Create a general deployContext to pass to all functions
Signed-off-by: Flavius Lacatusu <flacatus@redhat.com>pull/420/head
Flavius Lacatusu
parent
027b1b7461
commit
ed6594528c
|
|
@ -236,7 +236,6 @@ const (
|
|||
// and what is in the CheCluster.Spec. The Controller will requeue the Request to be processed again if the returned error is non-nil or
|
||||
// Result.Requeue is true, otherwise upon completion it will remove the work from the queue.
|
||||
func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, error) {
|
||||
deployContext := deploy.Context{}
|
||||
clusterAPI := deploy.ClusterAPI{
|
||||
Client: r.client,
|
||||
Scheme: r.scheme,
|
||||
|
|
@ -255,6 +254,11 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
return reconcile.Result{}, err
|
||||
}
|
||||
|
||||
deployContext := &deploy.DeployContext{
|
||||
ClusterAPI: clusterAPI,
|
||||
CheCluster: instance,
|
||||
}
|
||||
|
||||
isOpenShift, isOpenShift4, err := util.DetectOpenShift()
|
||||
if err != nil {
|
||||
logrus.Errorf("An error occurred when detecting current infra: %s", err)
|
||||
|
|
@ -270,7 +274,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
if !util.IsTestMode() {
|
||||
if isOpenShift && deployContext.DefaultCheHost == "" {
|
||||
host, err := getDefaultCheHost(instance, clusterAPI)
|
||||
host, err := getDefaultCheHost(deployContext)
|
||||
if host == "" {
|
||||
return reconcile.Result{RequeueAfter: 1 * time.Second}, err
|
||||
} else {
|
||||
|
|
@ -331,9 +335,11 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
logrus.Errorf("Error on reading proxy configuration: %v", err)
|
||||
return reconcile.Result{}, err
|
||||
}
|
||||
// Assign Proxy to the deploy context
|
||||
deployContext.Proxy = proxy
|
||||
|
||||
if proxy.TrustedCAMapName != "" {
|
||||
provisioned, err := r.putOpenShiftCertsIntoConfigMap(instance, proxy, clusterAPI)
|
||||
provisioned, err := r.putOpenShiftCertsIntoConfigMap(deployContext)
|
||||
if !provisioned {
|
||||
configMapName := instance.Spec.Server.ServerTrustStoreConfigMapName
|
||||
if err != nil {
|
||||
|
|
@ -350,14 +356,14 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
if !isOpenShift && instance.Spec.Server.TlsSupport {
|
||||
// Ensure TLS configuration is correct
|
||||
if err := deploy.CheckAndUpdateK8sTLSConfiguration(instance, clusterAPI); err != nil {
|
||||
if err := deploy.CheckAndUpdateK8sTLSConfiguration(deployContext); err != nil {
|
||||
instance, _ = r.GetCR(request)
|
||||
return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err
|
||||
}
|
||||
}
|
||||
|
||||
// Detect whether self-signed certificate is used
|
||||
selfSignedCertUsed, err := deploy.IsSelfSignedCertificateUsed(instance, proxy, clusterAPI)
|
||||
selfSignedCertUsed, err := deploy.IsSelfSignedCertificateUsed(deployContext)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to detect if self-signed certificate used. Cause: %v", err)
|
||||
return reconcile.Result{}, err
|
||||
|
|
@ -370,7 +376,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
// and NOT from the Openshift API Master URL (as in v3)
|
||||
// So we also need the self-signed certificate to access them (same as the Che server)
|
||||
(isOpenShift4 && instance.Spec.Auth.OpenShiftoAuth && !instance.Spec.Server.TlsSupport) {
|
||||
if err := deploy.CreateTLSSecretFromRoute(instance, "", deploy.CheTLSSelfSignedCertificateSecretName, proxy, clusterAPI); err != nil {
|
||||
if err := deploy.CreateTLSSecretFromRoute(deployContext, "", deploy.CheTLSSelfSignedCertificateSecretName); err != nil {
|
||||
return reconcile.Result{}, err
|
||||
}
|
||||
}
|
||||
|
|
@ -391,7 +397,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
if err != nil {
|
||||
logrus.Errorf("Failed to get OpenShift cluster public hostname. A secret with API crt will not be created and consumed by RH-SSO/Keycloak")
|
||||
} else {
|
||||
if err := deploy.CreateTLSSecretFromRoute(instance, baseURL, "openshift-api-crt", proxy, clusterAPI); err != nil {
|
||||
if err := deploy.CreateTLSSecretFromRoute(deployContext, baseURL, "openshift-api-crt"); err != nil {
|
||||
return reconcile.Result{}, err
|
||||
}
|
||||
}
|
||||
|
|
@ -399,7 +405,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
} else {
|
||||
// Handle Che TLS certificates on Kubernetes infrastructure
|
||||
if instance.Spec.Server.TlsSupport {
|
||||
result, err := deploy.K8sHandleCheTLSSecrets(instance, clusterAPI)
|
||||
result, err := deploy.K8sHandleCheTLSSecrets(deployContext)
|
||||
if result.Requeue || result.RequeueAfter > 0 {
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
|
|
@ -477,7 +483,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
// create service accounts:
|
||||
// che is the one which token is used to create workspace objects
|
||||
// che-workspace is SA used by plugins like exec and terminal with limited privileges
|
||||
cheSA, err := deploy.SyncServiceAccountToCluster(instance, "che", clusterAPI)
|
||||
cheSA, err := deploy.SyncServiceAccountToCluster(deployContext, "che")
|
||||
if cheSA == nil {
|
||||
logrus.Info("Waiting on service account 'che' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -488,7 +494,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
cheWorkspaceSA, err := deploy.SyncServiceAccountToCluster(instance, "che-workspace", clusterAPI)
|
||||
cheWorkspaceSA, err := deploy.SyncServiceAccountToCluster(deployContext, "che-workspace")
|
||||
if cheWorkspaceSA == nil {
|
||||
logrus.Info("Waiting on service account 'che-workspace' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -500,7 +506,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
|
||||
// create exec and view roles for CheCluster server and workspaces
|
||||
role, err := deploy.SyncRoleToCluster(instance, "exec", []string{"pods/exec"}, []string{"*"}, clusterAPI)
|
||||
role, err := deploy.SyncRoleToCluster(deployContext, "exec", []string{"pods/exec"}, []string{"*"})
|
||||
if role == nil {
|
||||
logrus.Info("Waiting on role 'exec' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -511,7 +517,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
viewRole, err := deploy.SyncRoleToCluster(instance, "view", []string{"pods"}, []string{"list"}, clusterAPI)
|
||||
viewRole, err := deploy.SyncRoleToCluster(deployContext, "view", []string{"pods"}, []string{"list"})
|
||||
if viewRole == nil {
|
||||
logrus.Info("Waiting on role 'view' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -522,7 +528,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
cheRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che", "che", "edit", "ClusterRole", clusterAPI)
|
||||
cheRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che", "che", "edit", "ClusterRole")
|
||||
if cheRoleBinding == nil {
|
||||
logrus.Info("Waiting on role binding 'che' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -533,7 +539,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
cheWSExecRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-exec", "che-workspace", "exec", "Role", clusterAPI)
|
||||
cheWSExecRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-exec", "che-workspace", "exec", "Role")
|
||||
if cheWSExecRoleBinding == nil {
|
||||
logrus.Info("Waiting on role binding 'che-workspace-exec' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -544,7 +550,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
cheWSViewRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-view", "che-workspace", "view", "Role", clusterAPI)
|
||||
cheWSViewRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-view", "che-workspace", "view", "Role")
|
||||
if cheWSViewRoleBinding == nil {
|
||||
logrus.Info("Waiting on role binding 'che-workspace-view' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -559,7 +565,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
// Use a role binding instead of a cluster role binding to keep the additional access scoped to the workspace's namespace
|
||||
workspaceClusterRole := instance.Spec.Server.CheWorkspaceClusterRole
|
||||
if workspaceClusterRole != "" {
|
||||
cheWSCustomRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-custom", "view", workspaceClusterRole, "ClusterRole", clusterAPI)
|
||||
cheWSCustomRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-custom", "view", workspaceClusterRole, "ClusterRole")
|
||||
if cheWSCustomRoleBinding == nil {
|
||||
logrus.Info("Waiting on role binding 'che-workspace-custom' to be created")
|
||||
if err != nil {
|
||||
|
|
@ -571,7 +577,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
if err := r.GenerateAndSaveFields(instance, request, clusterAPI); err != nil {
|
||||
if err := r.GenerateAndSaveFields(deployContext, request); err != nil {
|
||||
instance, _ = r.GetCR(request)
|
||||
return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err
|
||||
}
|
||||
|
|
@ -579,7 +585,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
if cheMultiUser == "false" {
|
||||
labels := deploy.GetLabels(instance, cheFlavor)
|
||||
pvcStatus := deploy.SyncPVCToCluster(instance, deploy.DefaultCheVolumeClaimName, "1Gi", labels, clusterAPI)
|
||||
pvcStatus := deploy.SyncPVCToCluster(deployContext, deploy.DefaultCheVolumeClaimName, "1Gi", labels)
|
||||
if !tests {
|
||||
if !pvcStatus.Continue {
|
||||
logrus.Infof("Waiting on pvc '%s' to be bound. Sometimes PVC can be bound only when the first consumer is created.", deploy.DefaultCheVolumeClaimName)
|
||||
|
|
@ -612,7 +618,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
postgresLabels := deploy.GetLabels(instance, deploy.PostgresDeploymentName)
|
||||
|
||||
// Create a new postgres service
|
||||
serviceStatus := deploy.SyncServiceToCluster(instance, "postgres", []string{"postgres"}, []int32{5432}, postgresLabels, clusterAPI)
|
||||
serviceStatus := deploy.SyncServiceToCluster(deployContext, "postgres", []string{"postgres"}, []int32{5432}, postgresLabels)
|
||||
if !tests {
|
||||
if !serviceStatus.Continue {
|
||||
logrus.Info("Waiting on service 'postgres' to be ready")
|
||||
|
|
@ -625,7 +631,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
|
||||
// Create a new Postgres PVC object
|
||||
pvcStatus := deploy.SyncPVCToCluster(instance, deploy.DefaultPostgresVolumeClaimName, "1Gi", postgresLabels, clusterAPI)
|
||||
pvcStatus := deploy.SyncPVCToCluster(deployContext, deploy.DefaultPostgresVolumeClaimName, "1Gi", postgresLabels)
|
||||
if !tests {
|
||||
if !pvcStatus.Continue {
|
||||
logrus.Infof("Waiting on pvc '%s' to be bound. Sometimes PVC can be bound only when the first consumer is created.", deploy.DefaultPostgresVolumeClaimName)
|
||||
|
|
@ -638,7 +644,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
|
||||
// Create a new Postgres deployment
|
||||
deploymentStatus := deploy.SyncPostgresDeploymentToCluster(instance, clusterAPI)
|
||||
deploymentStatus := deploy.SyncPostgresDeploymentToCluster(deployContext)
|
||||
if !tests {
|
||||
if !deploymentStatus.Continue {
|
||||
logrus.Infof("Waiting on deployment '%s' to be ready", deploy.PostgresDeploymentName)
|
||||
|
|
@ -697,7 +703,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
|
||||
// create Che service and route
|
||||
serviceStatus := deploy.SyncCheServiceToCluster(instance, clusterAPI)
|
||||
serviceStatus := deploy.SyncCheServiceToCluster(deployContext)
|
||||
if !tests {
|
||||
if !serviceStatus.Continue {
|
||||
logrus.Infof("Waiting on service '%s' to be ready", deploy.CheServiceHame)
|
||||
|
|
@ -711,7 +717,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
cheHost := ""
|
||||
if !isOpenShift {
|
||||
ingress, err := deploy.SyncIngressToCluster(instance, cheFlavor, instance.Spec.Server.CheHost, deploy.CheServiceHame, 8080, clusterAPI)
|
||||
ingress, err := deploy.SyncIngressToCluster(deployContext, cheFlavor, instance.Spec.Server.CheHost, deploy.CheServiceHame, 8080)
|
||||
if !tests {
|
||||
if ingress == nil {
|
||||
logrus.Infof("Waiting on ingress '%s' to be ready", cheFlavor)
|
||||
|
|
@ -730,7 +736,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
customHost = ""
|
||||
}
|
||||
|
||||
route, err := deploy.SyncRouteToCluster(instance, cheFlavor, customHost, deploy.CheServiceHame, 8080, clusterAPI)
|
||||
route, err := deploy.SyncRouteToCluster(deployContext, cheFlavor, customHost, deploy.CheServiceHame, 8080)
|
||||
if !tests {
|
||||
if route == nil {
|
||||
logrus.Infof("Waiting on route '%s' to be ready", cheFlavor)
|
||||
|
|
@ -765,7 +771,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
} else {
|
||||
keycloakLabels := deploy.GetLabels(instance, "keycloak")
|
||||
|
||||
serviceStatus := deploy.SyncServiceToCluster(instance, "keycloak", []string{"http"}, []int32{8080}, keycloakLabels, clusterAPI)
|
||||
serviceStatus := deploy.SyncServiceToCluster(deployContext, "keycloak", []string{"http"}, []int32{8080}, keycloakLabels)
|
||||
if !tests {
|
||||
if !serviceStatus.Continue {
|
||||
logrus.Info("Waiting on service 'keycloak' to be ready")
|
||||
|
|
@ -779,7 +785,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
// create Keycloak ingresses when on k8s
|
||||
if !isOpenShift {
|
||||
ingress, err := deploy.SyncIngressToCluster(instance, "keycloak", "", "keycloak", 8080, clusterAPI)
|
||||
ingress, err := deploy.SyncIngressToCluster(deployContext, "keycloak", "", "keycloak", 8080)
|
||||
if !tests {
|
||||
if ingress == nil {
|
||||
logrus.Info("Waiting on ingress 'keycloak' to be ready")
|
||||
|
|
@ -804,7 +810,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
} else {
|
||||
// create Keycloak route
|
||||
route, err := deploy.SyncRouteToCluster(instance, "keycloak", "", "keycloak", 8080, clusterAPI)
|
||||
route, err := deploy.SyncRouteToCluster(deployContext, "keycloak", "", "keycloak", 8080)
|
||||
if !tests {
|
||||
if route == nil {
|
||||
logrus.Info("Waiting on route 'keycloak' to be ready")
|
||||
|
|
@ -831,7 +837,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
deploymentStatus := deploy.SyncKeycloakDeploymentToCluster(instance, proxy, clusterAPI)
|
||||
deploymentStatus := deploy.SyncKeycloakDeploymentToCluster(deployContext)
|
||||
if !tests {
|
||||
if !deploymentStatus.Continue {
|
||||
logrus.Info("Waiting on deployment 'keycloak' to be ready")
|
||||
|
|
@ -845,7 +851,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
if !tests {
|
||||
if !instance.Status.KeycloakProvisoned {
|
||||
if err := deploy.ProvisionKeycloakResources(instance, clusterAPI); err != nil {
|
||||
if err := deploy.ProvisionKeycloakResources(deployContext); err != nil {
|
||||
logrus.Error(err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
|
@ -876,7 +882,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
provisioned, err := deploy.SyncDevfileRegistryToCluster(instance, clusterAPI)
|
||||
provisioned, err := deploy.SyncDevfileRegistryToCluster(deployContext)
|
||||
if !tests {
|
||||
if !provisioned {
|
||||
if err != nil {
|
||||
|
|
@ -886,7 +892,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
}
|
||||
|
||||
provisioned, err = deploy.SyncPluginRegistryToCluster(instance, clusterAPI)
|
||||
provisioned, err = deploy.SyncPluginRegistryToCluster(deployContext)
|
||||
if !tests {
|
||||
if !provisioned {
|
||||
if err != nil {
|
||||
|
|
@ -905,7 +911,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
|
||||
// create Che ConfigMap which is synced with CR and is not supposed to be manually edited
|
||||
// controller will reconcile this CM with CR spec
|
||||
cheConfigMap, err := deploy.SyncCheConfigMapToCluster(instance, proxy, clusterAPI)
|
||||
cheConfigMap, err := deploy.SyncCheConfigMapToCluster(deployContext)
|
||||
if !tests {
|
||||
if cheConfigMap == nil {
|
||||
logrus.Infof("Waiting on config map '%s' to be created", deploy.CheConfigMapName)
|
||||
|
|
@ -926,7 +932,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e
|
|||
}
|
||||
|
||||
// Create a new che deployment
|
||||
deploymentStatus := deploy.SyncCheDeploymentToCluster(instance, cmResourceVersion, proxy, clusterAPI)
|
||||
deploymentStatus := deploy.SyncCheDeploymentToCluster(deployContext, cmResourceVersion)
|
||||
if !tests {
|
||||
if !deploymentStatus.Continue {
|
||||
logrus.Infof("Waiting on deployment '%s' to be ready", cheFlavor)
|
||||
|
|
@ -1085,9 +1091,9 @@ func EvaluateCheServerVersion(cr *orgv1.CheCluster) string {
|
|||
return util.GetValue(cr.Spec.Server.CheImageTag, deploy.DefaultCheVersion())
|
||||
}
|
||||
|
||||
func getDefaultCheHost(checluster *orgv1.CheCluster, clusterAPI deploy.ClusterAPI) (string, error) {
|
||||
routeName := deploy.DefaultCheFlavor(checluster)
|
||||
route, err := deploy.SyncRouteToCluster(checluster, routeName, "", deploy.CheServiceHame, 8080, clusterAPI)
|
||||
func getDefaultCheHost(deployContext *deploy.DeployContext) (string, error) {
|
||||
routeName := deploy.DefaultCheFlavor(deployContext.CheCluster)
|
||||
route, err := deploy.SyncRouteToCluster(deployContext, routeName, "", deploy.CheServiceHame, 8080)
|
||||
if route == nil {
|
||||
logrus.Infof("Waiting on route '%s' to be ready", routeName)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -98,153 +98,153 @@ func (r *ReconcileChe) CreateIdentityProviderItems(instance *orgv1.CheCluster, r
|
|||
return nil
|
||||
}
|
||||
|
||||
func (r *ReconcileChe) GenerateAndSaveFields(instance *orgv1.CheCluster, request reconcile.Request, clusterAPI deploy.ClusterAPI) (err error) {
|
||||
cheFlavor := deploy.DefaultCheFlavor(instance)
|
||||
if len(instance.Spec.Server.CheFlavor) < 1 {
|
||||
instance.Spec.Server.CheFlavor = cheFlavor
|
||||
if err := r.UpdateCheCRSpec(instance, "installation flavor", cheFlavor); err != nil {
|
||||
func (r *ReconcileChe) GenerateAndSaveFields(deployContext *deploy.DeployContext, request reconcile.Request) (err error) {
|
||||
cheFlavor := deploy.DefaultCheFlavor(deployContext.CheCluster)
|
||||
if len(deployContext.CheCluster.Spec.Server.CheFlavor) < 1 {
|
||||
deployContext.CheCluster.Spec.Server.CheFlavor = cheFlavor
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "installation flavor", cheFlavor); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
cheMultiUser := deploy.GetCheMultiUser(instance)
|
||||
cheMultiUser := deploy.GetCheMultiUser(deployContext.CheCluster)
|
||||
if cheMultiUser == "true" {
|
||||
if len(instance.Spec.Database.ChePostgresSecret) < 1 {
|
||||
if len(instance.Spec.Database.ChePostgresUser) < 1 || len(instance.Spec.Database.ChePostgresPassword) < 1 {
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresSecret) < 1 {
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresUser) < 1 || len(deployContext.CheCluster.Spec.Database.ChePostgresPassword) < 1 {
|
||||
chePostgresSecret := deploy.DefaultChePostgresSecret()
|
||||
deploy.SyncSecretToCluster(instance, chePostgresSecret, map[string][]byte{"user": []byte(deploy.DefaultChePostgresUser), "password": []byte(util.GeneratePasswd(12))}, clusterAPI)
|
||||
instance.Spec.Database.ChePostgresSecret = chePostgresSecret
|
||||
if err := r.UpdateCheCRSpec(instance, "Postgres Secret", chePostgresSecret); err != nil {
|
||||
deploy.SyncSecretToCluster(deployContext, chePostgresSecret, map[string][]byte{"user": []byte(deploy.DefaultChePostgresUser), "password": []byte(util.GeneratePasswd(12))})
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresSecret = chePostgresSecret
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres Secret", chePostgresSecret); err != nil {
|
||||
return err
|
||||
}
|
||||
} else {
|
||||
if len(instance.Spec.Database.ChePostgresUser) < 1 {
|
||||
instance.Spec.Database.ChePostgresUser = deploy.DefaultChePostgresUser
|
||||
if err := r.UpdateCheCRSpec(instance, "Postgres User", instance.Spec.Database.ChePostgresUser); err != nil {
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresUser) < 1 {
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresUser = deploy.DefaultChePostgresUser
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres User", deployContext.CheCluster.Spec.Database.ChePostgresUser); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
if len(instance.Spec.Database.ChePostgresPassword) < 1 {
|
||||
instance.Spec.Database.ChePostgresPassword = util.GeneratePasswd(12)
|
||||
if err := r.UpdateCheCRSpec(instance, "auto-generated CheCluster DB password", "password-hidden"); err != nil {
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresPassword) < 1 {
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresPassword = util.GeneratePasswd(12)
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "auto-generated CheCluster DB password", "password-hidden"); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if len(instance.Spec.Auth.IdentityProviderPostgresSecret) < 1 {
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret) < 1 {
|
||||
keycloakPostgresPassword := util.GeneratePasswd(12)
|
||||
keycloakDeployment, err := r.GetEffectiveDeployment(instance, "keycloak")
|
||||
keycloakDeployment, err := r.GetEffectiveDeployment(deployContext.CheCluster, "keycloak")
|
||||
if err == nil {
|
||||
keycloakPostgresPassword = util.GetDeploymentEnv(keycloakDeployment, "DB_PASSWORD")
|
||||
}
|
||||
|
||||
if len(instance.Spec.Auth.IdentityProviderPostgresPassword) < 1 {
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword) < 1 {
|
||||
identityPostgresSecret := deploy.DefaultCheIdentityPostgresSecret()
|
||||
deploy.SyncSecretToCluster(instance, identityPostgresSecret, map[string][]byte{"password": []byte(keycloakPostgresPassword)}, clusterAPI)
|
||||
instance.Spec.Auth.IdentityProviderPostgresSecret = identityPostgresSecret
|
||||
if err := r.UpdateCheCRSpec(instance, "Identity Provider Postgres Secret", identityPostgresSecret); err != nil {
|
||||
deploy.SyncSecretToCluster(deployContext, identityPostgresSecret, map[string][]byte{"password": []byte(keycloakPostgresPassword)})
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret = identityPostgresSecret
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Identity Provider Postgres Secret", identityPostgresSecret); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if len(instance.Spec.Auth.IdentityProviderSecret) < 1 {
|
||||
keycloakAdminUserName := util.GetValue(instance.Spec.Auth.IdentityProviderAdminUserName, "admin")
|
||||
keycloakAdminPassword := util.GetValue(instance.Spec.Auth.IdentityProviderPassword, util.GeneratePasswd(12))
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderSecret) < 1 {
|
||||
keycloakAdminUserName := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName, "admin")
|
||||
keycloakAdminPassword := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword, util.GeneratePasswd(12))
|
||||
|
||||
keycloakDeployment, err := r.GetEffectiveDeployment(instance, "keycloak")
|
||||
keycloakDeployment, err := r.GetEffectiveDeployment(deployContext.CheCluster, "keycloak")
|
||||
if err == nil {
|
||||
keycloakAdminUserName = util.GetDeploymentEnv(keycloakDeployment, "SSO_ADMIN_USERNAME")
|
||||
keycloakAdminPassword = util.GetDeploymentEnv(keycloakDeployment, "SSO_ADMIN_PASSWORD")
|
||||
}
|
||||
|
||||
if len(instance.Spec.Auth.IdentityProviderAdminUserName) < 1 || len(instance.Spec.Auth.IdentityProviderPassword) < 1 {
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName) < 1 || len(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword) < 1 {
|
||||
identityProviderSecret := deploy.DefaultCheIdentitySecret()
|
||||
deploy.SyncSecretToCluster(instance, identityProviderSecret, map[string][]byte{"user": []byte(keycloakAdminUserName), "password": []byte(keycloakAdminPassword)}, clusterAPI)
|
||||
instance.Spec.Auth.IdentityProviderSecret = identityProviderSecret
|
||||
if err := r.UpdateCheCRSpec(instance, "Identity Provider Secret", identityProviderSecret); err != nil {
|
||||
deploy.SyncSecretToCluster(deployContext, identityProviderSecret, map[string][]byte{"user": []byte(keycloakAdminUserName), "password": []byte(keycloakAdminPassword)})
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderSecret = identityProviderSecret
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Identity Provider Secret", identityProviderSecret); err != nil {
|
||||
return err
|
||||
}
|
||||
} else {
|
||||
if len(instance.Spec.Auth.IdentityProviderPassword) < 1 {
|
||||
instance.Spec.Auth.IdentityProviderPassword = keycloakAdminPassword
|
||||
if err := r.UpdateCheCRSpec(instance, "Keycloak admin password", "password hidden"); err != nil {
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword) < 1 {
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderPassword = keycloakAdminPassword
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak admin password", "password hidden"); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
if len(instance.Spec.Auth.IdentityProviderAdminUserName) < 1 {
|
||||
instance.Spec.Auth.IdentityProviderAdminUserName = keycloakAdminUserName
|
||||
if err := r.UpdateCheCRSpec(instance, "Keycloak admin username", keycloakAdminUserName); err != nil {
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName) < 1 {
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName = keycloakAdminUserName
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak admin username", keycloakAdminUserName); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chePostgresDb := util.GetValue(instance.Spec.Database.ChePostgresDb, "dbche")
|
||||
if len(instance.Spec.Database.ChePostgresDb) < 1 {
|
||||
instance.Spec.Database.ChePostgresDb = chePostgresDb
|
||||
if err := r.UpdateCheCRSpec(instance, "Postgres DB", chePostgresDb); err != nil {
|
||||
chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, "dbche")
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresDb) < 1 {
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresDb = chePostgresDb
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres DB", chePostgresDb); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
chePostgresHostName := util.GetValue(instance.Spec.Database.ChePostgresHostName, deploy.DefaultChePostgresHostName)
|
||||
if len(instance.Spec.Database.ChePostgresHostName) < 1 {
|
||||
instance.Spec.Database.ChePostgresHostName = chePostgresHostName
|
||||
if err := r.UpdateCheCRSpec(instance, "Postgres hostname", chePostgresHostName); err != nil {
|
||||
chePostgresHostName := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, deploy.DefaultChePostgresHostName)
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresHostName) < 1 {
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresHostName = chePostgresHostName
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres hostname", chePostgresHostName); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
chePostgresPort := util.GetValue(instance.Spec.Database.ChePostgresPort, deploy.DefaultChePostgresPort)
|
||||
if len(instance.Spec.Database.ChePostgresPort) < 1 {
|
||||
instance.Spec.Database.ChePostgresPort = chePostgresPort
|
||||
if err := r.UpdateCheCRSpec(instance, "Postgres port", chePostgresPort); err != nil {
|
||||
chePostgresPort := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, deploy.DefaultChePostgresPort)
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresPort) < 1 {
|
||||
deployContext.CheCluster.Spec.Database.ChePostgresPort = chePostgresPort
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres port", chePostgresPort); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
keycloakRealm := util.GetValue(instance.Spec.Auth.IdentityProviderRealm, cheFlavor)
|
||||
if len(instance.Spec.Auth.IdentityProviderRealm) < 1 {
|
||||
instance.Spec.Auth.IdentityProviderRealm = keycloakRealm
|
||||
if err := r.UpdateCheCRSpec(instance, "Keycloak realm", keycloakRealm); err != nil {
|
||||
keycloakRealm := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm, cheFlavor)
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm) < 1 {
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderRealm = keycloakRealm
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak realm", keycloakRealm); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
keycloakClientId := util.GetValue(instance.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public")
|
||||
if len(instance.Spec.Auth.IdentityProviderClientId) < 1 {
|
||||
instance.Spec.Auth.IdentityProviderClientId = keycloakClientId
|
||||
keycloakClientId := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public")
|
||||
if len(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId) < 1 {
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderClientId = keycloakClientId
|
||||
|
||||
if err := r.UpdateCheCRSpec(instance, "Keycloak client ID", keycloakClientId); err != nil {
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak client ID", keycloakClientId); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
cheLogLevel := util.GetValue(instance.Spec.Server.CheLogLevel, deploy.DefaultCheLogLevel)
|
||||
if len(instance.Spec.Server.CheLogLevel) < 1 {
|
||||
instance.Spec.Server.CheLogLevel = cheLogLevel
|
||||
if err := r.UpdateCheCRSpec(instance, "log level", cheLogLevel); err != nil {
|
||||
cheLogLevel := util.GetValue(deployContext.CheCluster.Spec.Server.CheLogLevel, deploy.DefaultCheLogLevel)
|
||||
if len(deployContext.CheCluster.Spec.Server.CheLogLevel) < 1 {
|
||||
deployContext.CheCluster.Spec.Server.CheLogLevel = cheLogLevel
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "log level", cheLogLevel); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
cheDebug := util.GetValue(instance.Spec.Server.CheDebug, deploy.DefaultCheDebug)
|
||||
if len(instance.Spec.Server.CheDebug) < 1 {
|
||||
instance.Spec.Server.CheDebug = cheDebug
|
||||
if err := r.UpdateCheCRSpec(instance, "debug", cheDebug); err != nil {
|
||||
cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, deploy.DefaultCheDebug)
|
||||
if len(deployContext.CheCluster.Spec.Server.CheDebug) < 1 {
|
||||
deployContext.CheCluster.Spec.Server.CheDebug = cheDebug
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "debug", cheDebug); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
pvcStrategy := util.GetValue(instance.Spec.Storage.PvcStrategy, deploy.DefaultPvcStrategy)
|
||||
if len(instance.Spec.Storage.PvcStrategy) < 1 {
|
||||
instance.Spec.Storage.PvcStrategy = pvcStrategy
|
||||
if err := r.UpdateCheCRSpec(instance, "pvc strategy", pvcStrategy); err != nil {
|
||||
pvcStrategy := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcStrategy, deploy.DefaultPvcStrategy)
|
||||
if len(deployContext.CheCluster.Spec.Storage.PvcStrategy) < 1 {
|
||||
deployContext.CheCluster.Spec.Storage.PvcStrategy = pvcStrategy
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc strategy", pvcStrategy); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
pvcClaimSize := util.GetValue(instance.Spec.Storage.PvcClaimSize, deploy.DefaultPvcClaimSize)
|
||||
if len(instance.Spec.Storage.PvcClaimSize) < 1 {
|
||||
instance.Spec.Storage.PvcClaimSize = pvcClaimSize
|
||||
if err := r.UpdateCheCRSpec(instance, "pvc claim size", pvcClaimSize); err != nil {
|
||||
pvcClaimSize := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcClaimSize, deploy.DefaultPvcClaimSize)
|
||||
if len(deployContext.CheCluster.Spec.Storage.PvcClaimSize) < 1 {
|
||||
deployContext.CheCluster.Spec.Storage.PvcClaimSize = pvcClaimSize
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc claim size", pvcClaimSize); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
@ -254,51 +254,51 @@ func (r *ReconcileChe) GenerateAndSaveFields(instance *orgv1.CheCluster, request
|
|||
// version that should fixed bug https://github.com/eclipse/che/issues/13714
|
||||
// Or for the transition from CRW 1.2 to 2.0
|
||||
|
||||
if instance.Spec.Storage.PvcJobsImage == deploy.OldDefaultPvcJobsUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(instance) && instance.Spec.Storage.PvcJobsImage != "") {
|
||||
instance.Spec.Storage.PvcJobsImage = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "pvc jobs image", instance.Spec.Storage.PvcJobsImage); err != nil {
|
||||
if deployContext.CheCluster.Spec.Storage.PvcJobsImage == deploy.OldDefaultPvcJobsUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Storage.PvcJobsImage != "") {
|
||||
deployContext.CheCluster.Spec.Storage.PvcJobsImage = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc jobs image", deployContext.CheCluster.Spec.Storage.PvcJobsImage); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if instance.Spec.Database.PostgresImage == deploy.OldDefaultPostgresUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(instance) && instance.Spec.Database.PostgresImage != "") {
|
||||
instance.Spec.Database.PostgresImage = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "postgres image", instance.Spec.Database.PostgresImage); err != nil {
|
||||
if deployContext.CheCluster.Spec.Database.PostgresImage == deploy.OldDefaultPostgresUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Database.PostgresImage != "") {
|
||||
deployContext.CheCluster.Spec.Database.PostgresImage = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "postgres image", deployContext.CheCluster.Spec.Database.PostgresImage); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if instance.Spec.Auth.IdentityProviderImage == deploy.OldDefaultKeycloakUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(instance) && instance.Spec.Auth.IdentityProviderImage != "") {
|
||||
instance.Spec.Auth.IdentityProviderImage = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "keycloak image", instance.Spec.Auth.IdentityProviderImage); err != nil {
|
||||
if deployContext.CheCluster.Spec.Auth.IdentityProviderImage == deploy.OldDefaultKeycloakUpstreamImageToDetect ||
|
||||
(deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Auth.IdentityProviderImage != "") {
|
||||
deployContext.CheCluster.Spec.Auth.IdentityProviderImage = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "keycloak image", deployContext.CheCluster.Spec.Auth.IdentityProviderImage); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if deploy.MigratingToCRW2_0(instance) &&
|
||||
!instance.Spec.Server.ExternalPluginRegistry &&
|
||||
instance.Spec.Server.PluginRegistryUrl == deploy.OldCrwPluginRegistryUrl {
|
||||
instance.Spec.Server.PluginRegistryUrl = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "plugin registry url", instance.Spec.Server.PluginRegistryUrl); err != nil {
|
||||
if deploy.MigratingToCRW2_0(deployContext.CheCluster) &&
|
||||
!deployContext.CheCluster.Spec.Server.ExternalPluginRegistry &&
|
||||
deployContext.CheCluster.Spec.Server.PluginRegistryUrl == deploy.OldCrwPluginRegistryUrl {
|
||||
deployContext.CheCluster.Spec.Server.PluginRegistryUrl = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "plugin registry url", deployContext.CheCluster.Spec.Server.PluginRegistryUrl); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if deploy.MigratingToCRW2_0(instance) &&
|
||||
instance.Spec.Server.CheImage == deploy.OldDefaultCodeReadyServerImageRepo {
|
||||
instance.Spec.Server.CheImage = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "che image repo", instance.Spec.Server.CheImage); err != nil {
|
||||
if deploy.MigratingToCRW2_0(deployContext.CheCluster) &&
|
||||
deployContext.CheCluster.Spec.Server.CheImage == deploy.OldDefaultCodeReadyServerImageRepo {
|
||||
deployContext.CheCluster.Spec.Server.CheImage = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "che image repo", deployContext.CheCluster.Spec.Server.CheImage); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if deploy.MigratingToCRW2_0(instance) &&
|
||||
instance.Spec.Server.CheImageTag == deploy.OldDefaultCodeReadyServerImageTag {
|
||||
instance.Spec.Server.CheImageTag = ""
|
||||
if err := r.UpdateCheCRSpec(instance, "che image tag", instance.Spec.Server.CheImageTag); err != nil {
|
||||
if deploy.MigratingToCRW2_0(deployContext.CheCluster) &&
|
||||
deployContext.CheCluster.Spec.Server.CheImageTag == deploy.OldDefaultCodeReadyServerImageTag {
|
||||
deployContext.CheCluster.Spec.Server.CheImageTag = ""
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "che image tag", deployContext.CheCluster.Spec.Server.CheImageTag); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,14 +47,14 @@ func (r *ReconcileChe) getProxyConfiguration(checluster *orgv1.CheCluster) (*dep
|
|||
return proxy, nil
|
||||
}
|
||||
|
||||
func (r *ReconcileChe) putOpenShiftCertsIntoConfigMap(checluster *orgv1.CheCluster, proxy *deploy.Proxy, clusterAPI deploy.ClusterAPI) (bool, error) {
|
||||
if checluster.Spec.Server.ServerTrustStoreConfigMapName == "" {
|
||||
checluster.Spec.Server.ServerTrustStoreConfigMapName = deploy.DefaultServerTrustStoreConfigMapName()
|
||||
if err := r.UpdateCheCRSpec(checluster, "truststore configmap", deploy.DefaultServerTrustStoreConfigMapName()); err != nil {
|
||||
func (r *ReconcileChe) putOpenShiftCertsIntoConfigMap(deployContext *deploy.DeployContext) (bool, error) {
|
||||
if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName == "" {
|
||||
deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName = deploy.DefaultServerTrustStoreConfigMapName()
|
||||
if err := r.UpdateCheCRSpec(deployContext.CheCluster, "truststore configmap", deploy.DefaultServerTrustStoreConfigMapName()); err != nil {
|
||||
return false, err
|
||||
}
|
||||
}
|
||||
|
||||
certConfigMap, err := deploy.SyncTrustStoreConfigMapToCluster(checluster, clusterAPI)
|
||||
certConfigMap, err := deploy.SyncTrustStoreConfigMapToCluster(deployContext)
|
||||
return certConfigMap != nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ import (
|
|||
"os"
|
||||
"strconv"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
"github.com/sirupsen/logrus"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
|
@ -77,34 +76,34 @@ type CheConfigMap struct {
|
|||
CheTrustedCABundlesConfigMap string `json:"CHE_TRUSTED__CA__BUNDLES__CONFIGMAP,omitempty"`
|
||||
}
|
||||
|
||||
func SyncCheConfigMapToCluster(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) {
|
||||
data := GetCheConfigMapData(checluster, proxy)
|
||||
specConfigMap, err := GetSpecConfigMap(checluster, CheConfigMapName, data, clusterAPI)
|
||||
func SyncCheConfigMapToCluster(deployContext *DeployContext) (*corev1.ConfigMap, error) {
|
||||
data := GetCheConfigMapData(deployContext)
|
||||
specConfigMap, err := GetSpecConfigMap(deployContext, CheConfigMapName, data)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return SyncConfigMapToCluster(checluster, specConfigMap, clusterAPI)
|
||||
return SyncConfigMapToCluster(deployContext, specConfigMap)
|
||||
}
|
||||
|
||||
// GetConfigMapData gets env values from CR spec and returns a map with key:value
|
||||
// which is used in CheCluster ConfigMap to configure CheCluster master behavior
|
||||
func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]string) {
|
||||
cheHost := cr.Spec.Server.CheHost
|
||||
keycloakURL := cr.Spec.Auth.IdentityProviderURL
|
||||
func GetCheConfigMapData(deployContext *DeployContext) (cheEnv map[string]string) {
|
||||
cheHost := deployContext.CheCluster.Spec.Server.CheHost
|
||||
keycloakURL := deployContext.CheCluster.Spec.Auth.IdentityProviderURL
|
||||
isOpenShift, isOpenshift4, err := util.DetectOpenShift()
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to get current infra: %s", err)
|
||||
}
|
||||
cheFlavor := DefaultCheFlavor(cr)
|
||||
cheFlavor := DefaultCheFlavor(deployContext.CheCluster)
|
||||
infra := "kubernetes"
|
||||
if isOpenShift {
|
||||
infra = "openshift"
|
||||
}
|
||||
tls := "false"
|
||||
openShiftIdentityProviderId := "NULL"
|
||||
openshiftOAuth := cr.Spec.Auth.OpenShiftoAuth
|
||||
defaultTargetNamespaceDefault := cr.Namespace // By default Che SA has right in the namespace where Che in installed ...
|
||||
openshiftOAuth := deployContext.CheCluster.Spec.Auth.OpenShiftoAuth
|
||||
defaultTargetNamespaceDefault := deployContext.CheCluster.Namespace // By default Che SA has right in the namespace where Che in installed ...
|
||||
if openshiftOAuth && isOpenShift {
|
||||
// ... But if the workspace is created under the openshift identity of the end-user,
|
||||
// Then we'll have rights to create any new namespace
|
||||
|
|
@ -114,9 +113,9 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]
|
|||
openShiftIdentityProviderId = "openshift-v4"
|
||||
}
|
||||
}
|
||||
defaultTargetNamespace := util.GetValue(cr.Spec.Server.WorkspaceNamespaceDefault, defaultTargetNamespaceDefault)
|
||||
namespaceAllowUserDefined := strconv.FormatBool(cr.Spec.Server.AllowUserDefinedWorkspaceNamespaces)
|
||||
tlsSupport := cr.Spec.Server.TlsSupport
|
||||
defaultTargetNamespace := util.GetValue(deployContext.CheCluster.Spec.Server.WorkspaceNamespaceDefault, defaultTargetNamespaceDefault)
|
||||
namespaceAllowUserDefined := strconv.FormatBool(deployContext.CheCluster.Spec.Server.AllowUserDefinedWorkspaceNamespaces)
|
||||
tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport
|
||||
protocol := "http"
|
||||
wsprotocol := "ws"
|
||||
if tlsSupport {
|
||||
|
|
@ -126,50 +125,50 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]
|
|||
}
|
||||
|
||||
proxyJavaOpts := ""
|
||||
cheWorkspaceNoProxy := proxy.NoProxy
|
||||
if proxy.HttpProxy != "" {
|
||||
if proxy.NoProxy == "" {
|
||||
cheWorkspaceNoProxy := deployContext.Proxy.NoProxy
|
||||
if deployContext.Proxy.HttpProxy != "" {
|
||||
if deployContext.Proxy.NoProxy == "" {
|
||||
cheWorkspaceNoProxy = os.Getenv("KUBERNETES_SERVICE_HOST")
|
||||
} else {
|
||||
cheWorkspaceNoProxy = cheWorkspaceNoProxy + "," + os.Getenv("KUBERNETES_SERVICE_HOST")
|
||||
}
|
||||
proxyJavaOpts, err = GenerateProxyJavaOpts(proxy, cheWorkspaceNoProxy)
|
||||
proxyJavaOpts, err = GenerateProxyJavaOpts(deployContext.Proxy, cheWorkspaceNoProxy)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to generate java proxy options: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
ingressDomain := cr.Spec.K8s.IngressDomain
|
||||
tlsSecretName := cr.Spec.K8s.TlsSecretName
|
||||
ingressDomain := deployContext.CheCluster.Spec.K8s.IngressDomain
|
||||
tlsSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName
|
||||
if tlsSupport && tlsSecretName == "" {
|
||||
tlsSecretName = "che-tls"
|
||||
}
|
||||
securityContextFsGroup := util.GetValue(cr.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup)
|
||||
securityContextRunAsUser := util.GetValue(cr.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser)
|
||||
pvcStrategy := util.GetValue(cr.Spec.Storage.PvcStrategy, DefaultPvcStrategy)
|
||||
pvcClaimSize := util.GetValue(cr.Spec.Storage.PvcClaimSize, DefaultPvcClaimSize)
|
||||
workspacePvcStorageClassName := cr.Spec.Storage.WorkspacePVCStorageClassName
|
||||
securityContextFsGroup := util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup)
|
||||
securityContextRunAsUser := util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser)
|
||||
pvcStrategy := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcStrategy, DefaultPvcStrategy)
|
||||
pvcClaimSize := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcClaimSize, DefaultPvcClaimSize)
|
||||
workspacePvcStorageClassName := deployContext.CheCluster.Spec.Storage.WorkspacePVCStorageClassName
|
||||
|
||||
defaultPVCJobsImage := DefaultPvcJobsImage(cr)
|
||||
pvcJobsImage := util.GetValue(cr.Spec.Storage.PvcJobsImage, defaultPVCJobsImage)
|
||||
defaultPVCJobsImage := DefaultPvcJobsImage(deployContext.CheCluster)
|
||||
pvcJobsImage := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcJobsImage, defaultPVCJobsImage)
|
||||
preCreateSubPaths := "true"
|
||||
if !cr.Spec.Storage.PreCreateSubPaths {
|
||||
if !deployContext.CheCluster.Spec.Storage.PreCreateSubPaths {
|
||||
preCreateSubPaths = "false"
|
||||
}
|
||||
chePostgresHostName := util.GetValue(cr.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName)
|
||||
chePostgresPort := util.GetValue(cr.Spec.Database.ChePostgresPort, DefaultChePostgresPort)
|
||||
chePostgresDb := util.GetValue(cr.Spec.Database.ChePostgresDb, DefaultChePostgresDb)
|
||||
keycloakRealm := util.GetValue(cr.Spec.Auth.IdentityProviderRealm, cheFlavor)
|
||||
keycloakClientId := util.GetValue(cr.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public")
|
||||
ingressStrategy := util.GetValue(cr.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressClass := util.GetValue(cr.Spec.K8s.IngressClass, DefaultIngressClass)
|
||||
devfileRegistryUrl := cr.Status.DevfileRegistryURL
|
||||
pluginRegistryUrl := cr.Status.PluginRegistryURL
|
||||
cheLogLevel := util.GetValue(cr.Spec.Server.CheLogLevel, DefaultCheLogLevel)
|
||||
cheDebug := util.GetValue(cr.Spec.Server.CheDebug, DefaultCheDebug)
|
||||
cheMetrics := strconv.FormatBool(cr.Spec.Metrics.Enable)
|
||||
cheLabels := util.MapToKeyValuePairs(GetLabels(cr, DefaultCheFlavor(cr)))
|
||||
cheMultiUser := GetCheMultiUser(cr)
|
||||
chePostgresHostName := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName)
|
||||
chePostgresPort := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort)
|
||||
chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, DefaultChePostgresDb)
|
||||
keycloakRealm := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm, cheFlavor)
|
||||
keycloakClientId := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public")
|
||||
ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressClass := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressClass, DefaultIngressClass)
|
||||
devfileRegistryUrl := deployContext.CheCluster.Status.DevfileRegistryURL
|
||||
pluginRegistryUrl := deployContext.CheCluster.Status.PluginRegistryURL
|
||||
cheLogLevel := util.GetValue(deployContext.CheCluster.Spec.Server.CheLogLevel, DefaultCheLogLevel)
|
||||
cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, DefaultCheDebug)
|
||||
cheMetrics := strconv.FormatBool(deployContext.CheCluster.Spec.Metrics.Enable)
|
||||
cheLabels := util.MapToKeyValuePairs(GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)))
|
||||
cheMultiUser := GetCheMultiUser(deployContext.CheCluster)
|
||||
|
||||
data := &CheConfigMap{
|
||||
CheMultiUser: cheMultiUser,
|
||||
|
|
@ -196,17 +195,17 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]
|
|||
WorkspaceJavaOpts: DefaultWorkspaceJavaOpts + " " + proxyJavaOpts,
|
||||
WorkspaceMavenOpts: DefaultWorkspaceJavaOpts + " " + proxyJavaOpts,
|
||||
WorkspaceProxyJavaOpts: proxyJavaOpts,
|
||||
WorkspaceHttpProxy: proxy.HttpProxy,
|
||||
WorkspaceHttpsProxy: proxy.HttpsProxy,
|
||||
WorkspaceHttpProxy: deployContext.Proxy.HttpProxy,
|
||||
WorkspaceHttpsProxy: deployContext.Proxy.HttpsProxy,
|
||||
WorkspaceNoProxy: cheWorkspaceNoProxy,
|
||||
PluginRegistryUrl: pluginRegistryUrl,
|
||||
DevfileRegistryUrl: devfileRegistryUrl,
|
||||
CheWorkspacePluginBrokerMetadataImage: DefaultCheWorkspacePluginBrokerMetadataImage(cr),
|
||||
CheWorkspacePluginBrokerArtifactsImage: DefaultCheWorkspacePluginBrokerArtifactsImage(cr),
|
||||
CheServerSecureExposerJwtProxyImage: DefaultCheServerSecureExposerJwtProxyImage(cr),
|
||||
CheWorkspacePluginBrokerMetadataImage: DefaultCheWorkspacePluginBrokerMetadataImage(deployContext.CheCluster),
|
||||
CheWorkspacePluginBrokerArtifactsImage: DefaultCheWorkspacePluginBrokerArtifactsImage(deployContext.CheCluster),
|
||||
CheServerSecureExposerJwtProxyImage: DefaultCheServerSecureExposerJwtProxyImage(deployContext.CheCluster),
|
||||
CheJGroupsKubernetesLabels: cheLabels,
|
||||
CheMetricsEnabled: cheMetrics,
|
||||
CheTrustedCABundlesConfigMap: cr.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
CheTrustedCABundlesConfigMap: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
}
|
||||
|
||||
if cheMultiUser == "true" {
|
||||
|
|
@ -214,9 +213,9 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]
|
|||
data.KeycloakRealm = keycloakRealm
|
||||
data.KeycloakClientId = keycloakClientId
|
||||
data.DatabaseURL = "jdbc:postgresql://" + chePostgresHostName + ":" + chePostgresPort + "/" + chePostgresDb
|
||||
if len(cr.Spec.Database.ChePostgresSecret) < 1 {
|
||||
data.DbUserName = cr.Spec.Database.ChePostgresUser
|
||||
data.DbPassword = cr.Spec.Database.ChePostgresPassword
|
||||
if len(deployContext.CheCluster.Spec.Database.ChePostgresSecret) < 1 {
|
||||
data.DbUserName = deployContext.CheCluster.Spec.Database.ChePostgresUser
|
||||
data.DbPassword = deployContext.CheCluster.Spec.Database.ChePostgresPassword
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -241,6 +240,6 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]
|
|||
addMap(cheEnv, k8sCheEnv)
|
||||
}
|
||||
|
||||
addMap(cheEnv, cr.Spec.Server.CustomCheProperties)
|
||||
addMap(cheEnv, deployContext.CheCluster.Spec.Server.CustomCheProperties)
|
||||
return cheEnv
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,8 +28,13 @@ func TestNewCheConfigMap(t *testing.T) {
|
|||
cr.Spec.Server.CheHost = "myhostname.com"
|
||||
cr.Spec.Server.TlsSupport = true
|
||||
cr.Spec.Auth.OpenShiftoAuth = true
|
||||
cheEnv := GetCheConfigMapData(cr, &Proxy{})
|
||||
testCm, _ := GetSpecConfigMap(cr, CheConfigMapName, cheEnv, ClusterAPI{})
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cr,
|
||||
Proxy: &Proxy{},
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
cheEnv := GetCheConfigMapData(deployContext)
|
||||
testCm, _ := GetSpecConfigMap(deployContext, CheConfigMapName, cheEnv)
|
||||
identityProvider := testCm.Data["CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER"]
|
||||
_, isOpenshiftv4, _ := util.DetectOpenShift()
|
||||
protocol := strings.Split(testCm.Data["CHE_API"], "://")[0]
|
||||
|
|
@ -53,8 +58,13 @@ func TestConfigMapOverride(t *testing.T) {
|
|||
"CHE_WORKSPACE_NO_PROXY": "myproxy.myhostname.com",
|
||||
}
|
||||
cr.Spec.Auth.OpenShiftoAuth = true
|
||||
cheEnv := GetCheConfigMapData(cr, &Proxy{})
|
||||
testCm, _ := GetSpecConfigMap(cr, CheConfigMapName, cheEnv, ClusterAPI{})
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cr,
|
||||
Proxy: &Proxy{},
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
cheEnv := GetCheConfigMapData(deployContext)
|
||||
testCm, _ := GetSpecConfigMap(deployContext, CheConfigMapName, cheEnv)
|
||||
if testCm.Data["CHE_WORKSPACE_NO_PROXY"] != "myproxy.myhostname.com" {
|
||||
t.Errorf("Test failed. Expected myproxy.myhostname.com but was %s", testCm.Data["CHE_WORKSPACE_NO_PROXY"])
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,8 +39,11 @@ func TestCreateCheDefaultService(t *testing.T) {
|
|||
Server: orgv1.CheClusterSpecServer{},
|
||||
},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(cheCluster, ClusterAPI{})
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cheCluster,
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
service, err := GetSpecCheService(deployContext)
|
||||
|
||||
if service == nil || err != nil {
|
||||
t.Error("service should be created witn no error")
|
||||
|
|
@ -60,8 +63,12 @@ func TestCreateCheServerDebug(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cheCluster,
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(cheCluster, ClusterAPI{})
|
||||
service, err := GetSpecCheService(deployContext)
|
||||
|
||||
if service == nil || err != nil {
|
||||
t.Error("service should be created without error")
|
||||
|
|
@ -83,7 +90,12 @@ func TestCreateCheServiceEnableMetrics(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(cheCluster, ClusterAPI{})
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cheCluster,
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(deployContext)
|
||||
|
||||
if service == nil || err != nil {
|
||||
t.Error("service should be created witn no error")
|
||||
|
|
@ -104,7 +116,12 @@ func TestCreateCheServiceDisableMetrics(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(cheCluster, ClusterAPI{})
|
||||
deployContext := &DeployContext{
|
||||
CheCluster: cheCluster,
|
||||
ClusterAPI: ClusterAPI{},
|
||||
}
|
||||
|
||||
service, err := GetSpecCheService(deployContext)
|
||||
|
||||
if service == nil || err != nil {
|
||||
t.Error("service should be created witn no error")
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
|
@ -27,15 +26,15 @@ import (
|
|||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
)
|
||||
|
||||
func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1.ConfigMap, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) {
|
||||
clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, clusterAPI.Client)
|
||||
func SyncConfigMapToCluster(deployContext *DeployContext, specConfigMap *corev1.ConfigMap) (*corev1.ConfigMap, error) {
|
||||
clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterConfigMap == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specConfigMap.Kind, specConfigMap.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specConfigMap)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specConfigMap)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -44,7 +43,7 @@ func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1.
|
|||
logrus.Infof("Updating existed object: %s, name: %s", specConfigMap.Kind, specConfigMap.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
clusterConfigMap.Data = specConfigMap.Data
|
||||
err := clusterAPI.Client.Update(context.TODO(), clusterConfigMap)
|
||||
err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterConfigMap)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -52,12 +51,11 @@ func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1.
|
|||
}
|
||||
|
||||
func GetSpecConfigMap(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
data map[string]string,
|
||||
clusterAPI ClusterAPI) (*corev1.ConfigMap, error) {
|
||||
data map[string]string) (*corev1.ConfigMap, error) {
|
||||
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
configMap := &corev1.ConfigMap{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
|
|
@ -65,14 +63,14 @@ func GetSpecConfigMap(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Data: data,
|
||||
}
|
||||
|
||||
if !util.IsTestMode() {
|
||||
err := controllerutil.SetControllerReference(checluster, configMap, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, configMap, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ package deploy
|
|||
import (
|
||||
"context"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
)
|
||||
|
|
@ -23,9 +22,9 @@ const (
|
|||
injector = "config.openshift.io/inject-trusted-cabundle"
|
||||
)
|
||||
|
||||
func SyncTrustStoreConfigMapToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) {
|
||||
name := checluster.Spec.Server.ServerTrustStoreConfigMapName
|
||||
specConfigMap, err := GetSpecConfigMap(checluster, name, map[string]string{}, clusterAPI)
|
||||
func SyncTrustStoreConfigMapToCluster(deployContext *DeployContext) (*corev1.ConfigMap, error) {
|
||||
name := deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName
|
||||
specConfigMap, err := GetSpecConfigMap(deployContext, name, map[string]string{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -33,21 +32,21 @@ func SyncTrustStoreConfigMapToCluster(checluster *orgv1.CheCluster, clusterAPI C
|
|||
// OpenShift will automatically injects all certs into the configmap
|
||||
specConfigMap.ObjectMeta.Labels[injector] = "true"
|
||||
|
||||
clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, clusterAPI.Client)
|
||||
clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterConfigMap == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specConfigMap.Kind, specConfigMap.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specConfigMap)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specConfigMap)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterConfigMap.ObjectMeta.Labels[injector] != "true" {
|
||||
clusterConfigMap.ObjectMeta.Labels[injector] = "true"
|
||||
logrus.Infof("Updating existed object: %s, name: %s", specConfigMap.Kind, specConfigMap.Name)
|
||||
err := clusterAPI.Client.Update(context.TODO(), clusterConfigMap)
|
||||
err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterConfigMap)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@
|
|||
package deploy
|
||||
|
||||
import (
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||
)
|
||||
|
|
@ -23,7 +24,10 @@ type ProvisioningStatus struct {
|
|||
Err error
|
||||
}
|
||||
|
||||
type Context struct {
|
||||
type DeployContext struct {
|
||||
CheCluster *orgv1.CheCluster
|
||||
ClusterAPI ClusterAPI
|
||||
Proxy *Proxy
|
||||
DefaultCheHost string
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
|
@ -46,14 +45,13 @@ type DeploymentProvisioningStatus struct {
|
|||
}
|
||||
|
||||
func SyncDeploymentToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
specDeployment *appsv1.Deployment,
|
||||
clusterDeployment *appsv1.Deployment,
|
||||
additionalDeploymentDiffOpts cmp.Options,
|
||||
additionalDeploymentMerge func(*appsv1.Deployment, *appsv1.Deployment) *appsv1.Deployment,
|
||||
clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
additionalDeploymentMerge func(*appsv1.Deployment, *appsv1.Deployment) *appsv1.Deployment) DeploymentProvisioningStatus {
|
||||
|
||||
clusterDeployment, err := getClusterDeployment(specDeployment.Name, specDeployment.Namespace, clusterAPI.Client)
|
||||
clusterDeployment, err := getClusterDeployment(specDeployment.Name, specDeployment.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
|
|
@ -62,7 +60,7 @@ func SyncDeploymentToCluster(
|
|||
|
||||
if clusterDeployment == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specDeployment.Kind, specDeployment.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specDeployment)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specDeployment)
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -77,7 +75,7 @@ func SyncDeploymentToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", specDeployment.Kind, specDeployment.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
clusterDeployment = additionalDeploymentMerge(specDeployment, clusterDeployment)
|
||||
err := clusterAPI.Client.Update(context.TODO(), clusterDeployment)
|
||||
err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterDeployment)
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -89,7 +87,7 @@ func SyncDeploymentToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", specDeployment.Kind, specDeployment.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
clusterDeployment.Spec = specDeployment.Spec
|
||||
err := clusterAPI.Client.Update(context.TODO(), clusterDeployment)
|
||||
err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterDeployment)
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,50 +25,50 @@ import (
|
|||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
)
|
||||
|
||||
func SyncCheDeploymentToCluster(checluster *orgv1.CheCluster, cmResourceVersion string, proxy *Proxy, clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(DefaultCheFlavor(checluster), checluster.Namespace, clusterAPI.Client)
|
||||
func SyncCheDeploymentToCluster(deployContext *DeployContext, cmResourceVersion string) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(DefaultCheFlavor(deployContext.CheCluster), deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
specDeployment, err := getSpecCheDeployment(checluster, cmResourceVersion, proxy, clusterAPI)
|
||||
specDeployment, err := getSpecCheDeployment(deployContext, cmResourceVersion)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI)
|
||||
return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil)
|
||||
}
|
||||
|
||||
func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string, proxy *Proxy, clusterAPI ClusterAPI) (*appsv1.Deployment, error) {
|
||||
func getSpecCheDeployment(deployContext *DeployContext, cmResourceVersion string) (*appsv1.Deployment, error) {
|
||||
isOpenShift, _, err := util.DetectOpenShift()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
selfSignedCertUsed, err := IsSelfSignedCertificateUsed(checluster, proxy, clusterAPI)
|
||||
selfSignedCertUsed, err := IsSelfSignedCertificateUsed(deployContext)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
terminationGracePeriodSeconds := int64(30)
|
||||
cheFlavor := DefaultCheFlavor(checluster)
|
||||
labels := GetLabels(checluster, cheFlavor)
|
||||
cheFlavor := DefaultCheFlavor(deployContext.CheCluster)
|
||||
labels := GetLabels(deployContext.CheCluster, cheFlavor)
|
||||
optionalEnv := true
|
||||
memRequest := util.GetValue(checluster.Spec.Server.ServerMemoryRequest, DefaultServerMemoryRequest)
|
||||
memRequest := util.GetValue(deployContext.CheCluster.Spec.Server.ServerMemoryRequest, DefaultServerMemoryRequest)
|
||||
selfSignedCertEnv := corev1.EnvVar{
|
||||
Name: "CHE_SELF__SIGNED__CERT",
|
||||
Value: "",
|
||||
}
|
||||
customPublicCertsVolumeSource := corev1.VolumeSource{}
|
||||
if checluster.Spec.Server.ServerTrustStoreConfigMapName != "" {
|
||||
if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName != "" {
|
||||
customPublicCertsVolumeSource = corev1.VolumeSource{
|
||||
ConfigMap: &corev1.ConfigMapVolumeSource{
|
||||
LocalObjectReference: corev1.LocalObjectReference{
|
||||
Name: checluster.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
Name: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
@ -103,7 +103,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
},
|
||||
}
|
||||
}
|
||||
if checluster.Spec.Server.GitSelfSignedCert {
|
||||
if deployContext.CheCluster.Spec.Server.GitSelfSignedCert {
|
||||
gitSelfSignedCertEnv = corev1.EnvVar{
|
||||
Name: "CHE_GIT_SELF__SIGNED__CERT",
|
||||
ValueFrom: &corev1.EnvVarSource{
|
||||
|
|
@ -130,9 +130,9 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
}
|
||||
}
|
||||
|
||||
memLimit := util.GetValue(checluster.Spec.Server.ServerMemoryLimit, DefaultServerMemoryLimit)
|
||||
cheImageAndTag := GetFullCheServerImageLink(checluster)
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.CheImagePullPolicy), DefaultPullPolicyFromDockerImage(cheImageAndTag)))
|
||||
memLimit := util.GetValue(deployContext.CheCluster.Spec.Server.ServerMemoryLimit, DefaultServerMemoryLimit)
|
||||
cheImageAndTag := GetFullCheServerImageLink(deployContext.CheCluster)
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.CheImagePullPolicy), DefaultPullPolicyFromDockerImage(cheImageAndTag)))
|
||||
|
||||
deployment := &appsv1.Deployment{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
|
|
@ -141,7 +141,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: cheFlavor,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: appsv1.DeploymentSpec{
|
||||
|
|
@ -223,9 +223,9 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
},
|
||||
}
|
||||
|
||||
cheMultiUser := GetCheMultiUser(checluster)
|
||||
cheMultiUser := GetCheMultiUser(deployContext.CheCluster)
|
||||
if cheMultiUser == "true" {
|
||||
chePostgresSecret := checluster.Spec.Database.ChePostgresSecret
|
||||
chePostgresSecret := deployContext.CheCluster.Spec.Database.ChePostgresSecret
|
||||
if len(chePostgresSecret) > 0 {
|
||||
deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env,
|
||||
corev1.EnvVar{
|
||||
|
|
@ -268,7 +268,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
}
|
||||
|
||||
// configure probes if debug isn't set
|
||||
cheDebug := util.GetValue(checluster.Spec.Server.CheDebug, DefaultCheDebug)
|
||||
cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, DefaultCheDebug)
|
||||
if cheDebug != "true" {
|
||||
deployment.Spec.Template.Spec.Containers[0].ReadinessProbe = &corev1.Probe{
|
||||
Handler: corev1.Handler{
|
||||
|
|
@ -310,11 +310,11 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
}
|
||||
|
||||
if !isOpenShift {
|
||||
runAsUser, err := strconv.ParseInt(util.GetValue(checluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser), 10, 64)
|
||||
runAsUser, err := strconv.ParseInt(util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser), 10, 64)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
fsGroup, err := strconv.ParseInt(util.GetValue(checluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup), 10, 64)
|
||||
fsGroup, err := strconv.ParseInt(util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup), 10, 64)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -325,7 +325,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string
|
|||
}
|
||||
|
||||
if !util.IsTestMode() {
|
||||
err = controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme)
|
||||
err = controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,34 +56,32 @@ var (
|
|||
}
|
||||
)
|
||||
|
||||
func SyncKeycloakDeploymentToCluster(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(KeycloakDeploymentName, checluster.Namespace, clusterAPI.Client)
|
||||
func SyncKeycloakDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(KeycloakDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
specDeployment, err := getSpecKeycloakDeployment(checluster, clusterDeployment, proxy, clusterAPI)
|
||||
specDeployment, err := getSpecKeycloakDeployment(deployContext, clusterDeployment)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, keycloakCustomDiffOpts, keycloakAdditionalDeploymentMerge, clusterAPI)
|
||||
return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, keycloakCustomDiffOpts, keycloakAdditionalDeploymentMerge)
|
||||
}
|
||||
|
||||
func getSpecKeycloakDeployment(
|
||||
checluster *orgv1.CheCluster,
|
||||
clusterDeployment *appsv1.Deployment,
|
||||
proxy *Proxy,
|
||||
clusterAPI ClusterAPI) (*appsv1.Deployment, error) {
|
||||
deployContext *DeployContext,
|
||||
clusterDeployment *appsv1.Deployment) (*appsv1.Deployment, error) {
|
||||
optionalEnv := true
|
||||
labels := GetLabels(checluster, KeycloakDeploymentName)
|
||||
cheFlavor := DefaultCheFlavor(checluster)
|
||||
keycloakImage := util.GetValue(checluster.Spec.Auth.IdentityProviderImage, DefaultKeycloakImage(checluster))
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Auth.IdentityProviderImagePullPolicy), DefaultPullPolicyFromDockerImage(keycloakImage)))
|
||||
labels := GetLabels(deployContext.CheCluster, KeycloakDeploymentName)
|
||||
cheFlavor := DefaultCheFlavor(deployContext.CheCluster)
|
||||
keycloakImage := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderImage, DefaultKeycloakImage(deployContext.CheCluster))
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Auth.IdentityProviderImagePullPolicy), DefaultPullPolicyFromDockerImage(keycloakImage)))
|
||||
jbossDir := "/opt/eap"
|
||||
if cheFlavor == "che" {
|
||||
// writable dir in the upstream Keycloak image
|
||||
|
|
@ -102,8 +100,8 @@ func getSpecKeycloakDeployment(
|
|||
}
|
||||
|
||||
terminationGracePeriodSeconds := int64(30)
|
||||
cheCertSecretVersion := getSecretResourceVersion("self-signed-certificate", checluster.Namespace, clusterAPI)
|
||||
openshiftApiCertSecretVersion := getSecretResourceVersion("openshift-api-crt", checluster.Namespace, clusterAPI)
|
||||
cheCertSecretVersion := getSecretResourceVersion("self-signed-certificate", deployContext.CheCluster.Namespace, deployContext.ClusterAPI)
|
||||
openshiftApiCertSecretVersion := getSecretResourceVersion("openshift-api-crt", deployContext.CheCluster.Namespace, deployContext.ClusterAPI)
|
||||
|
||||
// add various certificates to Java trust store so that Keycloak can connect to OpenShift API
|
||||
// certificate that OpenShift router uses (for 4.0 only)
|
||||
|
|
@ -130,11 +128,11 @@ func getSpecKeycloakDeployment(
|
|||
|
||||
customPublicCertsDir := "/public-certs"
|
||||
customPublicCertsVolumeSource := corev1.VolumeSource{}
|
||||
if checluster.Spec.Server.ServerTrustStoreConfigMapName != "" {
|
||||
if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName != "" {
|
||||
customPublicCertsVolumeSource = corev1.VolumeSource{
|
||||
ConfigMap: &corev1.ConfigMapVolumeSource{
|
||||
LocalObjectReference: corev1.LocalObjectReference{
|
||||
Name: checluster.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
Name: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
@ -167,24 +165,24 @@ func getSpecKeycloakDeployment(
|
|||
applyProxyCliCommand := ""
|
||||
proxyEnvVars := []corev1.EnvVar{}
|
||||
|
||||
if proxy.HttpProxy != "" {
|
||||
if deployContext.Proxy.HttpProxy != "" {
|
||||
proxyEnvVars = []corev1.EnvVar{
|
||||
corev1.EnvVar{
|
||||
Name: "HTTP_PROXY",
|
||||
Value: proxy.HttpProxy,
|
||||
Value: deployContext.Proxy.HttpProxy,
|
||||
},
|
||||
corev1.EnvVar{
|
||||
Name: "HTTPS_PROXY",
|
||||
Value: proxy.HttpsProxy,
|
||||
Value: deployContext.Proxy.HttpsProxy,
|
||||
},
|
||||
corev1.EnvVar{
|
||||
Name: "NO_PROXY",
|
||||
Value: proxy.NoProxy,
|
||||
Value: deployContext.Proxy.NoProxy,
|
||||
},
|
||||
}
|
||||
|
||||
quotedNoProxy := ""
|
||||
for _, noProxyHost := range strings.Split(proxy.NoProxy, ",") {
|
||||
for _, noProxyHost := range strings.Split(deployContext.Proxy.NoProxy, ",") {
|
||||
if len(quotedNoProxy) != 0 {
|
||||
quotedNoProxy += ","
|
||||
}
|
||||
|
|
@ -199,7 +197,7 @@ func getSpecKeycloakDeployment(
|
|||
}
|
||||
addProxyCliCommand = " && echo Configuring Proxy && " +
|
||||
"echo -e 'embed-server --server-config=" + serverConfig + " --std-out=echo \n" +
|
||||
"/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[" + quotedNoProxy + ",\".*;" + proxy.HttpProxy + "\"]) \n" +
|
||||
"/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[" + quotedNoProxy + ",\".*;" + deployContext.Proxy.HttpProxy + "\"]) \n" +
|
||||
"stop-embedded-server' > " + jbossDir + "/setup-http-proxy.cli"
|
||||
|
||||
applyProxyCliCommand = " && " + jbossCli + " --file=" + jbossDir + "/setup-http-proxy.cli"
|
||||
|
|
@ -221,19 +219,19 @@ func getSpecKeycloakDeployment(
|
|||
},
|
||||
{
|
||||
Name: "POSTGRES_PORT_5432_TCP_ADDR",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
},
|
||||
{
|
||||
Name: "POSTGRES_PORT_5432_TCP_PORT",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
},
|
||||
{
|
||||
Name: "POSTGRES_PORT",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
},
|
||||
{
|
||||
Name: "POSTGRES_ADDR",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
},
|
||||
{
|
||||
Name: "POSTGRES_DATABASE",
|
||||
|
|
@ -281,7 +279,7 @@ func getSpecKeycloakDeployment(
|
|||
},
|
||||
}
|
||||
|
||||
identityProviderPostgresSecret := checluster.Spec.Auth.IdentityProviderPostgresSecret
|
||||
identityProviderPostgresSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret
|
||||
if len(identityProviderPostgresSecret) > 0 {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "POSTGRES_PASSWORD",
|
||||
|
|
@ -297,11 +295,11 @@ func getSpecKeycloakDeployment(
|
|||
} else {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "POSTGRES_PASSWORD",
|
||||
Value: checluster.Spec.Auth.IdentityProviderPostgresPassword,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword,
|
||||
})
|
||||
}
|
||||
|
||||
identityProviderSecret := checluster.Spec.Auth.IdentityProviderSecret
|
||||
identityProviderSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderSecret
|
||||
if len(identityProviderSecret) > 0 {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "KEYCLOAK_PASSWORD",
|
||||
|
|
@ -328,11 +326,11 @@ func getSpecKeycloakDeployment(
|
|||
} else {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "KEYCLOAK_PASSWORD",
|
||||
Value: checluster.Spec.Auth.IdentityProviderPassword,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPassword,
|
||||
},
|
||||
corev1.EnvVar{
|
||||
Name: "KEYCLOAK_USER",
|
||||
Value: checluster.Spec.Auth.IdentityProviderAdminUserName,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -348,11 +346,11 @@ func getSpecKeycloakDeployment(
|
|||
},
|
||||
{
|
||||
Name: "KEYCLOAK_POSTGRESQL_SERVICE_HOST",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName),
|
||||
},
|
||||
{
|
||||
Name: "KEYCLOAK_POSTGRESQL_SERVICE_PORT",
|
||||
Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort),
|
||||
},
|
||||
{
|
||||
Name: "DB_DATABASE",
|
||||
|
|
@ -404,7 +402,7 @@ func getSpecKeycloakDeployment(
|
|||
},
|
||||
}
|
||||
|
||||
identityProviderPostgresSecret := checluster.Spec.Auth.IdentityProviderPostgresSecret
|
||||
identityProviderPostgresSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret
|
||||
if len(identityProviderPostgresSecret) > 0 {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "DB_PASSWORD",
|
||||
|
|
@ -420,11 +418,11 @@ func getSpecKeycloakDeployment(
|
|||
} else {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "DB_PASSWORD",
|
||||
Value: checluster.Spec.Auth.IdentityProviderPostgresPassword,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword,
|
||||
})
|
||||
}
|
||||
|
||||
identityProviderSecret := checluster.Spec.Auth.IdentityProviderSecret
|
||||
identityProviderSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderSecret
|
||||
if len(identityProviderSecret) > 0 {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "SSO_ADMIN_PASSWORD",
|
||||
|
|
@ -451,11 +449,11 @@ func getSpecKeycloakDeployment(
|
|||
} else {
|
||||
keycloakEnv = append(keycloakEnv, corev1.EnvVar{
|
||||
Name: "SSO_ADMIN_PASSWORD",
|
||||
Value: checluster.Spec.Auth.IdentityProviderPassword,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPassword,
|
||||
},
|
||||
corev1.EnvVar{
|
||||
Name: "SSO_ADMIN_USERNAME",
|
||||
Value: checluster.Spec.Auth.IdentityProviderAdminUserName,
|
||||
Value: deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
@ -473,7 +471,7 @@ func getSpecKeycloakDeployment(
|
|||
" && sed -i 's/WILDCARD/ANY/g' /opt/eap/bin/launch/keycloak-spi.sh && /opt/eap/bin/openshift-launch.sh -b 0.0.0.0"
|
||||
}
|
||||
|
||||
sslRequiredUpdatedForMasterRealm := isSslRequiredUpdatedForMasterRealm(checluster, clusterAPI)
|
||||
sslRequiredUpdatedForMasterRealm := isSslRequiredUpdatedForMasterRealm(deployContext)
|
||||
if sslRequiredUpdatedForMasterRealm {
|
||||
// update command to restart pod
|
||||
command = "echo \"ssl_required WAS UPDATED for master realm.\" && " + command
|
||||
|
|
@ -488,7 +486,7 @@ func getSpecKeycloakDeployment(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: KeycloakDeploymentName,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
Annotations: map[string]string{
|
||||
"che.self-signed-certificate.version": cheCertSecretVersion,
|
||||
|
|
@ -564,7 +562,7 @@ func getSpecKeycloakDeployment(
|
|||
}
|
||||
|
||||
if !util.IsTestMode() {
|
||||
err := controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -585,8 +583,8 @@ func getSecretResourceVersion(name string, namespace string, clusterAPI ClusterA
|
|||
return secret.ResourceVersion
|
||||
}
|
||||
|
||||
func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) bool {
|
||||
if checluster.Spec.Database.ExternalDb {
|
||||
func isSslRequiredUpdatedForMasterRealm(deployContext *DeployContext) bool {
|
||||
if deployContext.CheCluster.Spec.Database.ExternalDb {
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
@ -594,7 +592,7 @@ func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI
|
|||
return false
|
||||
}
|
||||
|
||||
clusterDeployment, _ := getClusterDeployment(KeycloakDeploymentName, checluster.Namespace, clusterAPI.Client)
|
||||
clusterDeployment, _ := getClusterDeployment(KeycloakDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if clusterDeployment == nil {
|
||||
return false
|
||||
}
|
||||
|
|
@ -604,7 +602,7 @@ func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI
|
|||
return true
|
||||
}
|
||||
|
||||
dbValue, _ := getSslRequiredForMasterRealm(checluster)
|
||||
dbValue, _ := getSslRequiredForMasterRealm(deployContext.CheCluster)
|
||||
return dbValue == "NONE"
|
||||
}
|
||||
|
||||
|
|
@ -628,27 +626,27 @@ func updateSslRequiredForMasterRealm(checluster *orgv1.CheCluster) error {
|
|||
return err
|
||||
}
|
||||
|
||||
func ProvisionKeycloakResources(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) error {
|
||||
if !checluster.Spec.Database.ExternalDb {
|
||||
value, err := getSslRequiredForMasterRealm(checluster)
|
||||
func ProvisionKeycloakResources(deployContext *DeployContext) error {
|
||||
if !deployContext.CheCluster.Spec.Database.ExternalDb {
|
||||
value, err := getSslRequiredForMasterRealm(deployContext.CheCluster)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if value != "NONE" {
|
||||
err := updateSslRequiredForMasterRealm(checluster)
|
||||
err := updateSslRequiredForMasterRealm(deployContext.CheCluster)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
keycloakProvisionCommand := GetKeycloakProvisionCommand(checluster)
|
||||
podToExec, err := util.K8sclient.GetDeploymentPod(KeycloakDeploymentName, checluster.Namespace)
|
||||
keycloakProvisionCommand := GetKeycloakProvisionCommand(deployContext.CheCluster)
|
||||
podToExec, err := util.K8sclient.GetDeploymentPod(KeycloakDeploymentName, deployContext.CheCluster.Namespace)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to retrieve pod name. Further exec will fail")
|
||||
}
|
||||
|
||||
_, err = util.K8sclient.ExecIntoPod(podToExec, keycloakProvisionCommand, "create realm, client and user", checluster.Namespace)
|
||||
_, err = util.K8sclient.ExecIntoPod(podToExec, keycloakProvisionCommand, "create realm, client and user", deployContext.CheCluster.Namespace)
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,13 +12,11 @@
|
|||
package deploy
|
||||
|
||||
import (
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
)
|
||||
|
||||
|
|
@ -30,35 +28,35 @@ var (
|
|||
postgresAdminPassword = util.GeneratePasswd(12)
|
||||
)
|
||||
|
||||
func SyncPostgresDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(PostgresDeploymentName, checluster.Namespace, clusterAPI.Client)
|
||||
func SyncPostgresDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus {
|
||||
clusterDeployment, err := getClusterDeployment(PostgresDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
specDeployment, err := getSpecPostgresDeployment(checluster, clusterDeployment, clusterAPI.Scheme)
|
||||
specDeployment, err := getSpecPostgresDeployment(deployContext, clusterDeployment)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI)
|
||||
return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil)
|
||||
}
|
||||
|
||||
func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *appsv1.Deployment, scheme *runtime.Scheme) (*appsv1.Deployment, error) {
|
||||
func getSpecPostgresDeployment(deployContext *DeployContext, clusterDeployment *appsv1.Deployment) (*appsv1.Deployment, error) {
|
||||
isOpenShift, _, err := util.DetectOpenShift()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
terminationGracePeriodSeconds := int64(30)
|
||||
labels := GetLabels(checluster, PostgresDeploymentName)
|
||||
chePostgresDb := util.GetValue(checluster.Spec.Database.ChePostgresDb, "dbche")
|
||||
postgresImage := util.GetValue(checluster.Spec.Database.PostgresImage, DefaultPostgresImage(checluster))
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Database.PostgresImagePullPolicy), DefaultPullPolicyFromDockerImage(postgresImage)))
|
||||
labels := GetLabels(deployContext.CheCluster, PostgresDeploymentName)
|
||||
chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, "dbche")
|
||||
postgresImage := util.GetValue(deployContext.CheCluster.Spec.Database.PostgresImage, DefaultPostgresImage(deployContext.CheCluster))
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Database.PostgresImagePullPolicy), DefaultPullPolicyFromDockerImage(postgresImage)))
|
||||
|
||||
if clusterDeployment != nil {
|
||||
env := clusterDeployment.Spec.Template.Spec.Containers[0].Env
|
||||
|
|
@ -77,7 +75,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: "postgres",
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: appsv1.DeploymentSpec{
|
||||
|
|
@ -161,7 +159,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *
|
|||
},
|
||||
}
|
||||
|
||||
chePostgresSecret := checluster.Spec.Database.ChePostgresSecret
|
||||
chePostgresSecret := deployContext.CheCluster.Spec.Database.ChePostgresSecret
|
||||
if len(chePostgresSecret) > 0 {
|
||||
deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env,
|
||||
corev1.EnvVar{
|
||||
|
|
@ -189,10 +187,10 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *
|
|||
deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env,
|
||||
corev1.EnvVar{
|
||||
Name: "POSTGRESQL_USER",
|
||||
Value: checluster.Spec.Database.ChePostgresUser,
|
||||
Value: deployContext.CheCluster.Spec.Database.ChePostgresUser,
|
||||
}, corev1.EnvVar{
|
||||
Name: "POSTGRESQL_PASSWORD",
|
||||
Value: checluster.Spec.Database.ChePostgresPassword,
|
||||
Value: deployContext.CheCluster.Spec.Database.ChePostgresPassword,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -204,7 +202,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *
|
|||
}
|
||||
}
|
||||
if !util.IsTestMode() {
|
||||
err = controllerutil.SetControllerReference(checluster, deployment, scheme)
|
||||
err = controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
package deploy
|
||||
|
||||
import (
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
|
@ -22,16 +21,16 @@ import (
|
|||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
)
|
||||
|
||||
func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
func SyncPluginRegistryDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus {
|
||||
registryType := "plugin"
|
||||
registryImage := util.GetValue(checluster.Spec.Server.PluginRegistryImage, DefaultPluginRegistryImage(checluster))
|
||||
registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage)))
|
||||
registryMemoryLimit := util.GetValue(string(checluster.Spec.Server.PluginRegistryMemoryLimit), DefaultPluginRegistryMemoryLimit)
|
||||
registryMemoryRequest := util.GetValue(string(checluster.Spec.Server.PluginRegistryMemoryRequest), DefaultPluginRegistryMemoryRequest)
|
||||
registryImage := util.GetValue(deployContext.CheCluster.Spec.Server.PluginRegistryImage, DefaultPluginRegistryImage(deployContext.CheCluster))
|
||||
registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage)))
|
||||
registryMemoryLimit := util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryMemoryLimit), DefaultPluginRegistryMemoryLimit)
|
||||
registryMemoryRequest := util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryMemoryRequest), DefaultPluginRegistryMemoryRequest)
|
||||
probePath := "/v3/plugins/"
|
||||
pluginImagesEnv := util.GetEnvByRegExp("^.*plugin_registry_image.*$")
|
||||
|
||||
clusterDeployment, err := getClusterDeployment(PluginRegistry, checluster.Namespace, clusterAPI.Client)
|
||||
clusterDeployment, err := getClusterDeployment(PluginRegistry, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
|
|
@ -39,15 +38,14 @@ func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluster
|
|||
}
|
||||
|
||||
specDeployment, err := getSpecRegistryDeployment(
|
||||
checluster,
|
||||
deployContext,
|
||||
registryType,
|
||||
registryImage,
|
||||
pluginImagesEnv,
|
||||
registryImagePullPolicy,
|
||||
registryMemoryLimit,
|
||||
registryMemoryRequest,
|
||||
probePath,
|
||||
clusterAPI)
|
||||
probePath)
|
||||
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
|
|
@ -55,19 +53,19 @@ func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluster
|
|||
}
|
||||
}
|
||||
|
||||
return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI)
|
||||
return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil)
|
||||
}
|
||||
|
||||
func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus {
|
||||
func SyncDevfileRegistryDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus {
|
||||
registryType := "devfile"
|
||||
registryImage := util.GetValue(checluster.Spec.Server.DevfileRegistryImage, DefaultDevfileRegistryImage(checluster))
|
||||
registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage)))
|
||||
registryMemoryLimit := util.GetValue(string(checluster.Spec.Server.DevfileRegistryMemoryLimit), DefaultDevfileRegistryMemoryLimit)
|
||||
registryMemoryRequest := util.GetValue(string(checluster.Spec.Server.DevfileRegistryMemoryRequest), DefaultDevfileRegistryMemoryRequest)
|
||||
registryImage := util.GetValue(deployContext.CheCluster.Spec.Server.DevfileRegistryImage, DefaultDevfileRegistryImage(deployContext.CheCluster))
|
||||
registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage)))
|
||||
registryMemoryLimit := util.GetValue(string(deployContext.CheCluster.Spec.Server.DevfileRegistryMemoryLimit), DefaultDevfileRegistryMemoryLimit)
|
||||
registryMemoryRequest := util.GetValue(string(deployContext.CheCluster.Spec.Server.DevfileRegistryMemoryRequest), DefaultDevfileRegistryMemoryRequest)
|
||||
probePath := "/devfiles/"
|
||||
devfileImagesEnv := util.GetEnvByRegExp("^.*devfile_registry_image.*$")
|
||||
|
||||
clusterDeployment, err := getClusterDeployment(DevfileRegistry, checluster.Namespace, clusterAPI.Client)
|
||||
clusterDeployment, err := getClusterDeployment(DevfileRegistry, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
|
|
@ -75,15 +73,14 @@ func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluste
|
|||
}
|
||||
|
||||
specDeployment, err := getSpecRegistryDeployment(
|
||||
checluster,
|
||||
deployContext,
|
||||
registryType,
|
||||
registryImage,
|
||||
devfileImagesEnv,
|
||||
registryImagePullPolicy,
|
||||
registryMemoryLimit,
|
||||
registryMemoryRequest,
|
||||
probePath,
|
||||
clusterAPI)
|
||||
probePath)
|
||||
|
||||
if err != nil {
|
||||
return DeploymentProvisioningStatus{
|
||||
|
|
@ -91,23 +88,22 @@ func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluste
|
|||
}
|
||||
}
|
||||
|
||||
return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI)
|
||||
return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil)
|
||||
}
|
||||
|
||||
func getSpecRegistryDeployment(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
registryType string,
|
||||
registryImage string,
|
||||
env []corev1.EnvVar,
|
||||
registryImagePullPolicy corev1.PullPolicy,
|
||||
registryMemoryLimit string,
|
||||
registryMemoryRequest string,
|
||||
probePath string,
|
||||
clusterAPI ClusterAPI) (*appsv1.Deployment, error) {
|
||||
probePath string) (*appsv1.Deployment, error) {
|
||||
|
||||
terminationGracePeriodSeconds := int64(30)
|
||||
name := registryType + "-registry"
|
||||
labels := GetLabels(checluster, name)
|
||||
labels := GetLabels(deployContext.CheCluster, name)
|
||||
_25Percent := intstr.FromString("25%")
|
||||
_1 := int32(1)
|
||||
_2 := int32(2)
|
||||
|
|
@ -119,7 +115,7 @@ func getSpecRegistryDeployment(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: appsv1.DeploymentSpec{
|
||||
|
|
@ -213,7 +209,7 @@ func getSpecRegistryDeployment(
|
|||
}
|
||||
|
||||
if !util.IsTestMode() {
|
||||
err := controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,12 +33,12 @@ const (
|
|||
/**
|
||||
* Create devfile registry resources unless an external registry is used.
|
||||
*/
|
||||
func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (bool, error) {
|
||||
devfileRegistryURL := checluster.Spec.Server.DevfileRegistryUrl
|
||||
if !checluster.Spec.Server.ExternalDevfileRegistry {
|
||||
func SyncDevfileRegistryToCluster(deployContext *DeployContext) (bool, error) {
|
||||
devfileRegistryURL := deployContext.CheCluster.Spec.Server.DevfileRegistryUrl
|
||||
if !deployContext.CheCluster.Spec.Server.ExternalDevfileRegistry {
|
||||
var host string
|
||||
if !util.IsOpenShift {
|
||||
ingress, err := SyncIngressToCluster(checluster, DevfileRegistry, "", DevfileRegistry, 8080, clusterAPI)
|
||||
ingress, err := SyncIngressToCluster(deployContext, DevfileRegistry, "", DevfileRegistry, 8080)
|
||||
if !util.IsTestMode() {
|
||||
if ingress == nil {
|
||||
logrus.Infof("Waiting on ingress '%s' to be ready", DevfileRegistry)
|
||||
|
|
@ -49,14 +49,14 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust
|
|||
}
|
||||
}
|
||||
|
||||
ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
if ingressStrategy == "multi-host" {
|
||||
host = DevfileRegistry + "-" + checluster.Namespace + "." + checluster.Spec.K8s.IngressDomain
|
||||
host = DevfileRegistry + "-" + deployContext.CheCluster.Namespace + "." + deployContext.CheCluster.Spec.K8s.IngressDomain
|
||||
} else {
|
||||
host = checluster.Spec.K8s.IngressDomain + "/" + DevfileRegistry
|
||||
host = deployContext.CheCluster.Spec.K8s.IngressDomain + "/" + DevfileRegistry
|
||||
}
|
||||
} else {
|
||||
route, err := SyncRouteToCluster(checluster, DevfileRegistry, "", DevfileRegistry, 8080, clusterAPI)
|
||||
route, err := SyncRouteToCluster(deployContext, DevfileRegistry, "", DevfileRegistry, 8080)
|
||||
if !util.IsTestMode() {
|
||||
if route == nil {
|
||||
logrus.Infof("Waiting on route '%s' to be ready", DevfileRegistry)
|
||||
|
|
@ -74,27 +74,27 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust
|
|||
}
|
||||
|
||||
if devfileRegistryURL == "" {
|
||||
if checluster.Spec.Server.TlsSupport {
|
||||
if deployContext.CheCluster.Spec.Server.TlsSupport {
|
||||
devfileRegistryURL = "https://" + host
|
||||
} else {
|
||||
devfileRegistryURL = "http://" + host
|
||||
}
|
||||
}
|
||||
|
||||
configMapData := getDevfileRegistryConfigMapData(checluster, devfileRegistryURL)
|
||||
configMapSpec, err := GetSpecConfigMap(checluster, DevfileRegistry, configMapData, clusterAPI)
|
||||
configMapData := getDevfileRegistryConfigMapData(deployContext.CheCluster, devfileRegistryURL)
|
||||
configMapSpec, err := GetSpecConfigMap(deployContext, DevfileRegistry, configMapData)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
configMap, err := SyncConfigMapToCluster(checluster, configMapSpec, clusterAPI)
|
||||
configMap, err := SyncConfigMapToCluster(deployContext, configMapSpec)
|
||||
if configMap == nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
// Create a new registry service
|
||||
registryLabels := GetLabels(checluster, DevfileRegistry)
|
||||
serviceStatus := SyncServiceToCluster(checluster, DevfileRegistry, []string{"http"}, []int32{8080}, registryLabels, clusterAPI)
|
||||
registryLabels := GetLabels(deployContext.CheCluster, DevfileRegistry)
|
||||
serviceStatus := SyncServiceToCluster(deployContext, DevfileRegistry, []string{"http"}, []int32{8080}, registryLabels)
|
||||
if !util.IsTestMode() {
|
||||
if !serviceStatus.Continue {
|
||||
logrus.Info("Waiting on service '" + DevfileRegistry + "' to be ready")
|
||||
|
|
@ -107,7 +107,7 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust
|
|||
}
|
||||
|
||||
// Deploy devfile registry
|
||||
deploymentStatus := SyncDevfileRegistryDeploymentToCluster(checluster, clusterAPI)
|
||||
deploymentStatus := SyncDevfileRegistryDeploymentToCluster(deployContext)
|
||||
if !util.IsTestMode() {
|
||||
if !deploymentStatus.Continue {
|
||||
logrus.Info("Waiting on deployment '" + DevfileRegistry + "' to be ready")
|
||||
|
|
@ -120,9 +120,9 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust
|
|||
}
|
||||
}
|
||||
|
||||
if devfileRegistryURL != checluster.Status.DevfileRegistryURL {
|
||||
checluster.Status.DevfileRegistryURL = devfileRegistryURL
|
||||
if err := UpdateCheCRStatus(checluster, "status: Devfile Registry URL", devfileRegistryURL, clusterAPI); err != nil {
|
||||
if devfileRegistryURL != deployContext.CheCluster.Status.DevfileRegistryURL {
|
||||
deployContext.CheCluster.Status.DevfileRegistryURL = devfileRegistryURL
|
||||
if err := UpdateCheCRStatus(deployContext, "status: Devfile Registry URL", devfileRegistryURL); err != nil {
|
||||
return false, err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
|
|
@ -34,26 +33,25 @@ var ingressDiffOpts = cmp.Options{
|
|||
}
|
||||
|
||||
func SyncIngressToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
host string,
|
||||
serviceName string,
|
||||
servicePort int,
|
||||
clusterAPI ClusterAPI) (*v1beta1.Ingress, error) {
|
||||
servicePort int) (*v1beta1.Ingress, error) {
|
||||
|
||||
specIngress, err := getSpecIngress(checluster, name, host, serviceName, servicePort, clusterAPI)
|
||||
specIngress, err := getSpecIngress(deployContext, name, host, serviceName, servicePort)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterIngress, err := getClusterIngress(specIngress.Name, specIngress.Namespace, clusterAPI.Client)
|
||||
clusterIngress, err := getClusterIngress(specIngress.Name, specIngress.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterIngress == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specIngress.Kind, specIngress.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specIngress)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specIngress)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -62,12 +60,12 @@ func SyncIngressToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", clusterIngress.Kind, clusterIngress.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
|
||||
err := clusterAPI.Client.Delete(context.TODO(), clusterIngress)
|
||||
err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterIngress)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = clusterAPI.Client.Create(context.TODO(), specIngress)
|
||||
err = deployContext.ClusterAPI.Client.Create(context.TODO(), specIngress)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -91,33 +89,32 @@ func getClusterIngress(name string, namespace string, client runtimeClient.Clien
|
|||
}
|
||||
|
||||
func getSpecIngress(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
host string,
|
||||
serviceName string,
|
||||
servicePort int,
|
||||
clusterAPI ClusterAPI) (*v1beta1.Ingress, error) {
|
||||
servicePort int) (*v1beta1.Ingress, error) {
|
||||
|
||||
tlsSupport := checluster.Spec.Server.TlsSupport
|
||||
ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressDomain := checluster.Spec.K8s.IngressDomain
|
||||
ingressClass := util.GetValue(checluster.Spec.K8s.IngressClass, DefaultIngressClass)
|
||||
labels := GetLabels(checluster, name)
|
||||
tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport
|
||||
ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressDomain := deployContext.CheCluster.Spec.K8s.IngressDomain
|
||||
ingressClass := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressClass, DefaultIngressClass)
|
||||
labels := GetLabels(deployContext.CheCluster, name)
|
||||
|
||||
if host == "" {
|
||||
if ingressStrategy == "multi-host" {
|
||||
host = name + "-" + checluster.Namespace + "." + ingressDomain
|
||||
host = name + "-" + deployContext.CheCluster.Namespace + "." + ingressDomain
|
||||
} else if ingressStrategy == "single-host" {
|
||||
host = ingressDomain
|
||||
}
|
||||
}
|
||||
|
||||
tls := "false"
|
||||
tlsSecretName := util.GetValue(checluster.Spec.K8s.TlsSecretName, "che-tls")
|
||||
tlsSecretName := util.GetValue(deployContext.CheCluster.Spec.K8s.TlsSecretName, "che-tls")
|
||||
if tlsSupport {
|
||||
tls = "true"
|
||||
if name == DefaultCheFlavor(checluster) && checluster.Spec.Server.CheHostTLSSecret != "" {
|
||||
tlsSecretName = checluster.Spec.Server.CheHostTLSSecret
|
||||
if name == DefaultCheFlavor(deployContext.CheCluster) && deployContext.CheCluster.Spec.Server.CheHostTLSSecret != "" {
|
||||
tlsSecretName = deployContext.CheCluster.Spec.Server.CheHostTLSSecret
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -150,7 +147,7 @@ func getSpecIngress(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
Annotations: annotations,
|
||||
},
|
||||
|
|
@ -188,7 +185,7 @@ func getSpecIngress(
|
|||
}
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, ingress, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, ingress, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@ import (
|
|||
"fmt"
|
||||
"reflect"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
|
|
@ -52,27 +51,26 @@ var (
|
|||
)
|
||||
|
||||
func SyncJobToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
component string,
|
||||
image string,
|
||||
serviceAccountName string,
|
||||
env map[string]string,
|
||||
clusterAPI ClusterAPI) (*batchv1.Job, error) {
|
||||
env map[string]string) (*batchv1.Job, error) {
|
||||
|
||||
specJob, err := getSpecJob(checluster, name, component, image, serviceAccountName, env, clusterAPI)
|
||||
specJob, err := getSpecJob(deployContext, name, component, image, serviceAccountName, env)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterJob, err := getClusterJob(specJob.Name, specJob.Namespace, clusterAPI)
|
||||
clusterJob, err := getClusterJob(specJob.Name, specJob.Namespace, deployContext.ClusterAPI)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterJob == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specJob.Kind, specJob.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specJob)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specJob)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -81,11 +79,11 @@ func SyncJobToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", clusterJob.Kind, clusterJob.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
|
||||
if err := clusterAPI.Client.Delete(context.TODO(), clusterJob); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterJob); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err := clusterAPI.Client.Create(context.TODO(), specJob)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specJob)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -94,14 +92,13 @@ func SyncJobToCluster(
|
|||
|
||||
// GetSpecJob creates new job configuration by given parameters.
|
||||
func getSpecJob(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
component string,
|
||||
image string,
|
||||
serviceAccountName string,
|
||||
env map[string]string,
|
||||
clusterAPI ClusterAPI) (*batchv1.Job, error) {
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
env map[string]string) (*batchv1.Job, error) {
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
labels["component"] = component
|
||||
|
||||
backoffLimit := int32(3)
|
||||
|
|
@ -109,7 +106,7 @@ func getSpecJob(
|
|||
comletions := int32(1)
|
||||
terminationGracePeriodSeconds := int64(30)
|
||||
ttlSecondsAfterFinished := int32(30)
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.CheImagePullPolicy), "IfNotPresent"))
|
||||
pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.CheImagePullPolicy), "IfNotPresent"))
|
||||
|
||||
var jobEnvVars []corev1.EnvVar
|
||||
for envVarName, envVarValue := range env {
|
||||
|
|
@ -123,7 +120,7 @@ func getSpecJob(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: batchv1.JobSpec{
|
||||
|
|
@ -153,7 +150,7 @@ func getSpecJob(
|
|||
},
|
||||
}
|
||||
|
||||
if err := controllerutil.SetControllerReference(checluster, job, clusterAPI.Scheme); err != nil {
|
||||
if err := controllerutil.SetControllerReference(deployContext.CheCluster, job, deployContext.ClusterAPI.Scheme); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -33,12 +33,12 @@ const (
|
|||
/**
|
||||
* Create plugin registry resources unless an external registry is used.
|
||||
*/
|
||||
func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (bool, error) {
|
||||
pluginRegistryURL := checluster.Spec.Server.PluginRegistryUrl
|
||||
if !checluster.Spec.Server.ExternalPluginRegistry {
|
||||
func SyncPluginRegistryToCluster(deployContext *DeployContext) (bool, error) {
|
||||
pluginRegistryURL := deployContext.CheCluster.Spec.Server.PluginRegistryUrl
|
||||
if !deployContext.CheCluster.Spec.Server.ExternalPluginRegistry {
|
||||
var host string
|
||||
if !util.IsOpenShift {
|
||||
ingress, err := SyncIngressToCluster(checluster, PluginRegistry, "", PluginRegistry, 8080, clusterAPI)
|
||||
ingress, err := SyncIngressToCluster(deployContext, PluginRegistry, "", PluginRegistry, 8080)
|
||||
if !util.IsTestMode() {
|
||||
if ingress == nil {
|
||||
logrus.Infof("Waiting on ingress '%s' to be ready", PluginRegistry)
|
||||
|
|
@ -49,14 +49,14 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste
|
|||
}
|
||||
}
|
||||
|
||||
ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy)
|
||||
if ingressStrategy == "multi-host" {
|
||||
host = PluginRegistry + "-" + checluster.Namespace + "." + checluster.Spec.K8s.IngressDomain
|
||||
host = PluginRegistry + "-" + deployContext.CheCluster.Namespace + "." + deployContext.CheCluster.Spec.K8s.IngressDomain
|
||||
} else {
|
||||
host = checluster.Spec.K8s.IngressDomain + "/" + PluginRegistry
|
||||
host = deployContext.CheCluster.Spec.K8s.IngressDomain + "/" + PluginRegistry
|
||||
}
|
||||
} else {
|
||||
route, err := SyncRouteToCluster(checluster, PluginRegistry, "", PluginRegistry, 8080, clusterAPI)
|
||||
route, err := SyncRouteToCluster(deployContext, PluginRegistry, "", PluginRegistry, 8080)
|
||||
if !util.IsTestMode() {
|
||||
if route == nil {
|
||||
logrus.Infof("Waiting on route '%s' to be ready", PluginRegistry)
|
||||
|
|
@ -74,29 +74,29 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste
|
|||
}
|
||||
|
||||
if pluginRegistryURL == "" {
|
||||
if checluster.Spec.Server.TlsSupport {
|
||||
if deployContext.CheCluster.Spec.Server.TlsSupport {
|
||||
pluginRegistryURL = "https://" + host + "/v3"
|
||||
} else {
|
||||
pluginRegistryURL = "http://" + host + "/v3"
|
||||
}
|
||||
}
|
||||
|
||||
if checluster.IsAirGapMode() {
|
||||
configMapData := getPluginRegistryConfigMapData(checluster)
|
||||
configMapSpec, err := GetSpecConfigMap(checluster, PluginRegistry, configMapData, clusterAPI)
|
||||
if deployContext.CheCluster.IsAirGapMode() {
|
||||
configMapData := getPluginRegistryConfigMapData(deployContext.CheCluster)
|
||||
configMapSpec, err := GetSpecConfigMap(deployContext, PluginRegistry, configMapData)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
configMap, err := SyncConfigMapToCluster(checluster, configMapSpec, clusterAPI)
|
||||
configMap, err := SyncConfigMapToCluster(deployContext, configMapSpec)
|
||||
if configMap == nil {
|
||||
return false, err
|
||||
}
|
||||
}
|
||||
|
||||
// Create a new registry service
|
||||
registryLabels := GetLabels(checluster, PluginRegistry)
|
||||
serviceStatus := SyncServiceToCluster(checluster, PluginRegistry, []string{"http"}, []int32{8080}, registryLabels, clusterAPI)
|
||||
registryLabels := GetLabels(deployContext.CheCluster, PluginRegistry)
|
||||
serviceStatus := SyncServiceToCluster(deployContext, PluginRegistry, []string{"http"}, []int32{8080}, registryLabels)
|
||||
if !util.IsTestMode() {
|
||||
if !serviceStatus.Continue {
|
||||
logrus.Info("Waiting on service '" + PluginRegistry + "' to be ready")
|
||||
|
|
@ -109,7 +109,7 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste
|
|||
}
|
||||
|
||||
// Deploy plugin registry
|
||||
deploymentStatus := SyncPluginRegistryDeploymentToCluster(checluster, clusterAPI)
|
||||
deploymentStatus := SyncPluginRegistryDeploymentToCluster(deployContext)
|
||||
if !util.IsTestMode() {
|
||||
if !deploymentStatus.Continue {
|
||||
logrus.Info("Waiting on deployment '" + PluginRegistry + "' to be ready")
|
||||
|
|
@ -122,9 +122,9 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste
|
|||
}
|
||||
}
|
||||
|
||||
if pluginRegistryURL != checluster.Status.PluginRegistryURL {
|
||||
checluster.Status.PluginRegistryURL = pluginRegistryURL
|
||||
if err := UpdateCheCRStatus(checluster, "status: Plugin Registry URL", pluginRegistryURL, clusterAPI); err != nil {
|
||||
if pluginRegistryURL != deployContext.CheCluster.Status.PluginRegistryURL {
|
||||
deployContext.CheCluster.Status.PluginRegistryURL = pluginRegistryURL
|
||||
if err := UpdateCheCRStatus(deployContext, "status: Plugin Registry URL", pluginRegistryURL); err != nil {
|
||||
return false, err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -150,11 +150,11 @@ func removeProtocolPrefix(url string) string {
|
|||
return url
|
||||
}
|
||||
|
||||
func ConfigureProxy(instance *orgv1.CheCluster, transport *http.Transport, proxy *Proxy) {
|
||||
func ConfigureProxy(deployContext *DeployContext, transport *http.Transport) {
|
||||
config := httpproxy.Config{
|
||||
HTTPProxy: proxy.HttpProxy,
|
||||
HTTPSProxy: proxy.HttpsProxy,
|
||||
NoProxy: proxy.NoProxy,
|
||||
HTTPProxy: deployContext.Proxy.HttpProxy,
|
||||
HTTPSProxy: deployContext.Proxy.HttpsProxy,
|
||||
NoProxy: deployContext.Proxy.NoProxy,
|
||||
}
|
||||
proxyFunc := config.ProxyFunc()
|
||||
transport.Proxy = func(r *http.Request) (*url.URL, error) {
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
|
@ -24,7 +23,6 @@ import (
|
|||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
runtimeClient "sigs.k8s.io/controller-runtime/pkg/client"
|
||||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
|
|
@ -43,20 +41,19 @@ var pvcDiffOpts = cmp.Options{
|
|||
}
|
||||
|
||||
func SyncPVCToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
claimSize string,
|
||||
labels map[string]string,
|
||||
clusterAPI ClusterAPI) PVCProvisioningStatus {
|
||||
labels map[string]string) PVCProvisioningStatus {
|
||||
|
||||
specPVC, err := getSpecPVC(checluster, name, claimSize, labels, clusterAPI.Scheme)
|
||||
specPVC, err := getSpecPVC(deployContext, name, claimSize, labels)
|
||||
if err != nil {
|
||||
return PVCProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
clusterPVC, err := getClusterPVC(specPVC.Name, specPVC.Namespace, clusterAPI.Client)
|
||||
clusterPVC, err := getClusterPVC(specPVC.Name, specPVC.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return PVCProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
|
|
@ -65,7 +62,7 @@ func SyncPVCToCluster(
|
|||
|
||||
if clusterPVC == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specPVC.Kind, specPVC.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specPVC)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specPVC)
|
||||
return PVCProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -76,7 +73,7 @@ func SyncPVCToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", clusterPVC.Kind, clusterPVC.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
clusterPVC.Spec = specPVC.Spec
|
||||
err := clusterAPI.Client.Update(context.TODO(), clusterPVC)
|
||||
err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterPVC)
|
||||
return PVCProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -91,11 +88,10 @@ func SyncPVCToCluster(
|
|||
}
|
||||
|
||||
func getSpecPVC(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
claimSize string,
|
||||
labels map[string]string,
|
||||
scheme *runtime.Scheme) (*corev1.PersistentVolumeClaim, error) {
|
||||
labels map[string]string) (*corev1.PersistentVolumeClaim, error) {
|
||||
|
||||
accessModes := []corev1.PersistentVolumeAccessMode{
|
||||
corev1.ReadWriteOnce,
|
||||
|
|
@ -108,10 +104,10 @@ func getSpecPVC(
|
|||
AccessModes: accessModes,
|
||||
Resources: resources,
|
||||
}
|
||||
if len(checluster.Spec.Storage.PostgresPVCStorageClassName) > 1 {
|
||||
if len(deployContext.CheCluster.Spec.Storage.PostgresPVCStorageClassName) > 1 {
|
||||
pvcSpec = corev1.PersistentVolumeClaimSpec{
|
||||
AccessModes: accessModes,
|
||||
StorageClassName: &checluster.Spec.Storage.PostgresPVCStorageClassName,
|
||||
StorageClassName: &deployContext.CheCluster.Spec.Storage.PostgresPVCStorageClassName,
|
||||
Resources: resources,
|
||||
}
|
||||
}
|
||||
|
|
@ -123,13 +119,13 @@ func getSpecPVC(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: pvcSpec,
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, pvc, scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, pvc, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ package deploy
|
|||
import (
|
||||
"context"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
rbac "k8s.io/api/rbac/v1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
|
|
@ -25,25 +24,24 @@ import (
|
|||
)
|
||||
|
||||
func SyncRoleToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
resources []string,
|
||||
verbs []string,
|
||||
clusterAPI ClusterAPI) (*rbac.Role, error) {
|
||||
verbs []string) (*rbac.Role, error) {
|
||||
|
||||
specRole, err := getSpecRole(checluster, name, resources, verbs, clusterAPI)
|
||||
specRole, err := getSpecRole(deployContext, name, resources, verbs)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterRole, err := getClusterRole(specRole.Name, specRole.Namespace, clusterAPI.Client)
|
||||
clusterRole, err := getClusterRole(specRole.Name, specRole.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterRole == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specRole.Kind, specRole.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specRole)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRole)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -66,8 +64,8 @@ func getClusterRole(name string, namespace string, client runtimeClient.Client)
|
|||
return role, nil
|
||||
}
|
||||
|
||||
func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string, verbs []string, clusterAPI ClusterAPI) (*rbac.Role, error) {
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
func getSpecRole(deployContext *DeployContext, name string, resources []string, verbs []string) (*rbac.Role, error) {
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
role := &rbac.Role{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "Role",
|
||||
|
|
@ -75,7 +73,7 @@ func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string,
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Rules: []rbac.PolicyRule{
|
||||
|
|
@ -89,7 +87,7 @@ func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string,
|
|||
},
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, role, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, role, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ package deploy
|
|||
import (
|
||||
"context"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
rbac "k8s.io/api/rbac/v1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
|
|
@ -25,26 +24,25 @@ import (
|
|||
)
|
||||
|
||||
func SyncRoleBindingToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
serviceAccountName string,
|
||||
roleName string,
|
||||
roleKind string,
|
||||
clusterAPI ClusterAPI) (*rbac.RoleBinding, error) {
|
||||
roleKind string) (*rbac.RoleBinding, error) {
|
||||
|
||||
specRB, err := getSpecRoleBinding(checluster, name, serviceAccountName, roleName, roleKind, clusterAPI)
|
||||
specRB, err := getSpecRoleBinding(deployContext, name, serviceAccountName, roleName, roleKind)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterRB, err := getClusterRoleBiding(specRB.Name, specRB.Namespace, clusterAPI.Client)
|
||||
clusterRB, err := getClusterRoleBiding(specRB.Name, specRB.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterRB == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specRB.Kind, specRB.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specRB)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRB)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -68,14 +66,13 @@ func getClusterRoleBiding(name string, namespace string, client runtimeClient.Cl
|
|||
}
|
||||
|
||||
func getSpecRoleBinding(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
serviceAccountName string,
|
||||
roleName string,
|
||||
roleKind string,
|
||||
clusterAPI ClusterAPI) (*rbac.RoleBinding, error) {
|
||||
roleKind string) (*rbac.RoleBinding, error) {
|
||||
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
roleBinding := &rbac.RoleBinding{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "RoleBinding",
|
||||
|
|
@ -83,14 +80,14 @@ func getSpecRoleBinding(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Subjects: []rbac.Subject{
|
||||
{
|
||||
Kind: rbac.ServiceAccountKind,
|
||||
Name: serviceAccountName,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
},
|
||||
},
|
||||
RoleRef: rbac.RoleRef{
|
||||
|
|
@ -100,7 +97,7 @@ func getSpecRoleBinding(
|
|||
},
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, roleBinding, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, roleBinding, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
routev1 "github.com/openshift/api/route/v1"
|
||||
|
|
@ -39,26 +38,25 @@ var routeWithHostDiffOpts = cmp.Options{
|
|||
}
|
||||
|
||||
func SyncRouteToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
host string,
|
||||
serviceName string,
|
||||
servicePort int32,
|
||||
clusterAPI ClusterAPI) (*routev1.Route, error) {
|
||||
servicePort int32) (*routev1.Route, error) {
|
||||
|
||||
specRoute, err := GetSpecRoute(checluster, name, host, serviceName, servicePort, clusterAPI)
|
||||
specRoute, err := GetSpecRoute(deployContext, name, host, serviceName, servicePort)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterRoute, err := GetClusterRoute(specRoute.Name, specRoute.Namespace, clusterAPI.Client)
|
||||
clusterRoute, err := GetClusterRoute(specRoute.Name, specRoute.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterRoute == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specRoute.Kind, specRoute.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specRoute)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRoute)
|
||||
if !errors.IsAlreadyExists(err) {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -74,12 +72,12 @@ func SyncRouteToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", clusterRoute.Kind, clusterRoute.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
|
||||
err := clusterAPI.Client.Delete(context.TODO(), clusterRoute)
|
||||
err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterRoute)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = clusterAPI.Client.Create(context.TODO(), specRoute)
|
||||
err = deployContext.ClusterAPI.Client.Create(context.TODO(), specRoute)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -105,19 +103,18 @@ func GetClusterRoute(name string, namespace string, client runtimeClient.Client)
|
|||
|
||||
// GetSpecRoute returns default configuration of a route in Che namespace.
|
||||
func GetSpecRoute(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
host string,
|
||||
serviceName string,
|
||||
servicePort int32,
|
||||
clusterAPI ClusterAPI) (*routev1.Route, error) {
|
||||
servicePort int32) (*routev1.Route, error) {
|
||||
|
||||
tlsSupport := checluster.Spec.Server.TlsSupport
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
weight := int32(100)
|
||||
|
||||
if name == "keycloak" {
|
||||
labels = GetLabels(checluster, name)
|
||||
labels = GetLabels(deployContext.CheCluster, name)
|
||||
}
|
||||
targetPort := intstr.IntOrString{
|
||||
Type: intstr.Int,
|
||||
|
|
@ -130,7 +127,7 @@ func GetSpecRoute(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
}
|
||||
|
|
@ -153,13 +150,13 @@ func GetSpecRoute(
|
|||
Termination: routev1.TLSTerminationEdge,
|
||||
}
|
||||
|
||||
if name == DefaultCheFlavor(checluster) && checluster.Spec.Server.CheHostTLSSecret != "" {
|
||||
if name == DefaultCheFlavor(deployContext.CheCluster) && deployContext.CheCluster.Spec.Server.CheHostTLSSecret != "" {
|
||||
secret := &corev1.Secret{}
|
||||
namespacedName := types.NamespacedName{
|
||||
Namespace: checluster.Namespace,
|
||||
Name: checluster.Spec.Server.CheHostTLSSecret,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Name: deployContext.CheCluster.Spec.Server.CheHostTLSSecret,
|
||||
}
|
||||
if err := clusterAPI.Client.Get(context.TODO(), namespacedName, secret); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Get(context.TODO(), namespacedName, secret); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -168,7 +165,7 @@ func GetSpecRoute(
|
|||
}
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, route, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, route, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ import (
|
|||
|
||||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
|
@ -33,24 +32,23 @@ var secretDiffOpts = cmp.Options{
|
|||
|
||||
// SyncSecretToCluster applies secret into cluster
|
||||
func SyncSecretToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
data map[string][]byte,
|
||||
clusterAPI ClusterAPI) (*corev1.Secret, error) {
|
||||
data map[string][]byte) (*corev1.Secret, error) {
|
||||
|
||||
specSecret, err := GetSpecSecret(checluster, name, data, clusterAPI)
|
||||
specSecret, err := GetSpecSecret(deployContext, name, data)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterSecret, err := GetClusterSecret(specSecret.Name, specSecret.Namespace, clusterAPI)
|
||||
clusterSecret, err := GetClusterSecret(specSecret.Name, specSecret.Namespace, deployContext.ClusterAPI)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterSecret == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specSecret.Kind, specSecret.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specSecret)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specSecret)
|
||||
return specSecret, err
|
||||
}
|
||||
|
||||
|
|
@ -59,12 +57,12 @@ func SyncSecretToCluster(
|
|||
logrus.Infof("Updating existed object: %s, name: %s", clusterSecret.Kind, clusterSecret.Name)
|
||||
fmt.Printf("Difference:\n%s", diff)
|
||||
|
||||
err := clusterAPI.Client.Delete(context.TODO(), clusterSecret)
|
||||
err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterSecret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = clusterAPI.Client.Create(context.TODO(), specSecret)
|
||||
err = deployContext.ClusterAPI.Client.Create(context.TODO(), specSecret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -91,8 +89,8 @@ func GetClusterSecret(name string, namespace string, clusterAPI ClusterAPI) (*co
|
|||
}
|
||||
|
||||
// GetSpecSecret return default secret config for given data
|
||||
func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][]byte, clusterAPI ClusterAPI) (*corev1.Secret, error) {
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
func GetSpecSecret(deployContext *DeployContext, name string, data map[string][]byte) (*corev1.Secret, error) {
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
secret := &corev1.Secret{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
|
|
@ -100,13 +98,13 @@ func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][]
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Data: data,
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, secret, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, secret, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -117,16 +115,16 @@ func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][]
|
|||
// CreateTLSSecretFromRoute creates TLS secret with given name which contains certificates obtained from give url.
|
||||
// If the url is empty string, then router certificate will be obtained.
|
||||
// Works only on Openshift family infrastructures.
|
||||
func CreateTLSSecretFromRoute(checluster *orgv1.CheCluster, url string, name string, proxy *Proxy, clusterAPI ClusterAPI) (err error) {
|
||||
func CreateTLSSecretFromRoute(deployContext *DeployContext, url string, name string) (err error) {
|
||||
secret := &corev1.Secret{}
|
||||
if err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: checluster.Namespace}, secret); err != nil && errors.IsNotFound(err) {
|
||||
crtBytes, err := GetEndpointTLSCrtBytes(checluster, url, proxy, clusterAPI)
|
||||
if err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: deployContext.CheCluster.Namespace}, secret); err != nil && errors.IsNotFound(err) {
|
||||
crtBytes, err := GetEndpointTLSCrtBytes(deployContext, url)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to extract certificate for secret %s. Failed to create a secret with a self signed crt: %s", name, err)
|
||||
return err
|
||||
}
|
||||
|
||||
secret, err = SyncSecretToCluster(checluster, name, map[string][]byte{"ca.crt": crtBytes}, clusterAPI)
|
||||
secret, err = SyncSecretToCluster(deployContext, name, map[string][]byte{"ca.crt": crtBytes})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
|
|
@ -41,58 +40,54 @@ var portsDiffOpts = cmp.Options{
|
|||
cmpopts.IgnoreFields(corev1.ServicePort{}, "TargetPort", "NodePort"),
|
||||
}
|
||||
|
||||
func SyncCheServiceToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) ServiceProvisioningStatus {
|
||||
specService, err := GetSpecCheService(checluster, clusterAPI)
|
||||
func SyncCheServiceToCluster(deployContext *DeployContext) ServiceProvisioningStatus {
|
||||
specService, err := GetSpecCheService(deployContext)
|
||||
if err != nil {
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
return doSyncServiceToCluster(checluster, specService, clusterAPI)
|
||||
return doSyncServiceToCluster(deployContext, specService)
|
||||
}
|
||||
|
||||
func GetSpecCheService(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (*corev1.Service, error) {
|
||||
func GetSpecCheService(deployContext *DeployContext) (*corev1.Service, error) {
|
||||
portName := []string{"http"}
|
||||
portNumber := []int32{8080}
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
|
||||
if checluster.Spec.Metrics.Enable {
|
||||
if deployContext.CheCluster.Spec.Metrics.Enable {
|
||||
portName = append(portName, "metrics")
|
||||
portNumber = append(portNumber, DefaultCheMetricsPort)
|
||||
}
|
||||
|
||||
if checluster.Spec.Server.CheDebug == "true" {
|
||||
if deployContext.CheCluster.Spec.Server.CheDebug == "true" {
|
||||
portName = append(portName, "debug")
|
||||
portNumber = append(portNumber, DefaultCheDebugPort)
|
||||
}
|
||||
|
||||
return getSpecService(checluster, CheServiceHame, portName, portNumber, labels, clusterAPI)
|
||||
return getSpecService(deployContext, CheServiceHame, portName, portNumber, labels)
|
||||
}
|
||||
|
||||
func SyncServiceToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
portName []string,
|
||||
portNumber []int32,
|
||||
labels map[string]string,
|
||||
clusterAPI ClusterAPI) ServiceProvisioningStatus {
|
||||
specService, err := getSpecService(checluster, name, portName, portNumber, labels, clusterAPI)
|
||||
labels map[string]string) ServiceProvisioningStatus {
|
||||
specService, err := getSpecService(deployContext, name, portName, portNumber, labels)
|
||||
if err != nil {
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
return doSyncServiceToCluster(checluster, specService, clusterAPI)
|
||||
return doSyncServiceToCluster(deployContext, specService)
|
||||
}
|
||||
|
||||
func doSyncServiceToCluster(
|
||||
checluster *orgv1.CheCluster,
|
||||
specService *corev1.Service,
|
||||
clusterAPI ClusterAPI) ServiceProvisioningStatus {
|
||||
func doSyncServiceToCluster(deployContext *DeployContext, specService *corev1.Service) ServiceProvisioningStatus {
|
||||
|
||||
clusterService, err := getClusterService(specService.Name, specService.Namespace, clusterAPI.Client)
|
||||
clusterService, err := getClusterService(specService.Name, specService.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Err: err},
|
||||
|
|
@ -101,7 +96,7 @@ func doSyncServiceToCluster(
|
|||
|
||||
if clusterService == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specService.Kind, specService.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specService)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specService)
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -114,14 +109,14 @@ func doSyncServiceToCluster(
|
|||
fmt.Printf("Ports difference:\n%s", diffPorts)
|
||||
fmt.Printf("Selectors difference:\n%s", diffSelectors)
|
||||
|
||||
err := clusterAPI.Client.Delete(context.TODO(), clusterService)
|
||||
err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterService)
|
||||
if err != nil {
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
}
|
||||
|
||||
err = clusterAPI.Client.Create(context.TODO(), specService)
|
||||
err = deployContext.ClusterAPI.Client.Create(context.TODO(), specService)
|
||||
return ServiceProvisioningStatus{
|
||||
ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err},
|
||||
}
|
||||
|
|
@ -133,12 +128,11 @@ func doSyncServiceToCluster(
|
|||
}
|
||||
|
||||
func getSpecService(
|
||||
checluster *orgv1.CheCluster,
|
||||
deployContext *DeployContext,
|
||||
name string,
|
||||
portName []string,
|
||||
portNumber []int32,
|
||||
labels map[string]string,
|
||||
clusterAPI ClusterAPI) (*corev1.Service, error) {
|
||||
labels map[string]string) (*corev1.Service, error) {
|
||||
|
||||
ports := []corev1.ServicePort{}
|
||||
for i := range portName {
|
||||
|
|
@ -157,7 +151,7 @@ func getSpecService(
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
Spec: corev1.ServiceSpec{
|
||||
|
|
@ -167,7 +161,7 @@ func getSpecService(
|
|||
}
|
||||
|
||||
if !util.IsTestMode() {
|
||||
err := controllerutil.SetControllerReference(checluster, service, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, service, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ package deploy
|
|||
import (
|
||||
"context"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
|
|
@ -24,20 +23,20 @@ import (
|
|||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
)
|
||||
|
||||
func SyncServiceAccountToCluster(checluster *orgv1.CheCluster, name string, clusterAPI ClusterAPI) (*corev1.ServiceAccount, error) {
|
||||
specSA, err := getSpecServiceAccount(checluster, name, clusterAPI)
|
||||
func SyncServiceAccountToCluster(deployContext *DeployContext, name string) (*corev1.ServiceAccount, error) {
|
||||
specSA, err := getSpecServiceAccount(deployContext, name)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
clusterSA, err := getClusterServiceAccount(specSA.Name, specSA.Namespace, clusterAPI.Client)
|
||||
clusterSA, err := getClusterServiceAccount(specSA.Name, specSA.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if clusterSA == nil {
|
||||
logrus.Infof("Creating a new object: %s, name %s", specSA.Kind, specSA.Name)
|
||||
err := clusterAPI.Client.Create(context.TODO(), specSA)
|
||||
err := deployContext.ClusterAPI.Client.Create(context.TODO(), specSA)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
@ -60,8 +59,8 @@ func getClusterServiceAccount(name string, namespace string, client runtimeClien
|
|||
return serviceAccount, nil
|
||||
}
|
||||
|
||||
func getSpecServiceAccount(checluster *orgv1.CheCluster, name string, clusterAPI ClusterAPI) (*corev1.ServiceAccount, error) {
|
||||
labels := GetLabels(checluster, DefaultCheFlavor(checluster))
|
||||
func getSpecServiceAccount(deployContext *DeployContext, name string) (*corev1.ServiceAccount, error) {
|
||||
labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))
|
||||
serviceAccount := &corev1.ServiceAccount{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "ServiceAccount",
|
||||
|
|
@ -69,12 +68,12 @@ func getSpecServiceAccount(checluster *orgv1.CheCluster, name string, clusterAPI
|
|||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
Namespace: checluster.Namespace,
|
||||
Namespace: deployContext.CheCluster.Namespace,
|
||||
Labels: labels,
|
||||
},
|
||||
}
|
||||
|
||||
err := controllerutil.SetControllerReference(checluster, serviceAccount, clusterAPI.Scheme)
|
||||
err := controllerutil.SetControllerReference(deployContext.CheCluster, serviceAccount, deployContext.ClusterAPI.Scheme)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/eclipse/che-operator/pkg/util"
|
||||
routev1 "github.com/openshift/api/route/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
|
@ -45,13 +44,13 @@ const (
|
|||
)
|
||||
|
||||
// IsSelfSignedCertificateUsed detects whether endpoints are/should be secured by self-signed certificate.
|
||||
func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) (bool, error) {
|
||||
func IsSelfSignedCertificateUsed(deployContext *DeployContext) (bool, error) {
|
||||
if util.IsTestMode() {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
cheTLSSelfSignedCertificateSecret := &corev1.Secret{}
|
||||
err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret)
|
||||
err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret)
|
||||
if err == nil {
|
||||
// "self signed-certificate" secret found
|
||||
return true, nil
|
||||
|
|
@ -63,7 +62,7 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu
|
|||
|
||||
if util.IsOpenShift {
|
||||
// Get router TLS certificates chain
|
||||
peerCertificates, err := GetEndpointTLSCrtChain(checluster, "", proxy, clusterAPI)
|
||||
peerCertificates, err := GetEndpointTLSCrtChain(deployContext, "")
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
|
@ -81,13 +80,13 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu
|
|||
|
||||
// For Kubernetes, check che-tls secret.
|
||||
|
||||
cheTLSSecretName := checluster.Spec.K8s.TlsSecretName
|
||||
cheTLSSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName
|
||||
if len(cheTLSSecretName) < 1 {
|
||||
cheTLSSecretName = DefaultCheTLSSecretName
|
||||
}
|
||||
|
||||
cheTLSSecret := &corev1.Secret{}
|
||||
err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret)
|
||||
err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret)
|
||||
if err != nil {
|
||||
if !errors.IsNotFound(err) {
|
||||
// Failed to get secret, return error to restart reconcile loop.
|
||||
|
|
@ -103,7 +102,7 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu
|
|||
|
||||
// GetEndpointTLSCrtChain retrieves TLS certificates chain from given endpoint.
|
||||
// If endpoint is not specified, then a test route will be created and used to get router certificates.
|
||||
func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, proxy *Proxy, clusterAPI ClusterAPI) ([]*x509.Certificate, error) {
|
||||
func GetEndpointTLSCrtChain(deployContext *DeployContext, endpointURL string) ([]*x509.Certificate, error) {
|
||||
if util.IsTestMode() {
|
||||
return nil, stderrors.New("Not allowed for tests")
|
||||
}
|
||||
|
|
@ -113,14 +112,14 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
if isTestRoute {
|
||||
// Create test route to get certificates chain.
|
||||
// Note, it is not possible to use SyncRouteToCluster here as it may cause infinite reconcile loop.
|
||||
routeSpec, err := GetSpecRoute(instance, "test", "", "test", 8080, clusterAPI)
|
||||
routeSpec, err := GetSpecRoute(deployContext, "test", "", "test", 8080)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// Remove controller reference to prevent queueing new reconcile loop
|
||||
routeSpec.SetOwnerReferences(nil)
|
||||
// Create route manually
|
||||
if err := clusterAPI.Client.Create(context.TODO(), routeSpec); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Create(context.TODO(), routeSpec); err != nil {
|
||||
if !errors.IsAlreadyExists(err) {
|
||||
logrus.Errorf("Failed to create test route 'test': %s", err)
|
||||
return nil, err
|
||||
|
|
@ -129,7 +128,7 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
|
||||
// Schedule test route cleanup after the job done.
|
||||
defer func() {
|
||||
if err := clusterAPI.Client.Delete(context.TODO(), routeSpec); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), routeSpec); err != nil {
|
||||
logrus.Errorf("Failed to delete test route %s: %s", routeSpec.Name, err)
|
||||
}
|
||||
}()
|
||||
|
|
@ -138,7 +137,7 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
var route *routev1.Route
|
||||
for wait := true; wait; {
|
||||
time.Sleep(time.Duration(1) * time.Second)
|
||||
route, err = GetClusterRoute(routeSpec.Name, routeSpec.Namespace, clusterAPI.Client)
|
||||
route, err = GetClusterRoute(routeSpec.Name, routeSpec.Namespace, deployContext.ClusterAPI.Client)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -153,9 +152,9 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
transport := &http.Transport{}
|
||||
// Adding the proxy settings to the Transport object.
|
||||
// However, in case of test route we need to reach cluter directly in order to get the right certificate.
|
||||
if proxy.HttpProxy != "" && !isTestRoute {
|
||||
logrus.Infof("Configuring proxy with %s to extract crt from the following URL: %s", proxy.HttpProxy, requestURL)
|
||||
ConfigureProxy(instance, transport, proxy)
|
||||
if deployContext.Proxy.HttpProxy != "" && !isTestRoute {
|
||||
logrus.Infof("Configuring proxy with %s to extract crt from the following URL: %s", deployContext.Proxy.HttpProxy, requestURL)
|
||||
ConfigureProxy(deployContext, transport)
|
||||
}
|
||||
transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
|
||||
client := &http.Client{
|
||||
|
|
@ -175,8 +174,8 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
// GetEndpointTLSCrtBytes creates a test TLS route and gets it to extract certificate chain
|
||||
// There's an easier way which is to read tls secret in default (3.11) or openshift-ingress (4.0) namespace
|
||||
// which however requires extra privileges for operator service account
|
||||
func GetEndpointTLSCrtBytes(instance *orgv1.CheCluster, endpointURL string, proxy *Proxy, clusterAPI ClusterAPI) (certificates []byte, err error) {
|
||||
peerCertificates, err := GetEndpointTLSCrtChain(instance, endpointURL, proxy, clusterAPI)
|
||||
func GetEndpointTLSCrtBytes(deployContext *DeployContext, endpointURL string) (certificates []byte, err error) {
|
||||
peerCertificates, err := GetEndpointTLSCrtChain(deployContext, endpointURL)
|
||||
if err != nil {
|
||||
if util.IsTestMode() {
|
||||
fakeCrt := make([]byte, 5)
|
||||
|
|
@ -198,13 +197,13 @@ func GetEndpointTLSCrtBytes(instance *orgv1.CheCluster, endpointURL string, prox
|
|||
}
|
||||
|
||||
// K8sHandleCheTLSSecrets handles TLS secrets required for Che deployment on Kubernetes infrastructure.
|
||||
func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (reconcile.Result, error) {
|
||||
cheTLSSecretName := checluster.Spec.K8s.TlsSecretName
|
||||
func K8sHandleCheTLSSecrets(deployContext *DeployContext) (reconcile.Result, error) {
|
||||
cheTLSSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName
|
||||
|
||||
// ===== Check Che server TLS certificate ===== //
|
||||
|
||||
cheTLSSecret := &corev1.Secret{}
|
||||
err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret)
|
||||
err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret)
|
||||
if err != nil {
|
||||
if !errors.IsNotFound(err) {
|
||||
// Error reading secret info
|
||||
|
|
@ -216,7 +215,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
|
||||
// Remove Che CA certificate secret if any
|
||||
cheCASelfSignedCertificateSecret := &corev1.Secret{}
|
||||
err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheCASelfSignedCertificateSecret)
|
||||
err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheCASelfSignedCertificateSecret)
|
||||
if err != nil {
|
||||
if !errors.IsNotFound(err) {
|
||||
// Error reading secret info
|
||||
|
|
@ -226,40 +225,40 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// Che CA certificate doesn't exists (that's expected at this point), do nothing
|
||||
} else {
|
||||
// Remove Che CA secret because Che TLS secret is missing (they should be generated together).
|
||||
if err = clusterAPI.Client.Delete(context.TODO(), cheCASelfSignedCertificateSecret); err != nil {
|
||||
if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheCASelfSignedCertificateSecret); err != nil {
|
||||
logrus.Errorf("Error deleting Che self-signed certificate secret \"%s\": %v", CheTLSSelfSignedCertificateSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
}
|
||||
|
||||
// Prepare permissions for the certificate generation job
|
||||
sa, err := SyncServiceAccountToCluster(checluster, CheTLSJobServiceAccountName, clusterAPI)
|
||||
sa, err := SyncServiceAccountToCluster(deployContext, CheTLSJobServiceAccountName)
|
||||
if sa == nil {
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
||||
role, err := SyncRoleToCluster(checluster, CheTLSJobRoleName, []string{"secrets"}, []string{"create"}, clusterAPI)
|
||||
role, err := SyncRoleToCluster(deployContext, CheTLSJobRoleName, []string{"secrets"}, []string{"create"})
|
||||
if role == nil {
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
||||
roleBiding, err := SyncRoleBindingToCluster(checluster, CheTLSJobRoleBindingName, CheTLSJobServiceAccountName, CheTLSJobRoleName, "Role", clusterAPI)
|
||||
roleBiding, err := SyncRoleBindingToCluster(deployContext, CheTLSJobRoleBindingName, CheTLSJobServiceAccountName, CheTLSJobRoleName, "Role")
|
||||
if roleBiding == nil {
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
||||
domains := checluster.Spec.K8s.IngressDomain + ",*." + checluster.Spec.K8s.IngressDomain
|
||||
if checluster.Spec.Server.CheHost != "" && strings.Index(checluster.Spec.Server.CheHost, checluster.Spec.K8s.IngressDomain) == -1 && checluster.Spec.Server.CheHostTLSSecret == "" {
|
||||
domains += "," + checluster.Spec.Server.CheHost
|
||||
domains := deployContext.CheCluster.Spec.K8s.IngressDomain + ",*." + deployContext.CheCluster.Spec.K8s.IngressDomain
|
||||
if deployContext.CheCluster.Spec.Server.CheHost != "" && strings.Index(deployContext.CheCluster.Spec.Server.CheHost, deployContext.CheCluster.Spec.K8s.IngressDomain) == -1 && deployContext.CheCluster.Spec.Server.CheHostTLSSecret == "" {
|
||||
domains += "," + deployContext.CheCluster.Spec.Server.CheHost
|
||||
}
|
||||
cheTLSSecretsCreationJobImage := DefaultCheTLSSecretsCreationJobImage()
|
||||
jobEnvVars := map[string]string{
|
||||
"DOMAIN": domains,
|
||||
"CHE_NAMESPACE": checluster.Namespace,
|
||||
"CHE_NAMESPACE": deployContext.CheCluster.Namespace,
|
||||
"CHE_SERVER_TLS_SECRET_NAME": cheTLSSecretName,
|
||||
"CHE_CA_CERTIFICATE_SECRET_NAME": CheTLSSelfSignedCertificateSecretName,
|
||||
}
|
||||
job, err := SyncJobToCluster(checluster, CheTLSJobName, CheTLSJobComponentName, cheTLSSecretsCreationJobImage, CheTLSJobServiceAccountName, jobEnvVars, clusterAPI)
|
||||
job, err := SyncJobToCluster(deployContext, CheTLSJobName, CheTLSJobComponentName, cheTLSSecretsCreationJobImage, CheTLSJobServiceAccountName, jobEnvVars)
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
|
|
@ -272,7 +271,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
|
||||
// cleanup job
|
||||
job := &batchv1.Job{}
|
||||
err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: CheTLSJobName, Namespace: checluster.Namespace}, job)
|
||||
err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: CheTLSJobName, Namespace: deployContext.CheCluster.Namespace}, job)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
// Failed to get the job
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
|
|
@ -281,10 +280,10 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// The job object is present
|
||||
if job.Status.Succeeded > 0 {
|
||||
logrus.Infof("Import public part of Eclipse Che self-signed CA certificate from \"%s\" secret into your browser.", CheTLSSelfSignedCertificateSecretName)
|
||||
deleteJob(job, checluster, clusterAPI)
|
||||
deleteJob(deployContext, job)
|
||||
} else if job.Status.Failed > 0 {
|
||||
// The job failed, but the certificate is present, shouldn't happen
|
||||
deleteJob(job, checluster, clusterAPI)
|
||||
deleteJob(deployContext, job)
|
||||
return reconcile.Result{}, nil
|
||||
}
|
||||
// Job hasn't reported finished status yet, wait more
|
||||
|
|
@ -296,7 +295,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// The secret is invalid because required field(s) missing.
|
||||
logrus.Infof("Che TLS secret \"%s\" is invalid. Recreating...", cheTLSSecretName)
|
||||
// Delete old invalid secret
|
||||
if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil {
|
||||
if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil {
|
||||
logrus.Errorf("Error deleting Che TLS secret \"%s\": %v", cheTLSSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
|
@ -307,11 +306,11 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// Check owner reference
|
||||
if cheTLSSecret.ObjectMeta.OwnerReferences == nil {
|
||||
// Set owner Che cluster as Che TLS secret owner
|
||||
if err := controllerutil.SetControllerReference(checluster, cheTLSSecret, clusterAPI.Scheme); err != nil {
|
||||
if err := controllerutil.SetControllerReference(deployContext.CheCluster, cheTLSSecret, deployContext.ClusterAPI.Scheme); err != nil {
|
||||
logrus.Errorf("Failed to set owner for Che TLS secret \"%s\". Error: %s", cheTLSSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
if err := clusterAPI.Client.Update(context.TODO(), cheTLSSecret); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Update(context.TODO(), cheTLSSecret); err != nil {
|
||||
logrus.Errorf("Failed to update owner for Che TLS secret \"%s\". Error: %s", cheTLSSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
|
@ -320,7 +319,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// ===== Check Che CA certificate ===== //
|
||||
|
||||
cheTLSSelfSignedCertificateSecret := &corev1.Secret{}
|
||||
err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret)
|
||||
err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret)
|
||||
if err != nil {
|
||||
if !errors.IsNotFound(err) {
|
||||
// Error reading Che self-signed secret info
|
||||
|
|
@ -334,13 +333,13 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
if !isCheCASecretValid(cheTLSSelfSignedCertificateSecret) {
|
||||
logrus.Infof("Che self-signed certificate secret \"%s\" is invalid. Recrating...", CheTLSSelfSignedCertificateSecretName)
|
||||
// Che CA self-signed certificate secret is invalid, delete it
|
||||
if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil {
|
||||
if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil {
|
||||
logrus.Errorf("Error deleting Che self-signed certificate secret \"%s\": %v", CheTLSSelfSignedCertificateSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
// Also delete Che TLS as the certificates should be created together
|
||||
// Here it is not mandatory to check Che TLS secret existence as it is handled above
|
||||
if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil {
|
||||
if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil {
|
||||
logrus.Errorf("Error deleting Che TLS secret \"%s\": %v", cheTLSSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
|
@ -351,11 +350,11 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
// Check owner reference
|
||||
if cheTLSSelfSignedCertificateSecret.ObjectMeta.OwnerReferences == nil {
|
||||
// Set owner Che cluster as Che TLS secret owner
|
||||
if err := controllerutil.SetControllerReference(checluster, cheTLSSelfSignedCertificateSecret, clusterAPI.Scheme); err != nil {
|
||||
if err := controllerutil.SetControllerReference(deployContext.CheCluster, cheTLSSelfSignedCertificateSecret, deployContext.ClusterAPI.Scheme); err != nil {
|
||||
logrus.Errorf("Failed to set owner for Che self-signed certificate secret \"%s\". Error: %s", CheTLSSelfSignedCertificateSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
if err := clusterAPI.Client.Update(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Update(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil {
|
||||
logrus.Errorf("Failed to update owner for Che self-signed certificate secret \"%s\". Error: %s", CheTLSSelfSignedCertificateSecretName, err)
|
||||
return reconcile.Result{RequeueAfter: time.Second}, err
|
||||
}
|
||||
|
|
@ -368,10 +367,10 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI)
|
|||
|
||||
// CheckAndUpdateK8sTLSConfiguration validates Che TLS configuration on Kubernetes infra.
|
||||
// If configuration is wrong it will guess most common use cases and will make changes in Che CR accordingly to the assumption.
|
||||
func CheckAndUpdateK8sTLSConfiguration(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) error {
|
||||
if checluster.Spec.K8s.TlsSecretName == "" {
|
||||
checluster.Spec.K8s.TlsSecretName = DefaultCheTLSSecretName
|
||||
if err := UpdateCheCRSpec(checluster, "TlsSecretName", checluster.Spec.K8s.TlsSecretName, clusterAPI); err != nil {
|
||||
func CheckAndUpdateK8sTLSConfiguration(deployContext *DeployContext) error {
|
||||
if deployContext.CheCluster.Spec.K8s.TlsSecretName == "" {
|
||||
deployContext.CheCluster.Spec.K8s.TlsSecretName = DefaultCheTLSSecretName
|
||||
if err := UpdateCheCRSpec(deployContext, "TlsSecretName", deployContext.CheCluster.Spec.K8s.TlsSecretName); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
@ -396,20 +395,20 @@ func isCheCASecretValid(cheCASelfSignedCertificateSecret *corev1.Secret) bool {
|
|||
return true
|
||||
}
|
||||
|
||||
func deleteJob(job *batchv1.Job, checluster *orgv1.CheCluster, clusterAPI ClusterAPI) {
|
||||
names := util.K8sclient.GetPodsByComponent(CheTLSJobComponentName, checluster.Namespace)
|
||||
func deleteJob(deployContext *DeployContext, job *batchv1.Job) {
|
||||
names := util.K8sclient.GetPodsByComponent(CheTLSJobComponentName, deployContext.CheCluster.Namespace)
|
||||
for _, podName := range names {
|
||||
pod := &corev1.Pod{}
|
||||
err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: podName, Namespace: checluster.Namespace}, pod)
|
||||
err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: podName, Namespace: deployContext.CheCluster.Namespace}, pod)
|
||||
if err == nil {
|
||||
// Delete pod (for some reasons pod isn't removed when job is removed)
|
||||
if err = clusterAPI.Client.Delete(context.TODO(), pod); err != nil {
|
||||
if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), pod); err != nil {
|
||||
logrus.Errorf("Error deleting pod: '%s', error: %v", podName, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if err := clusterAPI.Client.Delete(context.TODO(), job); err != nil {
|
||||
if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), job); err != nil {
|
||||
logrus.Errorf("Error deleting job: '%s', error: %v", CheTLSJobName, err)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,28 +14,27 @@ package deploy
|
|||
import (
|
||||
"context"
|
||||
|
||||
orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func UpdateCheCRSpec(instance *orgv1.CheCluster, updatedField string, value string, clusterAPI ClusterAPI) (err error) {
|
||||
logrus.Infof("Updating %s CR with %s: %s", instance.Name, updatedField, value)
|
||||
err = clusterAPI.Client.Update(context.TODO(), instance)
|
||||
func UpdateCheCRSpec(deployContext *DeployContext, updatedField string, value string) (err error) {
|
||||
logrus.Infof("Updating %s CR with %s: %s", deployContext.CheCluster.Name, updatedField, value)
|
||||
err = deployContext.ClusterAPI.Client.Update(context.TODO(), deployContext.CheCluster)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to update %s CR: %s", instance.Name, err)
|
||||
logrus.Errorf("Failed to update %s CR: %s", deployContext.CheCluster.Name, err)
|
||||
return err
|
||||
}
|
||||
logrus.Infof("Custom resource %s updated", instance.Name)
|
||||
logrus.Infof("Custom resource %s updated", deployContext.CheCluster.Name)
|
||||
return nil
|
||||
}
|
||||
|
||||
func UpdateCheCRStatus(instance *orgv1.CheCluster, updatedField string, value string, clusterAPI ClusterAPI) (err error) {
|
||||
logrus.Infof("Updating %s CR with %s: %s", instance.Name, updatedField, value)
|
||||
err = clusterAPI.Client.Status().Update(context.TODO(), instance)
|
||||
func UpdateCheCRStatus(deployContext *DeployContext, updatedField string, value string) (err error) {
|
||||
logrus.Infof("Updating %s CR with %s: %s", deployContext.CheCluster.Name, updatedField, value)
|
||||
err = deployContext.ClusterAPI.Client.Status().Update(context.TODO(), deployContext.CheCluster)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to update %s CR. Fetching the latest CR version: %s", instance.Name, err)
|
||||
logrus.Errorf("Failed to update %s CR. Fetching the latest CR version: %s", deployContext.CheCluster.Name, err)
|
||||
return err
|
||||
}
|
||||
logrus.Infof("Custom resource %s updated", instance.Name)
|
||||
logrus.Infof("Custom resource %s updated", deployContext.CheCluster.Name)
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue