* Refactor defaults mgt for flavor-related props
* Don't update the CR with effective docker images
* Also redeploy Postgres when image changes
* Now correctly manage upgrade from 7.0.0 GA
* Wait for rolling update of secondary deployments
Signed-off-by: David Festal <dfestal@redhat.com>
* Update default tags to `7.0.0`
* Release OLM files to `7.0.0`
* Channel was renamed to `stable` at `7.0.0` release
Signed-off-by: David Festal <dfestal@redhat.com>
* Add both `https` and `http` redirect URLs in the `OAuthClient`
* Take registry URL settings into account
* Only update registry URLs in Status when necessary
* Update registry routes or ingresses when switching to TLS
* Restart pod on deployment-driving CR field change
Signed-off-by: David Festal <dfestal@redhat.com>
* Add pull policies
* Add configurable pull policies for deployments in Che, Keycloak and Postgres deployments
* `Always` policy by default for `nightly`/`latest` images
Signed-off-by: David Festal <dfestal@redhat.com>
* Update API
* Update defaults
* update controller
* Separate memory limits and requests as in PR https://github.com/eclipse/che/pull/13890/files#diff-a488b4bdede7547798a17f6830874b05R59
* update release script to also change default image tag of registry containers
* Also remove overridden `nightly` registry images
* Add registry nightly images in nightly OLM packages
Signed-off-by: David Festal <dfestal@redhat.com>
* Make the OS 4 API url retrieval more robust
Signed-off-by: David Festal <dfestal@redhat.com>
* Fix a bug when removing openshift v4 provider
On Openshift arbitrary user mode.
Signed-off-by: David Festal <dfestal@redhat.com>
* Roll-update Keycloak when certificates changed
Signed-off-by: David Festal <dfestal@redhat.com>
* Don't loose the controller ref on Keycloak update
Signed-off-by: David Festal <dfestal@redhat.com>
* Remove the finalizer when disabling OS OAuth
Signed-off-by: David Festal <dfestal@redhat.com>
* Upgrade defaults to `7.0.0-RC-2.0`
Signed-off-by: David Festal <dfestal@redhat.com>
* fix wrong whitespaces
Signed-off-by: David Festal <dfestal@redhat.com>
* Support the new `openshift-v4` identity provider
* Add permissions for the Openshift v4 provider and reduce
the requested permissions to manage the OAuth client
* Add field for workspace cluster role to operator
* Update Che controller test to verify custom role.
Signed-off-by: John Collier <John.J.Collier@ibm.com>
* Use `7.0.0-beta-5.0` Keycloak docker image
* use `/scripts` as home dir for `kcadm`
* Add `runAsUser` on Postgres for k8s
* Update k8s security context from upstream
* update the CR with security context settings
* Fix a bug with `openshiftoAuth: true` on K8S
Signed-off-by: David Festal <dfestal@redhat.com>
David Festal