipse/che-operator-olm-build" # Operator SDK -OPERATOR_SDK_VERSION=v0.8.2 +OPERATOR_SDK_VERSION=v0.10.0 init() { BLUE='\033[1;34m' diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/csv-config.yaml b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/csv-config.yaml index f6247f640..d3dd5cfd2 100644 --- a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/csv-config.yaml +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/csv-config.yaml @@ -1,3 +1,3 @@ -role-path: generated/current-role.yaml +role-paths: [ "generated/roles/role.yaml" ] operator-path: ../../deploy/operator.yaml crd-cr-paths: ["../../deploy/crds/org_v1_che_crd.yaml"] diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1564753341/eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341.clusterserviceversion.yaml b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1564753341/eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341.clusterserviceversion.yaml index 6aff3cbef..ae6939f61 100644 --- a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1564753341/eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341.clusterserviceversion.yaml +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1564753341/eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341.clusterserviceversion.yaml @@ -134,7 +134,7 @@ spec: ``` ***important:*** The operator is only tracking resources in its own namespace. If CheCluster is not created in this namespace it's ignored. The operator will now create pods for Eclipse Che. The deployment status can be tracked by looking at the Operator logs by using the command: - ``` + ``` $ kubectl logs -n my-eclipse-che che-operator-554c564476-fl98z ``` ***important:*** pod name is different on each installation @@ -145,7 +145,7 @@ spec: Eclipse Che URL can be tracked by searching for available trace: ``` $ kubectl logs -f -n my-eclipse-che che-operator-7b6b4bcb9c-m4m2m | grep "Eclipse Che is now available" - time="2019-08-01T13:31:05Z" level=info msg="Eclipse Che is now available at: http://che-my-eclipse-che.gcp.my-ide.cloud" + time="2019-08-01T13:31:05Z" level=info msg="Eclipse Che is now available at: http://che-my-eclipse-che.gcp.my-ide.cloud" ``` When Eclipse Che is ready, the Eclipse Che URL is displayed in CheCluster resource in `status` section ``` diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.crd.yaml b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.crd.yaml new file mode 100644 index 000000000..ec7b9103f --- /dev/null +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.crd.yaml @@ -0,0 +1,15 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: checlusters.org.eclipse.che +spec: + group: org.eclipse.che + names: + kind: CheCluster + listKind: CheClusterList + plural: checlusters + singular: checluster + scope: Namespaced + version: v1 + subresources: + status: {} diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml new file mode 100644 index 000000000..35ea5e103 --- /dev/null +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml @@ -0,0 +1,354 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "org.eclipse.che/v1", + "kind": "CheCluster", + "metadata": { + "name": "eclipse-che" + }, + "spec": { + "k8s": { + "ingressDomain": "", + "tlsSecretName": "" + }, + "server": { + "cheImageTag": "nightly", + "devfileRegistryImage": "quay.io/eclipse/che-devfile-registry:nightly", + "pluginRegistryImage": "quay.io/eclipse/che-plugin-registry:nightly", + "tlsSupport": false, + "selfSignedCert": false + }, + "database": { + "externalDb": false, + "chePostgresHostname": "", + "chePostgresPort": "", + "chePostgresUser": "", + "chePostgresPassword": "", + "chePostgresDb": "" + }, + "auth": { + "identityProviderImage": "eclipse/che-keycloak:nightly", + "externalIdentityProvider": false, + "identityProviderURL": "", + "identityProviderRealm": "", + "identityProviderClientId": "" + }, + "storage": { + "pvcStrategy": "per-workspace", + "pvcClaimSize": "1Gi", + "preCreateSubPaths": true + } + } + } + ] + capabilities: Seamless Upgrades + categories: Developer Tools + certified: "false" + containerImage: quay.io/eclipse/che-operator:nightly + createdAt: "2019-09-02T15:14:29Z" + description: A Kube-native development solution that delivers portable and collaborative + developer workspaces. + repository: https://github.com/eclipse/che-operator + support: Eclipse Foundation + name: eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Eclipse Che cluster with DB and Auth Server + displayName: Eclipse Che Cluster + kind: CheCluster + name: checlusters.org.eclipse.che + specDescriptors: + - description: TLS routes + displayName: TLS Mode + path: server.tlsSupport + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + statusDescriptors: + - description: Ingress to access Eclipse Che + displayName: Eclipse Che URL + path: cheURL + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Ingress to access Keycloak Admin Console + displayName: Keycloak Admin Console URL + path: keycloakURL + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Eclipse Che server version + displayName: Eclipse Che version + path: cheVersion + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: The current status of the application + displayName: Status + path: cheClusterRunning + x-descriptors: + - urn:alm:descriptor:io.kubernetes.phase + - description: Reason of the current status + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Message explaining the current status + displayName: Message + path: message + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Link providing help related to the current status + displayName: Help link + path: helpLink + x-descriptors: + - 'urn:alm:descriptor:org.w3:link' + version: v1 + description: | + A collaborative Kubernetes-native development solution that delivers Kubernetes workspaces and in-browser IDE for rapid cloud application development. + This operator installs PostgreSQL, Keycloak, Registries and the Eclipse Che server, as well as configures all these services. + ## Prerequisites + - Operator Lifecycle Manager (OLM) needs to be installed. + - Kubernetes Platform. For OpenShift, the installation is directly made from OperatorHub UI in the admin console. + + OLM installation can be checked by running the command: + ``` + $ kubectl get pods --all-namespaces | grep olm + olm catalog-operator-7b8cd7f8bf-2v7zj 1/1 Running 0 10m + olm olm-operator-5c5c798cd5-s6ll5 1/1 Running 0 10m + olm olm-operators-fm5wc 1/1 Running 0 10m + olm operatorhubio-catalog-d78km 1/1 Running 0 10m + olm packageserver-5c5f64947b-trghp 1/1 Running 0 9m56s + olm packageserver-5c5f64947b-zqvxg 1/1 Running 0 9m56s + ``` + + ## How to Install + Install `Eclipse Che Operator` by following instructions in top right button `Install`. + + A new pod che-operator is created in `my-eclipse-che` namespace + + ``` + $ kubectl get pods --all-namespaces | grep my-eclipse-che + my-eclipse-che che-operator-554c564476-fl98z 1/1 Running 0 13s + ``` + + The operator is now providing new Custom Resources Definitions: `checluster.org.eclipse.che` + + Create a new Eclipse Che instance by creating a new CheCluster resource: + + On the bottom of this page, there is a section `Custom Resource Definitions` with `Eclipse Che Cluster` name. + + Click on `View YAML Example` *Link* and copy the content to a new file named `my-eclipse-che.yaml` + **Important!** Make sure you provide **K8s.ingressDomain** which is a global ingress domain of your k8s cluster, for example, `gcp.my-ide.cloud` + Create the new CheCluster by creating the resource in the `my-eclipse-che` namespace : + ``` + $ kubectl create -f my-eclipse-che.yaml -n my-eclipse-che + ``` + ***important:*** The operator is only tracking resources in its own namespace. If CheCluster is not created in this namespace it's ignored. + The operator will now create pods for Eclipse Che. The deployment status can be tracked by looking at the Operator logs by using the command: + ``` + $ kubectl logs -n my-eclipse-che che-operator-554c564476-fl98z + ``` + ***important:*** pod name is different on each installation + + When all Eclipse Che containers are running, the Eclipse Che URL is printed + + + Eclipse Che URL can be tracked by searching for available trace: + ``` + $ kubectl logs -f -n my-eclipse-che che-operator-7b6b4bcb9c-m4m2m | grep "Eclipse Che is now available" + time="2019-08-01T13:31:05Z" level=info msg="Eclipse Che is now available at: http://che-my-eclipse-che.gcp.my-ide.cloud" + ``` + When Eclipse Che is ready, the Eclipse Che URL is displayed in CheCluster resource in `status` section + ``` + $ kubectl describe checluster/eclipse-che -n my-eclipse-che + ``` + + ``` + Status: + Che Cluster Running: Available + Che URL: http://che-my-eclipse-che.gcp.my-ide.cloud + Che Version: 7.0.0 + ... + ``` + + By opening this URL in a web browser, Eclipse Che is ready to use. + ## Defaults + By default, the operator deploys Eclipse Che with: + * Bundled PostgreSQL and Keycloak + * Per-Workspace PVC strategy + * Auto-generated passwords + * HTTP mode (non-secure ingresses) + ## Installation Options + Eclipse Che operator installation options include: + * Connection to external database and Keycloak + * Configuration of default passwords and object names + * TLS mode + * PVC strategy (once shared PVC for all workspaces, PVC per workspace, or PVC per volume) + * Authentication options + ### External Database and Keycloak + To instruct the operator to skip deploying PostgreSQL and Keycloak and connect to an existing DB and Keycloak instead: + * set respective fields to `true` in a custom resource spec + * provide the operator with connection and authentication details: + ``` + externalDb: true + chePostgresHostname: 'yourPostgresHost' + chePostgresPort: '5432' + chePostgresUser: 'myuser' + chePostgresPassword: 'mypass' + chePostgresDb: 'mydb' + externalIdentityProvider: true + identityProviderURL: 'https://my-keycloak.com' + identityProviderRealm: 'myrealm' + identityProviderClientId: 'myClient' + ``` + ### TLS Mode + To activate TLS mode, set the respective field in the CR spec to `true` (in the `server` block): + ``` + tlsSupport: true + ``` + You will also need to provide name of tls secret that will be used for Eclipse Che and workspaces ingresses: + ``` + tlsSecretName: 'my-ingress-tls-secret' + ``` + displayName: Eclipse Che + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAANMAAAD0CAYAAAABrhNXAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QA/wD/AP+gvaeTAAAaNklEQVR42u3de3QU9dkH8O/zm91EQK0U77dqVdTW++1V20KigUSQahLjsSSbtp4eeqqVLHILCcoiyQZEIbF61B6PVQJ6XiOkr6TlYiABr603wHotar1bBUWUYDY787x/JIGoSchmZ+c3M/t8/iS7M8+M5+vs7szz/IiZIYRIntJdgBB+IWESwiYSJiFsImESwiYSJiFsImESwiaBvv5ARLprEwB4ddaJTBQF8w/JsKbQmI0v665JAL3dUqK+7jNJmPTiNWOHWYhNB1AOILPrn+MA369MazaNe+Iz3TWmMwmTB3AEyrwwu4SIbwVwWB+v+hxEt6gg7qLs1rjumtORhMnlePUlF5hk1RFw4QDf8rrFmBLMa12tu/Z0I2FyKV53yVGWyTVgLgGQ8IknoImMQBnlNL+t+1jShYTJZXjlhKFW8KsbQJgNYP8ktxYDcI8yh95E41bt1H1sfidhcpH4mtETCHQHgONs3vTHAEXUMy33UQSW7uP0KwmTC/DqS84xyaol4Bcp3tULiqiMxrY8pfuY/UjCpBG3ZB1sxfgmgK4HYDi1WwI9SnGaTuPXv6v7HPiJhEkDfv7coPX5AdeB+RaADtRURRtAC9UB7Qvo4md26z4nfiBhcljH6qwcRbgDwKm6a+nyATNVGrkt9USQrtAkSJgcwquyT2ZlLWLQON219FofsMEghGls6ybdtXiVhCnFuOnnw62gEQHoOvTz3KM7sAVSy5RS0yln3X91V+M1EqYU4ZasgBWjawGuAnCI7noStAOM+coaUkvjVrXrLsYrJEwp0LHmkksUrFoAp+uuJSnMbzLR1EBua5PuUrxAwmSj7tYIBhfprsVOBDQTU5jyWl7RXYubSZhs0KM1YiaA/XTXkyIdAN+tMmgOZbfu0F2MG0mYksAMMtdkh4h4AYDDddfj0FF3tnrsOOROurrB1F2Nm0iYBolXjT7fVFRHwEW6a9FkkyIK09iWDboLcQsJU4KSbY3wGwKaCNZkyt34ju5adJMwDRA/fdEQa2fmZBAqARygux536Wr1+CY+m6546ivd1Wg7CxKmfUtha4TP8EeAmpuurR4Spn7w46PONi2qJdAo3bV4CROeM1iFKXf907prcfS4JUzfx82XjrDM+M0Ot0b4TWerB8yplLvxfd3FOHLAEqYeJ2NPawTmAviB7np8YheA21QG5lN26ze6i0klCVOXjtVZOUpxHZh+orsWn3qfmWYH8lqW6C4kVdI+TLwq+2Q2+HZmjNddSzogoIUsI0yXrduiuxa7pW2YuOnnw62MwEwwTwEoQ3c96aWr1SMen+qnKbRpF6a901GthQAdqrueNPcFGAvUzkMW09UNMd3FJCutwtSxenS2ItQCdIbuWsS3vMFENwbGtvxddyHJSIsw8ZpRx1hkVIM5pLsW0TcCmsk0ymjculd11zIYvg5TmrRG+E1nq4cK3kxjmr/UXUwifBkmZpD5+OiriHEbQMfqrkcMynYQ5nmp1cN3YepsjUAtgS7WXYuwA7+oGGHK2/CE7kr2WalfwsRrxxxpcWwOgN8BJEuJ+gwBTWThBrqs9T+6a+mL58PEjxRlWAd99gcw5kFaI3yO20D0JxVEFWW3fq27mu9V5+UwdbVG1AE4XnctwlEfMlOF26bQejJMvDbrLJNRS8Bo3bUIfRj8T0NRGY1pfVZ3LYDHwsSrc39o0TdzpDVC7OWeKbSeCFOP1ogIgIO0FCHcrrPVwxxSo2sKrevD1LVqRC2Anzq+c+FFW5m4IjB2Q4PTO3ZtmLj50pFsmrczcLnTJ0V4HzHWESFMua3/cmqfrgsTt2QdZHWgHIwwgEynToTwpTjA96sMqqTs1m2p3plrwiStESJ1uqbQBnEXZbfGU7YXN4SpY1VWllKoBXBmqg5UCACvW4wpwbzW1anYuNYw8d+zjrYCFJXpqMJJBDSRESijnOa37dyuljDxyglDrYyvZkBaI4Q2XVNozaE30bhVO23ZopNhktYI4UIfAxSxYwqtY2HitVnndT0C9DOHT5YQA/GCIiqjsS1PDXYDKQ8Tr/7FERapCKQ1Qrhf5xTaOE2n8evfTfjNqQrT3tYIvgWgA3WfJSEGjtsAWpjoFNqUhKmzNQK1AP1Y92kRIgkfMFPlQFs9bA0TPz7qVLbUIgbydJ8FIezChFbDojDltWzu93V2hElaI4T/dbV6cHAa5a79tNdXJBMmbskKWDG6FszVIBys+3CFcMAOMOYra0jtd1s9Bh2mjrXZlyrmWgCn6T46IRzH/CYTTQ3ktjbt/acEw8RrR53EbFQzuEj38QihGwHNxBSmvJZXEgqT9Xj2bWC+QVaNEKInjoFQpca0zvvuXwJ9vwdT5XlUIXpiC6T+Vyn1597+Gkh0c0KkIwb+YUCV0diWfwBAbx/oJExC9G/AN3MlTEL0qudE2ZYBTZSVMAnxHQQ0Udz4Y6IPwEqYhNiDX1SdU2OfHMy7pU1CCMY2EMLqy0MvGGyQALkyifTWuXKhNfQmyku+nV3CJNISAc2krMk0ZuNrdm1TwiTSzRtMdKORgtXeJUwiXXwBwtzO4ZQtKRlOKWESftc5Ntm0ZtO4Jz5L5Y4kTMK3CLyerMAUumzdFif2J2HyBu58GkwmPg3QW8w01chr/T8ndyr/cVyPX1QKoxTUBcwY9D2QNLELwFyVgdMCeS2OBgmQK5N7MbZBoUrtOPROurrBBABmjDIfH30VgRaC8SPdJboIg2ip6uAZNL71E11F9N0cuDbbNStbp5nOG4n9zMXuMb99BoAhugvWiQnPGSaX0WUbnnF0vwl12kqYHEdAE5kqTOPWvzWQ16f5yiIfMlPFQOfc2U3C5F5vMHhKIHfDqsG8mddmj7Y6B96cpftAHLAbhDvU7o5quuKpr3QVIWFynx43EpNb5W7vaox8K4DDdB9YKhDQRLAmU+7Gd3TXImFyj5TdSOSWrP2tGKYBKIdf1glmvKRIhSl3/UbdpewpScKkH4HXk+Iwjdn4cir345MxbdtBmKd2HLLnF023kDDptZWJKwJjNzQ4udOO1Vk5ilAL4Ke6T0AiZQN8t1LBm2lM85e6i+mNhEmPXQBuS3TJEjvx8+cGre0H/tYLo617DnrUXUt/JEzOcsWNxG8V5OZFF3oZQexmEiaHMPifhoWw0zcSB1zf46NOZVMtZkKu7lrQPRx/5yGL6eqGmO5iBkrClHpabyQmqnOhOqoDcLzze9/3si1u1ltu5EFXe+wGYYHKwCmBvJYlXggSAARyN6xUXx5yCghhAI7dAGVCq2J1jjG2pdSLQeqLXJmSREATWbiBLmv9j+5aksFrxxxpcWwOUru49/vMNNsrV+7+yMc8OzFeUuAyytvwhO5SbD2stVnnmcx1BLrYxq0OahFmN5Mw2cO1NxLtwgwyHx99FTFuA+jYZDZFoEdJGdNoTPN7uo/LThKm5Lj+RqLdeM3YYRZi0wHMBLBfQu8FnjeIwjS25Sndx5GScyNhGhwCmsk0ymjculd116IDrxl1jEVGNZhDA3j5xwBF1DMt91EElu7aU3ZOJEwJe4OJbgykYMaaF3WsHp3d+WgSnfH9v3IMwD39NTX6iYRp4L4AY4HXbiQ6YW+rh7UQoEOBrl80jUAZ5TS/rbs+x86DhGmf4gD/WRmBmyln3XbdxbhZ56NJ7dMtqMeDuevX667H8eOXMPWNgBayjLBTM9aEt/WWG5lO1H0jMa9lie5ChLelc5h6tEa0+OJGotArHcPUeSMR5lTK3fi+7mKEf6RVmJjwnMEqTLnrn9Zdi/CfNHlqnD8C6PfG060XSpBEqvj9ytQ1Yy2udcaaSA++DdOeGWtj9c9YE/4RiUTUlreCpQAe+O7f/BimTQqqzE0z1oQ/FBTXnL9lK2oBvhg+D5PvWyOEHr+8ZsGRgUB8DsC/Qz+/M/ghTGnXGiGcUVS0aEg8s30ywawE6IB9vd7TYdo7Y63V1TPWhPcUhqommPxNHSUwbMabYeqasWZ4ZMaa8I4rJ1afpRTqmGlUou/1Wpg6Z6xZQ2tp3Kp23cUI/ygqivzQysiYw4RBD+j0SJh6zFjL889oKKHfpEn3Bre3bbvOBEUAHJTMtlwfJia0GpYKU27LZt21CH8pLK3J2bZrey2IbFnUwM1hep+ZZgdypTVC2Cu/NDpSMW5niy+3c/FSF4ap54w1aY0Q9rnyN5GDjHiwnC2EOQULwbkpTF0z1gK+m7Em9IpEImrz1mAJxelWTuESpa4Ik99nrAl98kPR0Vu2oo6AM1O9L81h4o8ANdfw+Yw14byC4gVHA2YUjBLAzm9GfdMSprhF2PThwZvf3Tli/NU33vOhjhqEP02YFBkabAvOAMwZAIY4uW/Hw/TCB4fgL8+fgv9+NeRMAM8Vhmoip5/Qfl8kEpErk0gCU35o/lXUxgsB/EhHBY6N+vrgy/3xwPMnY/NHI3r78/NghFcsq5DvTCJhV06sOVcprgPwM6f2ubx+1vc+Oqb8yvR1ewANL5+I1a8fA4v7/Oh6HghPFJZEH1VKTWtYUi6/5ol9KiipPgJAZF+tEU5J2ZXJtAgtbx2FhzediJ3fZCTy1jaAFx4Y6Jj/wAMRuc8kvqeoKJJhZQb/YIFuIeBAHTX0dmVKSZpf/mQEZvztItz77E8SDRIADAVozs54xr/zS6pLAXbklxjhDYWhqglmZsZrDKrVFaS+2Hpl+njnUDy86UQ88+7hthXIQCugwo1Ly+XZvDRW+KvoKWxgMYA83bUAKfzO9E2HgZWvHYfGl49Hh2XvxY6ALMB6saA4uoxVcFpj/XR5ajyN9GiNuA7a74v2L6krEwN44p0jUf/CSOzYnfDHucHYwaD53wwfVrvqT5Oln8nHsrIigRHHZF7LbFUDdLDuer7L1u9M/972A1Su+h/86cnTnAoSABxE4PlDvvh6S35x9HKndiqcdVVx9aUjjs54kZnvdWOQ+pLwZXN72354+KWTsPGdw8H6fhsYSYSVBcXRZgqo8PIHy2UGhA8UldScaIGjFlCku5bBGHCY2k2Fx145Hn995TjE4oPq6rUfIYdN66XC4ujdZjA2568PRHboLkkkLhRaOGwXx6ab4HKkoDXCKfv8zsRMePa9w1D/wkh8tiuhBbcdPhJ8Tsy3qPaT7mxouFrm5nkCU35JNESgBQDs+wnYAb19Z+o3TG9tPxAPPn8yXvt0uO7aE8CvEWHK8vrKNborEX27cmLVBUoZdQBfqLuWwUjop/G7nj4NG946AuzM0+s2olOZsbowFG1SMCc31N8ks8ZdpKi06ijTVDUglPjthnyfYWp960jdtSWFGZebMMYWFkfv6cg0Zj92/0xZBUOj7umopsWzQdhfdz2poP3hwBTLYMLkQMx8vTBUMykSifj9eF2pMFQ1wcz45lUCzwf8GSTA/2HqdiQz37tla8azV5VUXay7mHRRUFJ9Tn5JdCOzegyE43TXk2qufjwjBc63oJ6UVo/Uyi+NjlAmbmbgehrkdFQvSrcwAQAxUGRa1riCkurbpNXDPt3TUdnCXCb8QHc9TkuXj3m9GQbQnJ1mxpudrR4iGYWlNTmftW3fxKBaIP2CBKTnlenbGMcQ6MGCUPQ3RBxevqRyi+6SvKSoZN7JJoxFbPE4X/3OPQgSpm6MbGZ6SVo9Bmb8xJrh+ylrpgmaAsCxJ53dTML0bQqEkOKOy/NLahYE2tsXNzREYrqLcpM901HBCxl0qO563CSdvzP1iYHhBJ5vZma8XFBSPV53PW5RMLE6e8vWjJcI9CAACdJ3yJWpfyMBaioojjYbQFnDsopXdRekwxXXVB1jGKoahJDuWtxMwjQQhBwT2FRYHL1bxdTNDQ3labEQdXdrBEAzAbi4ZcAd5GPewAWZMNnMtN4qLKkuKyp6xMc3I5nyQzVFu7jjVYDmQII0IBKmxI1gUK2ZufW5gonzE15E2O0KimvOLyiZ/yQxPwLgWN31eIl8zBu8s6GsDX5p9fjlNQuODATic9wyHdWLJExJ6mr1uLSwpPqOjoxAtddaPbqnozLMeQAdoLseL5P/A9ljCINmBmLma16aQts1HfX1rkeAJEhJkiuTvY4i0IMFJTV/ZBUta1xS8YzugnqTH1pwKlnmYmbk6q7FTyRMqXE+WXiqoDi61AgGZjQ8MOMT3QUBPaajsnk9KH1aI5wiYUodAiFkxuMFuls9Jk26N7h99+e/NdmqBuCZoY5eI9+ZUm9Y16oeL+eHahwfrlhYWpOzbdf2l7w2HdWL5MrknBOJ+ZGCkuh6Ujwl1a0ehRPnnQTDWMQWX+65AVMeJWFy3iVs0QsFJdX3G0Ga3fCXis/s3PiVv4kcZMSD5QwKg707HdWLJEx6BACaZHWgyK5Wjz2tEXG6lYHDdB9gOpLvTBp1t3rEMzO3FIai4wa7nfxQdPTLWzNe6GqNkCBpIlcmFyDwycz4W0FxtJmVMbmxfuZrA3lfQfGCowEzCkYJQ74Z6SZhchNCDrG5ubA4encbYjetWhbZ2dvLJkyKDA22BWcA5gwAQ3SXLTrJxzz3CTJh8hAK9tLq0dkaEWzL6G6NkCC5SJ+rYBSGahJeIFqkxIsKCMctalOK6wD8THdBIoULRIuUOscCNijFDPkk4WoSJm8gyA8Mrif/pxPCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWzSd5iIbgcgS1AK8W2xrmx8T59hWlE/axpZ5mkENOiuXghXYDSToc5ZUT9rWm9/7rM5kGjvE/9XFVdfahHVAjhN9/EIocGbAN+4Ymnl37r/obfcDChMAJCVFQmMOCbzWmarWiaDijSxg0HzexvFllSYuu0Z/k64DtJcKPzJAmMZq+C0xvrpn/b2AlvC1K3wV9FT2MBiAHm6j1wIuzDQCqhw49Lyzf2+zs4wdSsMVU1gVrUAfqz7RAgxaIT3mXl249LKJQN5eW+5Sfo+0/L62SuN9tipBA4zsDPZ7QnhsDaA5x5oxEYONEh9SfrK1FNBSfURACIAySLDwu2YgEeVUtMalpS/l/CbU/ExrzdXTqw5V2a8CRd7HozwimUVTw12A46FqWt3lB+afxUxLwTwIyfPlBB9+JiIIqef0H5fJBKxktmQw2HqtHcuNslcbKFLjBj39De/PVFawtRtz4oNhBLIQEXhECI0waSy5Q/NetvO7WoNU7f8UHQ0MeoAnJmSHQgBAITXmWlK49JZq1Ox+ZT8NJ6oxvqKDWecGDuHwb8G8F+n9y98jvA5gcOfvx87PVVB6nPXTl+ZevrW+quQ9VdFUuIA399hZlaufHjatlTvzBUf83qTXxodqRi3M+Nyx3YqfIOBdSAON9ZX/suxfbo1TN0KS2ty2ORaEH7q+M6FB9G/mVDZWD/L8Z47V3xn6s/yJbOaDx424mwi+j3AKb9UC8/6GuC5u4cPO11HkPriqitTTz1aPa4HYCS9QeEHFhjL4hZPf+zhSq0/Xrn+Y15v8kMLTiXLXAxCru5ahEaEf8KyylYsm/2s7lIAj4apW1erRx2A43XXIhz1IYMrGpdW1APkmnWWXf+dqT9drR6nEDgM4Cvd9YiUayPwAqM9dkpna4R7gtQXz1yZevrlNQuODATic6TVw5+I0GQadMNfH5j1H9219MXTH/N6UxiqOo/ZqAP4Yt21CFu8qIDwo0srntBdyL74Lkxdh9Xd6nEbgGN1VyMGg7cRUKXaT7qzoeFqU3c1A6rYn2HqFAotHLaLY9MBmglgP931iAHpIMbddrZGOMXXYep2xTVVxxiGqgYhpLsW0Q9GMytjcmP9zNd0lzKo8tMhTN0KJlZnQ1EtgDN01yL2YtAbivjG5fUVf9ddS1LH4eWfxhO14qHKljNOjJ3d1erxadIbFEkh4AsGlQfa28/wepD6PEa/Xpl66tHqMQVAhu560owFxjIjA1Mb/lLxme5i7JJWH/N6k18aHUkWLQJ4vO5a0gKhhYjDy5dUbtFdit3SPkzdCktrciyL6wj4ie5afOo9Bt+U7FBHN0ur70z9Wb5kVvMhQ0ec1fVo0pe66/GRXQDPPTAQO9nPQepLWl6ZesovjY5QJm6WVo+kMBhLjWBgRsMDMz7RXYwjBywf8/pWWFpzNltWLUCjdNfiMc+xQlnjkopndBfiJAnTAEirx4B9xOBZbmuNcIqEaYCKihYNiWe2TyZwJYADdNfjMrsJfEdHRqD6sftnpm0rjIQpQUWlVUeZpqqRKbSdiNCkYE5uqL/pHd216CZhGqSC4przAa4D4SLdtWjyEiwVXvFQ+UbdhbiFhCkpTPkl0RCBFgA4XHc1DtlO4Hleao1wioTJBmnS6tFBjLtVTN3c0FAu9+F6IWGy0ZW/nneCYRo1DBTprsVWjGYKqPDyB8tf0V2Km0mYUiA/VHMJMS+G91s93mTG1MZlFU26C/ECeZwoBRrrZ63v0erhxaeidzCofPfw/c+QICVHrkw2Gj+xZvh+yprpkVYPC4xlrILTGuunS79XguRjnkOKSuadbMJYBGCc7lp6w0AroMKNS8s3667FqyRMDissrclhy7oDoFN119LlAwZXpusjQHaS70wOW75kVvPBQw8+0wWtHm1drREneWU6qhfJlckhmlo9mIBH2bKmr3ho9ru6z4GfyMc8FygoqT6HQbUE/CKV+yHCC2yhbMWyiqd0H7MfSZhcpDBUNYEtdQcIx9m86Y+JKHL6Ce33RSIRS/dx+pWEyWUmTIoMDbRl3kDg2QD2T3JzMWLc48XpqF4kYXKpZFs9iNAEk8qWPzTrbd3Hki4kTC535cSqC5Qy6gC+cEBvILzOTFMal85arbv2dCNh8oQBtHoQPifmW7Z/0HFXa2skrrvidCRh8pAerR7lADK7/jkO8P0dZmblyoenyWr0GkmYPKhw4ryTYBiL2EKQlTHFq6tG+E1CYRJCJEYeJxLCJhImIWwiYRLCJhImIWwiYRLCJv8P9sXhC7xE4kIAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTktMDQtMTNUMDg6MTY6MDgrMDI6MDCcYZVaAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE5LTA0LTEzVDA4OjE2OjA4KzAyOjAw7Twt5gAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + deployments: + - name: che-operator + spec: + replicas: 1 + selector: + matchLabels: + app: che-operator + strategy: {} + template: + metadata: + labels: + app: che-operator + spec: + containers: + - command: + - /usr/local/bin/che-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: che-operator + image: quay.io/eclipse/che-operator:nightly + imagePullPolicy: Always + name: che-operator + ports: + - containerPort: 60000 + name: metrics + resources: {} + restartPolicy: Always + serviceAccountName: che-operator + terminationGracePeriodSeconds: 5 + permissions: + - rules: + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - services + - serviceaccounts + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - pods/exec + - pods/log + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - org.eclipse.che + resources: + - '*' + verbs: + - '*' + serviceAccountName: che-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - eclipse che + - workspaces + - devtools + - developer + - ide + - java + links: + - name: Product Page + url: http://www.eclipse.org/che + - name: Documentation + url: https://www.eclipse.org/che/docs + - name: Operator GitHub Repo + url: https://github.com/eclipse/che-operator + maintainers: + - email: dfestal@redhat.com + name: David Festal + maturity: stable + provider: + name: Eclipse Foundation + replaces: eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341 + version: 9.9.9-nightly.1567437268 diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml.diff b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml.diff new file mode 100644 index 000000000..0df7065db --- /dev/null +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml.diff @@ -0,0 +1,119 @@ +--- /home/dfestal/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1564753341/eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341.clusterserviceversion.yaml 2019-09-02 16:52:51.000000000 +0200 ++++ /home/dfestal/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1567437268/eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268.clusterserviceversion.yaml 2019-09-02 17:14:29.000000000 +0200 +@@ -49,12 +49,12 @@ + categories: Developer Tools + certified: "false" + containerImage: quay.io/eclipse/che-operator:nightly +- createdAt: "2019-08-02T13:42:21Z" ++ createdAt: "2019-09-02T15:14:29Z" + description: A Kube-native development solution that delivers portable and collaborative + developer workspaces. + repository: https://github.com/eclipse/che-operator + support: Eclipse Foundation +- name: eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341 ++ name: eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268 + namespace: placeholder + spec: + apiservicedefinitions: {} +@@ -91,6 +91,21 @@ + path: cheClusterRunning + x-descriptors: + - urn:alm:descriptor:io.kubernetes.phase ++ - description: Reason of the current status ++ displayName: Reason ++ path: reason ++ x-descriptors: ++ - 'urn:alm:descriptor:text' ++ - description: Message explaining the current status ++ displayName: Message ++ path: message ++ x-descriptors: ++ - 'urn:alm:descriptor:text' ++ - description: Link providing help related to the current status ++ displayName: Help link ++ path: helpLink ++ x-descriptors: ++ - 'urn:alm:descriptor:org.w3:link' + version: v1 + description: | + A collaborative Kubernetes-native development solution that delivers Kubernetes workspaces and in-browser IDE for rapid cloud application development. +@@ -98,7 +113,7 @@ + ## Prerequisites + - Operator Lifecycle Manager (OLM) needs to be installed. + - Kubernetes Platform. For OpenShift, the installation is directly made from OperatorHub UI in the admin console. +- ++ + OLM installation can be checked by running the command: + ``` + $ kubectl get pods --all-namespaces | grep olm +@@ -109,23 +124,23 @@ + olm packageserver-5c5f64947b-trghp 1/1 Running 0 9m56s + olm packageserver-5c5f64947b-zqvxg 1/1 Running 0 9m56s + ``` +- ++ + ## How to Install + Install `Eclipse Che Operator` by following instructions in top right button `Install`. +- ++ + A new pod che-operator is created in `my-eclipse-che` namespace +- ++ + ``` + $ kubectl get pods --all-namespaces | grep my-eclipse-che + my-eclipse-che che-operator-554c564476-fl98z 1/1 Running 0 13s + ``` +- ++ + The operator is now providing new Custom Resources Definitions: `checluster.org.eclipse.che` +- ++ + Create a new Eclipse Che instance by creating a new CheCluster resource: +- ++ + On the bottom of this page, there is a section `Custom Resource Definitions` with `Eclipse Che Cluster` name. +- ++ + Click on `View YAML Example` *Link* and copy the content to a new file named `my-eclipse-che.yaml` + **Important!** Make sure you provide **K8s.ingressDomain** which is a global ingress domain of your k8s cluster, for example, `gcp.my-ide.cloud` + Create the new CheCluster by creating the resource in the `my-eclipse-che` namespace : +@@ -138,10 +153,10 @@ + $ kubectl logs -n my-eclipse-che che-operator-554c564476-fl98z + ``` + ***important:*** pod name is different on each installation +- ++ + When all Eclipse Che containers are running, the Eclipse Che URL is printed +- +- ++ ++ + Eclipse Che URL can be tracked by searching for available trace: + ``` + $ kubectl logs -f -n my-eclipse-che che-operator-7b6b4bcb9c-m4m2m | grep "Eclipse Che is now available" +@@ -151,7 +166,7 @@ + ``` + $ kubectl describe checluster/eclipse-che -n my-eclipse-che + ``` +- ++ + ``` + Status: + Che Cluster Running: Available +@@ -159,7 +174,7 @@ + Che Version: 7.0.0 + ... + ``` +- ++ + By opening this URL in a web browser, Eclipse Che is ready to use. + ## Defaults + By default, the operator deploys Eclipse Che with: +@@ -335,5 +350,5 @@ + maturity: stable + provider: + name: Eclipse Foundation +- replaces: eclipse-che-preview-kubernetes.v9.9.9-nightly.1563883405 +- version: 9.9.9-nightly.1564753341 ++ replaces: eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341 ++ version: 9.9.9-nightly.1567437268 diff --git a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/eclipse-che-preview-kubernetes.package.yaml b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/eclipse-che-preview-kubernetes.package.yaml index c4fabe759..fa671b013 100644 --- a/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/eclipse-che-preview-kubernetes.package.yaml +++ b/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/eclipse-che-preview-kubernetes.package.yaml @@ -1,7 +1,7 @@ -packageName: eclipse-che-preview-kubernetes channels: -- name: stable - currentCSV: eclipse-che-preview-kubernetes.v7.0.0 -- name: nightly - currentCSV: eclipse-che-preview-kubernetes.v9.9.9-nightly.1564753341 +- currentCSV: eclipse-che-preview-kubernetes.v9.9.9-nightly.1567437268 + name: nightly +- currentCSV: eclipse-che-preview-kubernetes.v7.0.0 + name: stable defaultChannel: stable +packageName: eclipse-che-preview-kubernetes diff --git a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/csv-config.yaml b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/csv-config.yaml index 0c1733e25..5e5aa017f 100644 --- a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/csv-config.yaml +++ b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/csv-config.yaml @@ -1,3 +1,3 @@ operator-path: ../../deploy/operator.yaml -role-path: generated/current-role.yaml +role-paths: [ "generated/roles/role.yaml", "generated/roles/cluster_role.yaml"] crd-cr-paths: ["../../deploy/crds/org_v1_che_crd.yaml"] diff --git a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.crd.yaml b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.crd.yaml new file mode 100644 index 000000000..ec7b9103f --- /dev/null +++ b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.crd.yaml @@ -0,0 +1,15 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: checlusters.org.eclipse.che +spec: + group: org.eclipse.che + names: + kind: CheCluster + listKind: CheClusterList + plural: checlusters + singular: checluster + scope: Namespaced + version: v1 + subresources: + status: {} diff --git a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml new file mode 100644 index 000000000..cf7cf5a4b --- /dev/null +++ b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml @@ -0,0 +1,388 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "org.eclipse.che/v1", + "kind": "CheCluster", + "metadata": { + "name": "eclipse-che" + }, + "spec": { + "server": { + "cheImageTag": "nightly", + "devfileRegistryImage": "quay.io/eclipse/che-devfile-registry:nightly", + "pluginRegistryImage": "quay.io/eclipse/che-plugin-registry:nightly", + "tlsSupport": false, + "selfSignedCert": false + }, + "database": { + "externalDb": false, + "chePostgresHostname": "", + "chePostgresPort": "", + "chePostgresUser": "", + "chePostgresPassword": "", + "chePostgresDb": "" + }, + "auth": { + "openShiftoAuth": true, + "identityProviderImage": "eclipse/che-keycloak:nightly", + "externalIdentityProvider": false, + "identityProviderURL": "", + "identityProviderRealm": "", + "identityProviderClientId": "" + }, + "storage": { + "pvcStrategy": "per-workspace", + "pvcClaimSize": "1Gi", + "preCreateSubPaths": true + } + } + } + ] + capabilities: Seamless Upgrades + categories: Developer Tools, OpenShift Optional + certified: "false" + containerImage: quay.io/eclipse/che-operator:nightly + createdAt: "2019-09-02T15:14:29Z" + description: A Kube-native development solution that delivers portable and collaborative + developer workspaces in OpenShift. + repository: https://github.com/eclipse/che-operator + support: Eclipse Foundation + name: eclipse-che-preview-openshift.v9.9.9-nightly.1567437269 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Eclipse Che cluster with DB and Auth Server + displayName: Eclipse Che Cluster + kind: CheCluster + name: checlusters.org.eclipse.che + specDescriptors: + - description: Log in to Eclipse Che with OpenShift credentials + displayName: OpenShift oAuth + path: auth.openShiftoAuth + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: TLS routes + displayName: TLS Mode + path: server.tlsSupport + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + statusDescriptors: + - description: Route to access Eclipse Che + displayName: Eclipse Che URL + path: cheURL + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Route to access Keycloak Admin Console + displayName: Keycloak Admin Console URL + path: keycloakURL + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Eclipse Che server version + displayName: Eclipse Che version + path: cheVersion + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:label + - description: The current status of the application + displayName: Status + path: cheClusterRunning + x-descriptors: + - urn:alm:descriptor:io.kubernetes.phase + - description: Reason of the current status + displayName: Reason + path: reason + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Message explaining the current status + displayName: Message + path: message + x-descriptors: + - 'urn:alm:descriptor:text' + - description: Link providing help related to the current status + displayName: Help link + path: helpLink + x-descriptors: + - 'urn:alm:descriptor:org.w3:link' + version: v1 + description: | + A collaborative Kubernetes-native development solution that delivers OpenShift workspaces and in-browser IDE for rapid cloud application development. + This operator installs PostgreSQL, Keycloak, and the Eclipse Che server, as well as configures all three services. + + ## How to Install + + Press the **Install** button, choose the upgrade strategy, and wait for the **Installed** Operator status. + + When the operator is installed, create a new CR of Kind CheCluster (click the **Create New** button). + The CR spec contains all defaults (see below). + + You can start using Eclipse Che when the CR status is set to **Available**, and you see a URL to Eclipse Che. + + ## Defaults + + By default, the operator deploys Eclipse Che with: + + * Bundled PostgreSQL and Keycloak + + * Per-Workspace PVC strategy + + * Auto-generated passwords + + * HTTP mode (non-secure routes) + + * Regular login extended with OpenShift OAuth authentication + + ## Installation Options + + Eclipse Che operator installation options include: + + * Connection to external database and Keycloak + + * Configuration of default passwords and object names + + * TLS mode + + * PVC strategy (once shared PVC for all workspaces, PVC per workspace, or PVC per volume) + + * Authentication options + + ### External Database and Keycloak + + To instruct the operator to skip deploying PostgreSQL and Keycloak and connect to an existing DB and Keycloak instead: + + * set respective fields to `true` in a custom resource spec + + * provide the operator with connection and authentication details: + + + + `externalDb: true` + + + `chePostgresHostname: 'yourPostgresHost'` + + + `chePostgresPort: '5432'` + + + `chePostgresUser: 'myuser'` + + + `chePostgresPassword: 'mypass'` + + + `chePostgresDb: 'mydb'` + + + `externalIdentityProvider: true` + + + `identityProviderURL: 'https://my-keycloak.com'` + + + `identityProviderRealm: 'myrealm'` + + + `identityProviderClientId: 'myClient'` + + + ### TLS Mode + + To activate TLS mode, set the respective field in the CR spec to `true` (in the `server` block): + + + ``` + tlsSupport: true + ``` + + #### Self-signed Certificates + + To use Eclipse Che with TLS enabled, but the OpenShift router does not use certificates signed by a public authority, you can use self-signed certificates, which the operator can fetch for you: + + + ``` + selfSignedCert: true + ``` + + + You can also manually create a secret: + + + + ``` + oc create secret self-signed-certificate generic --from-file=/path/to/certificate/ca.crt -n=$codeReadyNamespace + ``` + displayName: Eclipse Che + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAANMAAAD0CAYAAAABrhNXAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QA/wD/AP+gvaeTAAAaNklEQVR42u3de3QU9dkH8O/zm91EQK0U77dqVdTW++1V20KigUSQahLjsSSbtp4eeqqVLHILCcoiyQZEIbF61B6PVQJ6XiOkr6TlYiABr603wHotar1bBUWUYDY787x/JIGoSchmZ+c3M/t8/iS7M8+M5+vs7szz/IiZIYRIntJdgBB+IWESwiYSJiFsImESwiYSJiFsImESwiaBvv5ARLprEwB4ddaJTBQF8w/JsKbQmI0v665JAL3dUqK+7jNJmPTiNWOHWYhNB1AOILPrn+MA369MazaNe+Iz3TWmMwmTB3AEyrwwu4SIbwVwWB+v+hxEt6gg7qLs1rjumtORhMnlePUlF5hk1RFw4QDf8rrFmBLMa12tu/Z0I2FyKV53yVGWyTVgLgGQ8IknoImMQBnlNL+t+1jShYTJZXjlhKFW8KsbQJgNYP8ktxYDcI8yh95E41bt1H1sfidhcpH4mtETCHQHgONs3vTHAEXUMy33UQSW7uP0KwmTC/DqS84xyaol4Bcp3tULiqiMxrY8pfuY/UjCpBG3ZB1sxfgmgK4HYDi1WwI9SnGaTuPXv6v7HPiJhEkDfv7coPX5AdeB+RaADtRURRtAC9UB7Qvo4md26z4nfiBhcljH6qwcRbgDwKm6a+nyATNVGrkt9USQrtAkSJgcwquyT2ZlLWLQON219FofsMEghGls6ybdtXiVhCnFuOnnw62gEQHoOvTz3KM7sAVSy5RS0yln3X91V+M1EqYU4ZasgBWjawGuAnCI7noStAOM+coaUkvjVrXrLsYrJEwp0LHmkksUrFoAp+uuJSnMbzLR1EBua5PuUrxAwmSj7tYIBhfprsVOBDQTU5jyWl7RXYubSZhs0KM1YiaA/XTXkyIdAN+tMmgOZbfu0F2MG0mYksAMMtdkh4h4AYDDddfj0FF3tnrsOOROurrB1F2Nm0iYBolXjT7fVFRHwEW6a9FkkyIK09iWDboLcQsJU4KSbY3wGwKaCNZkyt34ju5adJMwDRA/fdEQa2fmZBAqARygux536Wr1+CY+m6546ivd1Wg7CxKmfUtha4TP8EeAmpuurR4Spn7w46PONi2qJdAo3bV4CROeM1iFKXf907prcfS4JUzfx82XjrDM+M0Ot0b4TWerB8yplLvxfd3FOHLAEqYeJ2NPawTmAviB7np8YheA21QG5lN26ze6i0klCVOXjtVZOUpxHZh+orsWn3qfmWYH8lqW6C4kVdI+TLwq+2Q2+HZmjNddSzogoIUsI0yXrduiuxa7pW2YuOnnw62MwEwwTwEoQ3c96aWr1SMen+qnKbRpF6a901GthQAdqrueNPcFGAvUzkMW09UNMd3FJCutwtSxenS2ItQCdIbuWsS3vMFENwbGtvxddyHJSIsw8ZpRx1hkVIM5pLsW0TcCmsk0ymjculd11zIYvg5TmrRG+E1nq4cK3kxjmr/UXUwifBkmZpD5+OiriHEbQMfqrkcMynYQ5nmp1cN3YepsjUAtgS7WXYuwA7+oGGHK2/CE7kr2WalfwsRrxxxpcWwOgN8BJEuJ+gwBTWThBrqs9T+6a+mL58PEjxRlWAd99gcw5kFaI3yO20D0JxVEFWW3fq27mu9V5+UwdbVG1AE4XnctwlEfMlOF26bQejJMvDbrLJNRS8Bo3bUIfRj8T0NRGY1pfVZ3LYDHwsSrc39o0TdzpDVC7OWeKbSeCFOP1ogIgIO0FCHcrrPVwxxSo2sKrevD1LVqRC2Anzq+c+FFW5m4IjB2Q4PTO3ZtmLj50pFsmrczcLnTJ0V4HzHWESFMua3/cmqfrgsTt2QdZHWgHIwwgEynToTwpTjA96sMqqTs1m2p3plrwiStESJ1uqbQBnEXZbfGU7YXN4SpY1VWllKoBXBmqg5UCACvW4wpwbzW1anYuNYw8d+zjrYCFJXpqMJJBDSRESijnOa37dyuljDxyglDrYyvZkBaI4Q2XVNozaE30bhVO23ZopNhktYI4UIfAxSxYwqtY2HitVnndT0C9DOHT5YQA/GCIiqjsS1PDXYDKQ8Tr/7FERapCKQ1Qrhf5xTaOE2n8evfTfjNqQrT3tYIvgWgA3WfJSEGjtsAWpjoFNqUhKmzNQK1AP1Y92kRIgkfMFPlQFs9bA0TPz7qVLbUIgbydJ8FIezChFbDojDltWzu93V2hElaI4T/dbV6cHAa5a79tNdXJBMmbskKWDG6FszVIBys+3CFcMAOMOYra0jtd1s9Bh2mjrXZlyrmWgCn6T46IRzH/CYTTQ3ktjbt/acEw8RrR53EbFQzuEj38QihGwHNxBSmvJZXEgqT9Xj2bWC+QVaNEKInjoFQpca0zvvuXwJ9vwdT5XlUIXpiC6T+Vyn1597+Gkh0c0KkIwb+YUCV0diWfwBAbx/oJExC9G/AN3MlTEL0qudE2ZYBTZSVMAnxHQQ0Udz4Y6IPwEqYhNiDX1SdU2OfHMy7pU1CCMY2EMLqy0MvGGyQALkyifTWuXKhNfQmyku+nV3CJNISAc2krMk0ZuNrdm1TwiTSzRtMdKORgtXeJUwiXXwBwtzO4ZQtKRlOKWESftc5Ntm0ZtO4Jz5L5Y4kTMK3CLyerMAUumzdFif2J2HyBu58GkwmPg3QW8w01chr/T8ndyr/cVyPX1QKoxTUBcwY9D2QNLELwFyVgdMCeS2OBgmQK5N7MbZBoUrtOPROurrBBABmjDIfH30VgRaC8SPdJboIg2ip6uAZNL71E11F9N0cuDbbNStbp5nOG4n9zMXuMb99BoAhugvWiQnPGSaX0WUbnnF0vwl12kqYHEdAE5kqTOPWvzWQ16f5yiIfMlPFQOfc2U3C5F5vMHhKIHfDqsG8mddmj7Y6B96cpftAHLAbhDvU7o5quuKpr3QVIWFynx43EpNb5W7vaox8K4DDdB9YKhDQRLAmU+7Gd3TXImFyj5TdSOSWrP2tGKYBKIdf1glmvKRIhSl3/UbdpewpScKkH4HXk+Iwjdn4cir345MxbdtBmKd2HLLnF023kDDptZWJKwJjNzQ4udOO1Vk5ilAL4Ke6T0AiZQN8t1LBm2lM85e6i+mNhEmPXQBuS3TJEjvx8+cGre0H/tYLo617DnrUXUt/JEzOcsWNxG8V5OZFF3oZQexmEiaHMPifhoWw0zcSB1zf46NOZVMtZkKu7lrQPRx/5yGL6eqGmO5iBkrClHpabyQmqnOhOqoDcLzze9/3si1u1ltu5EFXe+wGYYHKwCmBvJYlXggSAARyN6xUXx5yCghhAI7dAGVCq2J1jjG2pdSLQeqLXJmSREATWbiBLmv9j+5aksFrxxxpcWwOUru49/vMNNsrV+7+yMc8OzFeUuAyytvwhO5SbD2stVnnmcx1BLrYxq0OahFmN5Mw2cO1NxLtwgwyHx99FTFuA+jYZDZFoEdJGdNoTPN7uo/LThKm5Lj+RqLdeM3YYRZi0wHMBLBfQu8FnjeIwjS25Sndx5GScyNhGhwCmsk0ymjculd116IDrxl1jEVGNZhDA3j5xwBF1DMt91EElu7aU3ZOJEwJe4OJbgykYMaaF3WsHp3d+WgSnfH9v3IMwD39NTX6iYRp4L4AY4HXbiQ6YW+rh7UQoEOBrl80jUAZ5TS/rbs+x86DhGmf4gD/WRmBmyln3XbdxbhZ56NJ7dMtqMeDuevX667H8eOXMPWNgBayjLBTM9aEt/WWG5lO1H0jMa9lie5ChLelc5h6tEa0+OJGotArHcPUeSMR5lTK3fi+7mKEf6RVmJjwnMEqTLnrn9Zdi/CfNHlqnD8C6PfG060XSpBEqvj9ytQ1Yy2udcaaSA++DdOeGWtj9c9YE/4RiUTUlreCpQAe+O7f/BimTQqqzE0z1oQ/FBTXnL9lK2oBvhg+D5PvWyOEHr+8ZsGRgUB8DsC/Qz+/M/ghTGnXGiGcUVS0aEg8s30ywawE6IB9vd7TYdo7Y63V1TPWhPcUhqommPxNHSUwbMabYeqasWZ4ZMaa8I4rJ1afpRTqmGlUou/1Wpg6Z6xZQ2tp3Kp23cUI/ygqivzQysiYw4RBD+j0SJh6zFjL889oKKHfpEn3Bre3bbvOBEUAHJTMtlwfJia0GpYKU27LZt21CH8pLK3J2bZrey2IbFnUwM1hep+ZZgdypTVC2Cu/NDpSMW5niy+3c/FSF4ap54w1aY0Q9rnyN5GDjHiwnC2EOQULwbkpTF0z1gK+m7Em9IpEImrz1mAJxelWTuESpa4Ik99nrAl98kPR0Vu2oo6AM1O9L81h4o8ANdfw+Yw14byC4gVHA2YUjBLAzm9GfdMSprhF2PThwZvf3Tli/NU33vOhjhqEP02YFBkabAvOAMwZAIY4uW/Hw/TCB4fgL8+fgv9+NeRMAM8Vhmoip5/Qfl8kEpErk0gCU35o/lXUxgsB/EhHBY6N+vrgy/3xwPMnY/NHI3r78/NghFcsq5DvTCJhV06sOVcprgPwM6f2ubx+1vc+Oqb8yvR1ewANL5+I1a8fA4v7/Oh6HghPFJZEH1VKTWtYUi6/5ol9KiipPgJAZF+tEU5J2ZXJtAgtbx2FhzediJ3fZCTy1jaAFx4Y6Jj/wAMRuc8kvqeoKJJhZQb/YIFuIeBAHTX0dmVKSZpf/mQEZvztItz77E8SDRIADAVozs54xr/zS6pLAXbklxjhDYWhqglmZsZrDKrVFaS+2Hpl+njnUDy86UQ88+7hthXIQCugwo1Ly+XZvDRW+KvoKWxgMYA83bUAKfzO9E2HgZWvHYfGl49Hh2XvxY6ALMB6saA4uoxVcFpj/XR5ajyN9GiNuA7a74v2L6krEwN44p0jUf/CSOzYnfDHucHYwaD53wwfVrvqT5Oln8nHsrIigRHHZF7LbFUDdLDuer7L1u9M/972A1Su+h/86cnTnAoSABxE4PlDvvh6S35x9HKndiqcdVVx9aUjjs54kZnvdWOQ+pLwZXN72354+KWTsPGdw8H6fhsYSYSVBcXRZgqo8PIHy2UGhA8UldScaIGjFlCku5bBGHCY2k2Fx145Hn995TjE4oPq6rUfIYdN66XC4ujdZjA2568PRHboLkkkLhRaOGwXx6ab4HKkoDXCKfv8zsRMePa9w1D/wkh8tiuhBbcdPhJ8Tsy3qPaT7mxouFrm5nkCU35JNESgBQDs+wnYAb19Z+o3TG9tPxAPPn8yXvt0uO7aE8CvEWHK8vrKNborEX27cmLVBUoZdQBfqLuWwUjop/G7nj4NG946AuzM0+s2olOZsbowFG1SMCc31N8ks8ZdpKi06ijTVDUglPjthnyfYWp960jdtSWFGZebMMYWFkfv6cg0Zj92/0xZBUOj7umopsWzQdhfdz2poP3hwBTLYMLkQMx8vTBUMykSifj9eF2pMFQ1wcz45lUCzwf8GSTA/2HqdiQz37tla8azV5VUXay7mHRRUFJ9Tn5JdCOzegyE43TXk2qufjwjBc63oJ6UVo/Uyi+NjlAmbmbgehrkdFQvSrcwAQAxUGRa1riCkurbpNXDPt3TUdnCXCb8QHc9TkuXj3m9GQbQnJ1mxpudrR4iGYWlNTmftW3fxKBaIP2CBKTnlenbGMcQ6MGCUPQ3RBxevqRyi+6SvKSoZN7JJoxFbPE4X/3OPQgSpm6MbGZ6SVo9Bmb8xJrh+ylrpgmaAsCxJ53dTML0bQqEkOKOy/NLahYE2tsXNzREYrqLcpM901HBCxl0qO563CSdvzP1iYHhBJ5vZma8XFBSPV53PW5RMLE6e8vWjJcI9CAACdJ3yJWpfyMBaioojjYbQFnDsopXdRekwxXXVB1jGKoahJDuWtxMwjQQhBwT2FRYHL1bxdTNDQ3labEQdXdrBEAzAbi4ZcAd5GPewAWZMNnMtN4qLKkuKyp6xMc3I5nyQzVFu7jjVYDmQII0IBKmxI1gUK2ZufW5gonzE15E2O0KimvOLyiZ/yQxPwLgWN31eIl8zBu8s6GsDX5p9fjlNQuODATic9wyHdWLJExJ6mr1uLSwpPqOjoxAtddaPbqnozLMeQAdoLseL5P/A9ljCINmBmLma16aQts1HfX1rkeAJEhJkiuTvY4i0IMFJTV/ZBUta1xS8YzugnqTH1pwKlnmYmbk6q7FTyRMqXE+WXiqoDi61AgGZjQ8MOMT3QUBPaajsnk9KH1aI5wiYUodAiFkxuMFuls9Jk26N7h99+e/NdmqBuCZoY5eI9+ZUm9Y16oeL+eHahwfrlhYWpOzbdf2l7w2HdWL5MrknBOJ+ZGCkuh6Ujwl1a0ehRPnnQTDWMQWX+65AVMeJWFy3iVs0QsFJdX3G0Ga3fCXis/s3PiVv4kcZMSD5QwKg707HdWLJEx6BACaZHWgyK5Wjz2tEXG6lYHDdB9gOpLvTBp1t3rEMzO3FIai4wa7nfxQdPTLWzNe6GqNkCBpIlcmFyDwycz4W0FxtJmVMbmxfuZrA3lfQfGCowEzCkYJQ74Z6SZhchNCDrG5ubA4encbYjetWhbZ2dvLJkyKDA22BWcA5gwAQ3SXLTrJxzz3CTJh8hAK9tLq0dkaEWzL6G6NkCC5SJ+rYBSGahJeIFqkxIsKCMctalOK6wD8THdBIoULRIuUOscCNijFDPkk4WoSJm8gyA8Mrif/pxPCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWwiYRLCJhImIWzSd5iIbgcgS1AK8W2xrmx8T59hWlE/axpZ5mkENOiuXghXYDSToc5ZUT9rWm9/7rM5kGjvE/9XFVdfahHVAjhN9/EIocGbAN+4Ymnl37r/obfcDChMAJCVFQmMOCbzWmarWiaDijSxg0HzexvFllSYuu0Z/k64DtJcKPzJAmMZq+C0xvrpn/b2AlvC1K3wV9FT2MBiAHm6j1wIuzDQCqhw49Lyzf2+zs4wdSsMVU1gVrUAfqz7RAgxaIT3mXl249LKJQN5eW+5Sfo+0/L62SuN9tipBA4zsDPZ7QnhsDaA5x5oxEYONEh9SfrK1FNBSfURACIAySLDwu2YgEeVUtMalpS/l/CbU/ExrzdXTqw5V2a8CRd7HozwimUVTw12A46FqWt3lB+afxUxLwTwIyfPlBB9+JiIIqef0H5fJBKxktmQw2HqtHcuNslcbKFLjBj39De/PVFawtRtz4oNhBLIQEXhECI0waSy5Q/NetvO7WoNU7f8UHQ0MeoAnJmSHQgBAITXmWlK49JZq1Ox+ZT8NJ6oxvqKDWecGDuHwb8G8F+n9y98jvA5gcOfvx87PVVB6nPXTl+ZevrW+quQ9VdFUuIA399hZlaufHjatlTvzBUf83qTXxodqRi3M+Nyx3YqfIOBdSAON9ZX/suxfbo1TN0KS2ty2ORaEH7q+M6FB9G/mVDZWD/L8Z47V3xn6s/yJbOaDx424mwi+j3AKb9UC8/6GuC5u4cPO11HkPriqitTTz1aPa4HYCS9QeEHFhjL4hZPf+zhSq0/Xrn+Y15v8kMLTiXLXAxCru5ahEaEf8KyylYsm/2s7lIAj4apW1erRx2A43XXIhz1IYMrGpdW1APkmnWWXf+dqT9drR6nEDgM4Cvd9YiUayPwAqM9dkpna4R7gtQXz1yZevrlNQuODATic6TVw5+I0GQadMNfH5j1H9219MXTH/N6UxiqOo/ZqAP4Yt21CFu8qIDwo0srntBdyL74Lkxdh9Xd6nEbgGN1VyMGg7cRUKXaT7qzoeFqU3c1A6rYn2HqFAotHLaLY9MBmglgP931iAHpIMbddrZGOMXXYep2xTVVxxiGqgYhpLsW0Q9GMytjcmP9zNd0lzKo8tMhTN0KJlZnQ1EtgDN01yL2YtAbivjG5fUVf9ddS1LH4eWfxhO14qHKljNOjJ3d1erxadIbFEkh4AsGlQfa28/wepD6PEa/Xpl66tHqMQVAhu560owFxjIjA1Mb/lLxme5i7JJWH/N6k18aHUkWLQJ4vO5a0gKhhYjDy5dUbtFdit3SPkzdCktrciyL6wj4ie5afOo9Bt+U7FBHN0ur70z9Wb5kVvMhQ0ec1fVo0pe66/GRXQDPPTAQO9nPQepLWl6ZesovjY5QJm6WVo+kMBhLjWBgRsMDMz7RXYwjBywf8/pWWFpzNltWLUCjdNfiMc+xQlnjkopndBfiJAnTAEirx4B9xOBZbmuNcIqEaYCKihYNiWe2TyZwJYADdNfjMrsJfEdHRqD6sftnpm0rjIQpQUWlVUeZpqqRKbSdiNCkYE5uqL/pHd216CZhGqSC4przAa4D4SLdtWjyEiwVXvFQ+UbdhbiFhCkpTPkl0RCBFgA4XHc1DtlO4Hleao1wioTJBmnS6tFBjLtVTN3c0FAu9+F6IWGy0ZW/nneCYRo1DBTprsVWjGYKqPDyB8tf0V2Km0mYUiA/VHMJMS+G91s93mTG1MZlFU26C/ECeZwoBRrrZ63v0erhxaeidzCofPfw/c+QICVHrkw2Gj+xZvh+yprpkVYPC4xlrILTGuunS79XguRjnkOKSuadbMJYBGCc7lp6w0AroMKNS8s3667FqyRMDissrclhy7oDoFN119LlAwZXpusjQHaS70wOW75kVvPBQw8+0wWtHm1drREneWU6qhfJlckhmlo9mIBH2bKmr3ho9ru6z4GfyMc8FygoqT6HQbUE/CKV+yHCC2yhbMWyiqd0H7MfSZhcpDBUNYEtdQcIx9m86Y+JKHL6Ce33RSIRS/dx+pWEyWUmTIoMDbRl3kDg2QD2T3JzMWLc48XpqF4kYXKpZFs9iNAEk8qWPzTrbd3Hki4kTC535cSqC5Qy6gC+cEBvILzOTFMal85arbv2dCNh8oQBtHoQPifmW7Z/0HFXa2skrrvidCRh8pAerR7lADK7/jkO8P0dZmblyoenyWr0GkmYPKhw4ryTYBiL2EKQlTHFq6tG+E1CYRJCJEYeJxLCJhImIWwiYRLCJhImIWwiYRLCJv8P9sXhC7xE4kIAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTktMDQtMTNUMDg6MTY6MDgrMDI6MDCcYZVaAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE5LTA0LTEzVDA4OjE2OjA4KzAyOjAw7Twt5gAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - oauth.openshift.io + resources: + - oauthclients + verbs: + - create + - get + - delete + - list + - patch + - update + - watch + - apiGroups: + - config.openshift.io + resources: + - infrastructures + verbs: + - get + - apiGroups: + - user.openshift.io + resources: + - users + verbs: + - list + serviceAccountName: che-operator + deployments: + - name: che-operator + spec: + replicas: 1 + selector: + matchLabels: + app: che-operator + strategy: {} + template: + metadata: + labels: + app: che-operator + spec: + containers: + - command: + - /usr/local/bin/che-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: che-operator + image: quay.io/eclipse/che-operator:nightly + imagePullPolicy: Always + name: che-operator + ports: + - containerPort: 60000 + name: metrics + resources: {} + restartPolicy: Always + serviceAccountName: che-operator + terminationGracePeriodSeconds: 5 + permissions: + - rules: + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - '*' + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - services + - serviceaccounts + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - pods/exec + - pods/log + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - org.eclipse.che + resources: + - '*' + verbs: + - '*' + serviceAccountName: che-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - workspaces + - devtools + - developer + - ide + - java + links: + - name: Product Page + url: http://www.eclipse.org/che + - name: Documentation + url: https://www.eclipse.org/che/docs + - name: Operator GitHub Repo + url: https://github.com/eclipse/che-operator + maintainers: + - email: dfestal@redhat.com + name: David Festal + maturity: stable + provider: + name: Eclipse Foundation + replaces: eclipse-che-preview-openshift.v9.9.9-nightly.1564753341 + version: 9.9.9-nightly.1567437269 diff --git a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml.diff b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml.diff new file mode 100644 index 000000000..bdfecbb71 --- /dev/null +++ b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml.diff @@ -0,0 +1,60 @@ +--- /home/dfestal/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1564753341/eclipse-che-preview-openshift.v9.9.9-nightly.1564753341.clusterserviceversion.yaml 2019-08-28 12:17:35.000000000 +0200 ++++ /home/dfestal/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/9.9.9-nightly.1567437269/eclipse-che-preview-openshift.v9.9.9-nightly.1567437269.clusterserviceversion.yaml 2019-09-02 17:14:29.000000000 +0200 +@@ -46,12 +46,12 @@ + categories: Developer Tools, OpenShift Optional + certified: "false" + containerImage: quay.io/eclipse/che-operator:nightly +- createdAt: "2019-08-02T13:42:22Z" ++ createdAt: "2019-09-02T15:14:29Z" + description: A Kube-native development solution that delivers portable and collaborative + developer workspaces in OpenShift. + repository: https://github.com/eclipse/che-operator + support: Eclipse Foundation +- name: eclipse-che-preview-openshift.v9.9.9-nightly.1564753341 ++ name: eclipse-che-preview-openshift.v9.9.9-nightly.1567437269 + namespace: placeholder + spec: + apiservicedefinitions: {} +@@ -93,6 +93,21 @@ + path: cheClusterRunning + x-descriptors: + - urn:alm:descriptor:io.kubernetes.phase ++ - description: Reason of the current status ++ displayName: Reason ++ path: reason ++ x-descriptors: ++ - 'urn:alm:descriptor:text' ++ - description: Message explaining the current status ++ displayName: Message ++ path: message ++ x-descriptors: ++ - 'urn:alm:descriptor:text' ++ - description: Link providing help related to the current status ++ displayName: Help link ++ path: helpLink ++ x-descriptors: ++ - 'urn:alm:descriptor:org.w3:link' + version: v1 + description: | + A collaborative Kubernetes-native development solution that delivers OpenShift workspaces and in-browser IDE for rapid cloud application development. +@@ -227,6 +242,12 @@ + - infrastructures + verbs: + - get ++ - apiGroups: ++ - user.openshift.io ++ resources: ++ - users ++ verbs: ++ - list + serviceAccountName: che-operator + deployments: + - name: che-operator +@@ -363,5 +384,5 @@ + maturity: stable + provider: + name: Eclipse Foundation +- replaces: eclipse-che-preview-openshift.v9.9.9-nightly.1563883406 +- version: 9.9.9-nightly.1564753341 ++ replaces: eclipse-che-preview-openshift.v9.9.9-nightly.1564753341 ++ version: 9.9.9-nightly.1567437269 diff --git a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/eclipse-che-preview-openshift.package.yaml b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/eclipse-che-preview-openshift.package.yaml index cbeac5805..7b913164f 100644 --- a/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/eclipse-che-preview-openshift.package.yaml +++ b/olm/eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift/eclipse-che-preview-openshift.package.yaml @@ -1,7 +1,7 @@ -packageName: eclipse-che-preview-openshift channels: -- name: stable - currentCSV: eclipse-che-preview-openshift.v7.0.0 -- name: nightly - currentCSV: eclipse-che-preview-openshift.v9.9.9-nightly.1564753341 +- currentCSV: eclipse-che-preview-openshift.v9.9.9-nightly.1567437269 + name: nightly +- currentCSV: eclipse-che-preview-openshift.v7.0.0 + name: stable defaultChannel: stable +packageName: eclipse-che-preview-openshift diff --git a/olm/release-olm-files.sh b/olm/release-olm-files.sh index 3dad74e39..81f2592af 100755 --- a/olm/release-olm-files.sh +++ b/olm/release-olm-files.sh @@ -73,5 +73,9 @@ do echo " - Updating the 'stable' channel with new release in the package descriptor: ${packageFilePath}" sed -e "s/${lastPackagePreReleaseVersion}/${RELEASE}/" "${packageFilePath}" > "${packageFilePath}.new" mv "${packageFilePath}.new" "${packageFilePath}" + + diff -u "${packageFolderPath}/${lastPackageNightlyVersion}/${packageName}.v${lastPackageNightlyVersion}.clusterserviceversion.yaml" \ + "${packageFolderPath}/${RELEASE}/${packageName}.v${RELEASE}.clusterserviceversion.yaml" \ + > "${packageFolderPath}/${RELEASE}/${packageName}.v${RELEASE}.clusterserviceversion.yaml.diff" || true done cd "${CURRENT_DIR}" diff --git a/olm/update-nightly-olm-files.sh b/olm/update-nightly-olm-files.sh index 43aa65040..854c9cf99 100755 --- a/olm/update-nightly-olm-files.sh +++ b/olm/update-nightly-olm-files.sh @@ -30,31 +30,29 @@ do newNightlyPackageVersion="9.9.9-nightly.$(date +%s)" echo " => will create a new version: ${newNightlyPackageVersion}" ./build-roles.sh - for role in "$(pwd)"/generated/roles/*.yaml - do - echo " - Updating new package version with roles defined in: ${role}" - cp "$role" generated/current-role.yaml - operator-sdk olm-catalog gen-csv --csv-version "${newNightlyPackageVersion}" --from-version="${lastPackageVersion}" 2>&1 | sed -e 's/^/ /' - - containerImage=$(sed -n 's|^ *image: *\([^ ]*/che-operator:[^ ]*\) *|\1|p' "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml") - createdAt=$(date -u +%FT%TZ) - echo " - Updating new package version fields:" - echo " - containerImage => ${containerImage}" - echo " - createdAt => ${createdAt}" - sed \ - -e "s|containerImage:.*$|containerImage: ${containerImage}|" \ - -e "s/createdAt:.*$/createdAt: \"${createdAt}\"/" \ - "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml" \ - > "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml.new" - - mv "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml.new" \ - "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml" - - done + echo " - Updating new package version with roles defined in: ${role}" + operator-sdk olm-catalog gen-csv --csv-version "${newNightlyPackageVersion}" --from-version="${lastPackageVersion}" 2>&1 | sed -e 's/^/ /' + containerImage=$(sed -n 's|^ *image: *\([^ ]*/che-operator:[^ ]*\) *|\1|p' "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml") + createdAt=$(date -u +%FT%TZ) + echo " - Updating new package version fields:" + echo " - containerImage => ${containerImage}" + echo " - createdAt => ${createdAt}" + sed \ + -e "s|containerImage:.*$|containerImage: ${containerImage}|" \ + -e "s/createdAt:.*$/createdAt: \"${createdAt}\"/" \ + "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml" \ + > "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml.new" + + mv "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml.new" \ + "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml" echo " - Copying the CRD file" cp "${packageFolderPath}/${lastPackageVersion}/eclipse-che-preview-${platform}.crd.yaml" "${packageFolderPath}/${newNightlyPackageVersion}/eclipse-che-preview-${platform}.crd.yaml" echo " - Updating the 'nightly' channel with new version in the package descriptor: ${packageFilePath}" sed -e "s/${lastPackageVersion}/${newNightlyPackageVersion}/" "${packageFilePath}" > "${packageFilePath}.new" mv "${packageFilePath}.new" "${packageFilePath}" + + diff -u "${packageFolderPath}/${lastPackageVersion}/${packageName}.v${lastPackageVersion}.clusterserviceversion.yaml" \ + "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml" \ + > "${packageFolderPath}/${newNightlyPackageVersion}/${packageName}.v${newNightlyPackageVersion}.clusterserviceversion.yaml.diff" || true done cd "${CURRENT_DIR}" \ No newline at end of file diff --git a/pkg/apis/org/v1/che_types.go b/pkg/apis/org/v1/che_types.go index 727ca70d3..6f5362222 100644 --- a/pkg/apis/org/v1/che_types.go +++ b/pkg/apis/org/v1/che_types.go @@ -205,6 +205,16 @@ type CheClusterStatus struct { DevfileRegistryURL string `json:"devfileRegistryURL"` // PluginRegistryURL is the Plugin registry protocol+route/ingress PluginRegistryURL string `json:"pluginRegistryURL"` + // A human readable message indicating details about why the pod is in this condition. + // +optional + Message string `json:"message,omitempty"` + // A brief CamelCase message indicating details about why the pod is in this state. + // e.g. 'Evicted' + // +optional + Reason string `json:"reason,omitempty"` + // A URL that can point to some URL where to find help related to the current Operator status. + // +optional + HelpLink string `json:"helpLink,omitempty"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/controller/che/che_controller.go b/pkg/controller/che/che_controller.go index 396f972be..254c040bc 100644 --- a/pkg/controller/che/che_controller.go +++ b/pkg/controller/che/che_controller.go @@ -12,19 +12,22 @@ package che import ( - "k8s.io/apimachinery/pkg/api/resource" "context" + "time" + orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/deploy" "github.com/eclipse/che-operator/pkg/util" oauth "github.com/openshift/api/oauth/v1" routev1 "github.com/openshift/api/route/v1" + userv1 "github.com/openshift/api/user/v1" "github.com/sirupsen/logrus" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/api/extensions/v1beta1" rbac "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" @@ -36,7 +39,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" "sigs.k8s.io/controller-runtime/pkg/source" - "time" ) var log = logf.Log.WithName("controller_che") @@ -47,12 +49,24 @@ var ( // Add creates a new CheCluster Controller and adds it to the Manager. The Manager will set fields on the Controller // and Start it when the Manager is Started. func Add(mgr manager.Manager) error { - return add(mgr, newReconciler(mgr)) + reconciler, err := newReconciler(mgr) + if err != nil { + return err + } + return add(mgr, reconciler) } // newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileChe{client: mgr.GetClient(), scheme: mgr.GetScheme()} +func newReconciler(mgr manager.Manager) (reconcile.Reconciler, error) { + noncachedClient, err := client.New(mgr.GetConfig(), client.Options{}) + if err != nil { + return nil, err + } + return &ReconcileChe{ + client: mgr.GetClient(), + nonCachedClient: noncachedClient, + scheme: mgr.GetScheme(), + }, nil } // add adds a new Controller to mgr with r as the reconcile.Reconciler @@ -73,7 +87,10 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error { logrus.Errorf("Failed to add OpenShift route to scheme: %s", err) } if err := oauth.AddToScheme(mgr.GetScheme()); err != nil { - logrus.Errorf("Failed to add oAuth to scheme: %s", err) + logrus.Errorf("Failed to add OpenShift OAuth to scheme: %s", err) + } + if err := userv1.AddToScheme(mgr.GetScheme()); err != nil { + logrus.Errorf("Failed to add OpenShift User to scheme: %s", err) } } @@ -180,10 +197,23 @@ type ReconcileChe struct { // This client, initialized using mgr.Client() above, is a split client // that reads objects from the cache and writes to the apiserver client client.Client + // This client, is a simple client + // that reads objects without using the cache, + // to simply read objects thta we don't intend + // to further watch + nonCachedClient client.Client scheme *runtime.Scheme tests bool } +const ( + failedNoOpenshiftUserReason = "InstallOrUpdateFailed" + failedNoOpenshiftUserMessage = "No real user exists in the OpenShift cluster." + + " Either disable OpenShift OAuth integration or add at least one user (details in the Help link)" + howToCreateAUserLinkOS4 = "https://docs.openshift.com/container-platform/4.1/authentication/understanding-identity-provider.html#identity-provider-overview_understanding-identity-provider" + howToCreateAUserLinkOS3 = "https://docs.openshift.com/container-platform/3.11/install_config/configuring_authentication.html" +) + // Reconcile reads that state of the cluster for a CheCluster object and makes changes based on the state read // and what is in the CheCluster.Spec. The Controller will requeue the Request to be processed again if the returned error is non-nil or // Result.Requeue is true, otherwise upon completion it will remove the work from the queue. @@ -222,12 +252,46 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // To use Openshift v4 OAuth, the OAuth endpoints are served from a namespace // and NOT from the Openshift API Master URL (as in v3) // So we also need the self-signed certificate to access them (same as the Che server) - (isOpenShift4 && instance.Spec.Auth.OpenShiftOauth && ! instance.Spec.Server.TlsSupport) { + (isOpenShift4 && instance.Spec.Auth.OpenShiftOauth && !instance.Spec.Server.TlsSupport) { if err := r.CreateTLSSecret(instance, "", "self-signed-certificate"); err != nil { return reconcile.Result{}, err } } + + if !tests { + deployment := &appsv1.Deployment{} + name := "che" + cheFlavor := instance.Spec.Server.CheFlavor + if cheFlavor == "codeready" { + name = cheFlavor + } + err = r.client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: instance.Namespace}, deployment) + if err != nil && instance.Status.CheClusterRunning != UnavailableStatus { + if err := r.SetCheUnavailableStatus(instance, request); err != nil { + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err + } + } + } + if instance.Spec.Auth.OpenShiftOauth { + users := &userv1.UserList{} + listOptions := &client.ListOptions{} + if err := r.nonCachedClient.List(context.TODO(), listOptions, users); err != nil { + return reconcile.Result{}, err + } + if len(users.Items) < 1 { + helpLink := "" + if isOpenShift4 { + helpLink = howToCreateAUserLinkOS4 + } else { + helpLink = howToCreateAUserLinkOS3 + } + if err := r.SetStatusDetails(instance, request, failedNoOpenshiftUserReason, failedNoOpenshiftUserMessage, helpLink); err != nil { + return reconcile.Result{}, err + } + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 10}, nil + } + // create a secret with OpenShift API crt to be added to keystore that RH SSO will consume baseURL, err := util.GetClusterPublicHostname(isOpenShift4) if err != nil { @@ -239,21 +303,11 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } } - - if !tests { - deployment := &appsv1.Deployment{} - name := "che" - cheFlavor := instance.Spec.Server.CheFlavor - if cheFlavor == "codeready" { - name = cheFlavor - } - err = r.client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: instance.Namespace}, deployment) - if err != nil && instance.Status.CheClusterRunning != UnavailableStatus { - if err := r.SetCheUnavailableStatus(instance, request); err != nil { - return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err - } - } + + if err := r.SetStatusDetails(instance, request, "", "", ""); err != nil { + return reconcile.Result{}, err } + // create service accounts: // che is the one which token is used to create workspace objects // che-workspace is SA used by plugins like exec and terminal with limited privileges @@ -346,7 +400,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 5}, err } } - + desiredImage := util.GetValue(instance.Spec.Database.PostgresImage, deploy.DefaultPostgresImage(cheFlavor)) effectiveImage := pgDeployment.Spec.Template.Spec.Containers[0].Image desiredImagePullPolicy := util.GetValue(string(instance.Spec.Database.PostgresImagePullPolicy), deploy.DefaultPullPolicyFromDockerImage(desiredImage)) @@ -402,7 +456,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e protocol = "https" } - addRegistryRoute := func (registryType string) (string, error) { + addRegistryRoute := func(registryType string) (string, error) { registryName := registryType + "-registry" host := "" if !isOpenShift { @@ -431,7 +485,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e return protocol + "://" + host, nil } - addRegistryDeployment := func ( + addRegistryDeployment := func( registryType string, registryImage string, registryImagePullPolicy corev1.PullPolicy, @@ -444,7 +498,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // Create a new registry service registryLabels := deploy.GetLabels(instance, registryName) registryService := deploy.NewService(instance, registryName, []string{"http"}, []int32{8080}, registryLabels) - if err := r.CreateService(instance,registryService); err != nil { + if err := r.CreateService(instance, registryService); err != nil { return &reconcile.Result{}, err } // Create a new registry deployment @@ -478,7 +532,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e logrus.Infof("Deployment %s is in the rolling update state", registryName) k8sclient.GetDeploymentRollingUpdateStatus(registryName, instance.Namespace) } - + desiredMemRequest, err := resource.ParseQuantity(registryMemoryRequest) if err != nil { logrus.Errorf("Wrong quantity for %s deployment Memory Request: %s", registryName, err) @@ -715,7 +769,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e logrus.Infof("Deployment %s is in the rolling update state", "keycloak") k8sclient.GetDeploymentRollingUpdateStatus("keycloak", instance.Namespace) } - + desiredImage := util.GetValue(instance.Spec.Auth.KeycloakImage, deploy.DefaultKeycloakImage(cheFlavor)) effectiveImage := effectiveKeycloakDeployment.Spec.Template.Spec.Containers[0].Image desiredImagePullPolicy := util.GetValue(string(instance.Spec.Auth.KeycloakImagePullPolicy), deploy.DefaultPullPolicyFromDockerImage(desiredImage)) @@ -726,7 +780,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e storedOpenshiftApiCertSecretVersion := effectiveKeycloakDeployment.Annotations["che.openshift-api-crt.version"] if effectiveImage != desiredImage || effectiveImagePullPolicy != desiredImagePullPolicy || - cheCertSecretVersion != storedCheCertSecretVersion || + cheCertSecretVersion != storedCheCertSecretVersion || openshiftApiCertSecretVersion != storedOpenshiftApiCertSecretVersion { newKeycloakDeployment := deploy.NewKeycloakDeployment(instance, keycloakPostgresPassword, keycloakAdminPassword, cheFlavor, cheCertSecretVersion, openshiftApiCertSecretVersion) logrus.Infof(`Updating Keycloak deployment with: @@ -810,31 +864,8 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e return reconcile.Result{}, err } if !tests { - if effectiveCheDeployment.Status.AvailableReplicas != 1 { - instance, _ := r.GetCR(request) - if err := r.SetCheUnavailableStatus(instance, request); err != nil { - return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err - } - scaled := k8sclient.GetDeploymentStatus(cheDeploymentToCreate.Name, instance.Namespace) - if !scaled { - return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 5}, err - } - err = r.client.Get(context.TODO(), types.NamespacedName{Name: cheDeploymentToCreate.Name, Namespace: instance.Namespace}, effectiveCheDeployment) - if effectiveCheDeployment.Status.AvailableReplicas == 1 { - if err := r.SetCheAvailableStatus(instance, request, protocol, cheHost); err != nil { - instance, _ = r.GetCR(request) - return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err - } - if instance.Status.CheVersion != cheImageTag { - instance.Status.CheVersion = cheImageTag - if err := r.UpdateCheCRStatus(instance, "version", cheImageTag); err != nil { - instance, _ = r.GetCR(request) - return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err - } - } - } - } if effectiveCheDeployment.Status.Replicas > 1 { + // Specific case: a Rolling update is happening logrus.Infof("Deployment %s is in the rolling update state", cheDeploymentToCreate.Name) if err := r.SetCheRollingUpdateStatus(instance, request); err != nil { instance, _ = r.GetCR(request) @@ -848,6 +879,33 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err } } + } else { + if effectiveCheDeployment.Status.AvailableReplicas < 1 { + // Deployment was just created + instance, _ := r.GetCR(request) + if err := r.SetCheUnavailableStatus(instance, request); err != nil { + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err + } + scaled := k8sclient.GetDeploymentStatus(cheDeploymentToCreate.Name, instance.Namespace) + if !scaled { + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 5}, err + } + effectiveCheDeployment, err = r.GetEffectiveDeployment(instance, cheDeploymentToCreate.Name) + } + if effectiveCheDeployment.Status.AvailableReplicas == 1 && + instance.Status.CheClusterRunning != AvailableStatus { + if err := r.SetCheAvailableStatus(instance, request, protocol, cheHost); err != nil { + instance, _ = r.GetCR(request) + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err + } + if instance.Status.CheVersion != cheImageTag { + instance.Status.CheVersion = cheImageTag + if err := r.UpdateCheCRStatus(instance, "version", cheImageTag); err != nil { + instance, _ = r.GetCR(request) + return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err + } + } + } } } if effectiveCheDeployment.Spec.Template.Spec.Containers[0].Image != cheDeploymentToCreate.Spec.Template.Spec.Containers[0].Image { @@ -949,7 +1007,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e logrus.Errorf("Wrong quantity for Che deployment Memory Limit: %s", err) return reconcile.Result{}, err } - desiredImagePullPolicy := util.GetValue(string(instance.Spec.Server.CheImagePullPolicy), deploy.DefaultPullPolicyFromDockerImage(cheImageRepo + ":" + cheImageTag)) + desiredImagePullPolicy := util.GetValue(string(instance.Spec.Server.CheImagePullPolicy), deploy.DefaultPullPolicyFromDockerImage(cheImageRepo+":"+cheImageTag)) effectiveImagePullPolicy := string(effectiveCheDeployment.Spec.Template.Spec.Containers[0].ImagePullPolicy) desiredSelfSignedCert := instance.Spec.Server.SelfSignedCert effectiveSelfSignedCert := r.GetDeploymentEnvVarSource(effectiveCheDeployment, "CHE_SELF__SIGNED__CERT") != nil diff --git a/pkg/controller/che/che_controller_test.go b/pkg/controller/che/che_controller_test.go index 5f313d482..fd4c03961 100644 --- a/pkg/controller/che/che_controller_test.go +++ b/pkg/controller/che/che_controller_test.go @@ -18,6 +18,7 @@ import ( orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" oauth "github.com/openshift/api/oauth/v1" routev1 "github.com/openshift/api/route/v1" + userv1 "github.com/openshift/api/user/v1" "github.com/sirupsen/logrus" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -70,26 +71,45 @@ func TestCheController(t *testing.T) { }, }, } + + userList := &userv1.UserList{ + Items: []userv1.User{ + userv1.User{ + ObjectMeta: metav1.ObjectMeta{ + Name: "user1", + }, + }, + userv1.User{ + ObjectMeta: metav1.ObjectMeta{ + Name: "user2", + }, + }, + }, + } + // Objects to track in the fake client. objs := []runtime.Object{ - cheCR, pgPod, + cheCR, pgPod, userList, } route := &routev1.Route{} oAuthClient := &oauth.OAuthClient{} + users := &userv1.UserList{} + user := &userv1.User{} // Register operator types with the runtime scheme s := scheme.Scheme s.AddKnownTypes(orgv1.SchemeGroupVersion, cheCR) s.AddKnownTypes(routev1.SchemeGroupVersion, route) s.AddKnownTypes(oauth.SchemeGroupVersion, oAuthClient) + s.AddKnownTypes(userv1.SchemeGroupVersion, users, user) // Create a fake client to mock API calls cl := fake.NewFakeClient(objs...) tests := true // Create a ReconcileChe object with the scheme and fake client - r := &ReconcileChe{client: cl, scheme: s, tests: tests} + r := &ReconcileChe{client: cl, nonCachedClient: cl, scheme: s, tests: tests} // Mock request to simulate Reconcile() being called on an event for a // watched resource . diff --git a/pkg/controller/che/status.go b/pkg/controller/che/status.go index caa65eaa8..3dd433f15 100644 --- a/pkg/controller/che/status.go +++ b/pkg/controller/che/status.go @@ -53,18 +53,46 @@ func (r *ReconcileChe) SetCheAvailableStatus(instance *orgv1.CheCluster, request } func (r *ReconcileChe) SetCheUnavailableStatus(instance *orgv1.CheCluster, request reconcile.Request) (err error) { - instance.Status.CheClusterRunning = UnavailableStatus - if err:= r.UpdateCheCRStatus(instance, "status: Che API", UnavailableStatus); err != nil { - instance, _ = r.GetCR(request) - return err + if instance.Status.CheClusterRunning != UnavailableStatus { + instance.Status.CheClusterRunning = UnavailableStatus + if err := r.UpdateCheCRStatus(instance, "status: Che API", UnavailableStatus); err != nil { + instance, _ = r.GetCR(request) + return err + } } return nil } -func (r *ReconcileChe) SetCheRollingUpdateStatus(instance *orgv1.CheCluster, request reconcile.Request) (err error){ +func (r *ReconcileChe) SetStatusDetails(instance *orgv1.CheCluster, request reconcile.Request, reason string, message string, helpLink string) (err error) { + if reason != instance.Status.Reason { + instance.Status.Reason = reason + if err := r.UpdateCheCRStatus(instance, "status: Reason", reason); err != nil { + instance, _ = r.GetCR(request) + return err + } + } + if message != instance.Status.Message { + instance.Status.Message = message + if err := r.UpdateCheCRStatus(instance, "status: Message", message); err != nil { + instance, _ = r.GetCR(request) + return err + } + } + if helpLink != instance.Status.HelpLink { + instance.Status.HelpLink = helpLink + if err := r.UpdateCheCRStatus(instance, "status: HelpLink", message); err != nil { + instance, _ = r.GetCR(request) + return err + } + } + return nil +} + + +func (r *ReconcileChe) SetCheRollingUpdateStatus(instance *orgv1.CheCluster, request reconcile.Request) (err error) { instance.Status.CheClusterRunning = RollingUpdateInProgressStatus - if err:= r.UpdateCheCRStatus(instance, "status", RollingUpdateInProgressStatus); err != nil { + if err := r.UpdateCheCRStatus(instance, "status", RollingUpdateInProgressStatus); err != nil { instance, _ = r.GetCR(request) return err }