6cf8df2b86
feat: Allow to configure ImagePullPolicyt for a user workspace ( #1747 )
...
* fear: Allow to configure ImagePullPolicy for a user workspace
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-08-23 09:50:26 +02:00
ea78a2ceb7
chore: operator should not revert readiness and liveness prob configurations ( #1743 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-08-16 08:08:45 +02:00
1bd44bdb28
add pod & container security context Che Cluster Fields ( #1729 )
...
* feat: add Che Cluster CR fields for pod & container security context
Also modify devEnvironments.disableContainerBuildCapabilities field documentation
to mention it overrides devEnvironments.security.containerSecurityContext
when set to false.
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* feat: configure DWOC pod & container security context from Che Cluster CR
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: Add tests for DWOC pod & security context configuration
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: update dev resources for Che Cluster CR devEnvironments.security field
Also updates dev resources for devEnvironments.disableContainerBuildCapabilities
field documentation.
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: split DevWorkspaceConfig tests into seperate functions
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: clean up DevWorkspaceConfig container builds tests
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: clean up unused error in DevWorkspaceOperatorConfig reconciler
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
---------
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
2023-08-10 16:54:52 +02:00
93691bb289
chore: add tests for configuring persistent workspace home directory config
...
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
2023-07-27 15:35:10 +02:00
17ea193f27
feat: allow configuring persistent workspace home directory
...
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
2023-07-27 15:35:10 +02:00
c4188e10d8
fix: Downstream tests ( #1727 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-07-10 17:41:24 +02:00
42a4363251
chore: Get rid of mounting CHE_GIT_SELF__SIGNED__CERT__HOST and CHE_GIT_SELF__SIGNED__CERT into che-server pod ( #1723 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-07-10 15:50:51 +02:00
1bf8dde7b6
fix: Disable container build capabilities on Kubernetes ( #1719 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-07-05 12:18:53 +02:00
4db565cb8e
fix: Don't clean up `openVSXURL` on installation ( #1716 )
...
* fix: `CheClusterDefaultsCleaner` does not clean up CheCluster CR values on a fresh installation
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-07-04 13:49:08 +02:00
94934bfe17
fix: Getting branding assets from Eclipse Che Dashboard should not require authentiction ( #1708 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-06-15 13:58:24 +02:00
d748431b2b
[fix] Remove project clone config from DevWorkspace when unset
...
Removing the last field from a CheCluster's
devEnvironments.projectCloneContainer results in the change not being
propagated to the DevWorkspaceOperatorConfig.
Instead, if the CheCluster's field is unset, the
DevWorkspaceOperatorConfig's corresponding field should also be unset.
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
2023-06-09 16:56:22 -04:00
02ce7749f0
Add fields for configuring project clone container to CheCluster CRD ( #1687 )
...
* Update devworkspace-operator dependency version to v0.21.0
Update devworkspace-operator dependency to v0.21.0 and update vendor dir
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
* Add project clone container config field to CheCluster CR
Add field .spec.devEnvironments.projectCloneContainer to allow
configuring image, env, resources, and pull policy for the project clone
container.
This change reuses the existing Container struct for storing this
config, which means that
* The name field is ignored (it appears to be a discriminator for the
Deployment struct's containers[] field
* Defaults are handled differently:
* Default imagePullPolicy is the general pull policy for DWO, with
default value "Always" (instead of depending on tag as documented)
* Resource requirements set to "0" are interpreted as "do not set this
field"
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
* Add reconcile step that syncs CheCluster project clone to DevWorkspace
Sync the field CheCluster.devEnvironments.projectCloneConfig to the
DevWorkspaceOperatorConfig owned by the operator.
Update tests to cover new functionality.
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
---------
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
2023-05-31 09:58:50 +03:00
be2afadd93
chore: Add permissions to user to update and patch deployment/service/pvc ( #1691 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-29 09:27:42 +03:00
ae66d5c51d
fix: probePath for plugin and devfile registries deployments ( #1690 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-26 16:38:15 +03:00
109d3c2ce1
fix: NPE in deploy.OverrideDeployment func ( #1689 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-26 12:33:53 +03:00
97f6177500
feat: Set empty CPU limits when possible ( #1686 )
...
* feat: Set empty CPU limits when possible
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-25 17:20:44 +03:00
b31b92b137
feat: Allow to configure OpenShift OAuth scope ( #1685 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-24 10:17:31 +03:00
47d5ae3f05
chore: Remove `spec.components.database` and `status.postgresVersion` fields ( #1684 )
...
* chore: Remove spec.components.database and status.postgresVersion fields
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---------
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-05-24 09:07:54 +03:00
0c1eed6b78
Update Che Gateway default resources to match previous values
...
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
2023-05-04 16:50:24 -04:00
b9d8ce34b5
feat: add ability to override Gateway container in devEnvironments ( #1639 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Angel Misevski <amisevsk@redhat.com>
---------
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Angel Misevski <amisevsk@redhat.com>
2023-04-25 17:18:38 +03:00
c927cac2bf
feat: allow to specify IngressClassName ( #1669 )
...
* feat: allow to specify IngressClassName
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-25 08:50:07 +03:00
a98d18233e
feat: configure workspace deployment strategy with CheCluster CR ( #1666 )
...
* feat: configure workspace deployment strategy with CheCluster CR
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: add tests for configuring workspace deployment strategy
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: update dev resources for devEnvironments.DeploymentStrategy
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
---------
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
2023-04-25 08:43:55 +03:00
4bcc78a27a
feat: Allow to configure user custom roles ( #1663 )
...
* feat: Allow to configure user custom roles without duplicating default ones
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-21 14:52:05 +03:00
5bd0cdc19a
feat: configure DWOC ServiceAccount tokens from devEnvironments.serviceAccountTokens ( #1643 )
...
* feat: configure DWOC ServiceAccount tokens from devEnvironments.serviceAccountTokens
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
2023-04-17 16:49:09 +03:00
fb6bccfd61
feat: Update Dev Workspace Operator v0.20.0 ( #1660 )
...
* feat: Update Dev Workspace Operator v0.20.0
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
* Restore replaces in go.mod
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
* Restore replaces in go.mod
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
* chore: update DEPENDENCIES.md (#1661 )
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* Update DEPENDENCIES.md
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---------
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
Co-authored-by: Andrew O <aobuchow@redhat.com>
2023-04-14 16:14:30 +03:00
a1bb81f67c
feat: allow not to set resources requests/limits ( #1656 )
...
* feat: allow not to set resources requests/limits
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-12 15:52:52 +03:00
5d582d135c
fix: For update of existing installations we should not change the value of disableBuildCapabilities ( #1654 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-05 15:14:05 +03:00
3a61595a99
chore: Adapt tests for downstream ( #1652 )
...
* chore: Adapt tests for downstream
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
* make fmt
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---------
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-04 08:58:40 +03:00
a66ea81a35
fix: sync should not update labels and annotations for an object ( #1649 )
...
* fix: sync should not update labels and annotations for an object
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-03-29 18:40:43 +03:00
7207630a3c
use UDI with ubi8-latest tag ( #1648 )
...
Replaces UDI:ubi8-38da5c2 with UDI:ubi8-latest to have latest changes form the universal developer image (UDI) in the default componen.
Signed-off-by: Valerii Svydenko <vsvydenk@redhat.com>
2023-03-29 15:03:36 +03:00
c1ec947acd
feat: Move some defaults out of CheCluster to env variables ( #1642 )
...
* feat: Move some defaults out of CheCluster to env variables
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-03-29 09:09:46 +03:00
239b5362ae
feat: Propagate kubernetes root certificate to che components ( #1637 )
...
* feat: Propagate kubernetes root certificate to che components
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-03-14 07:45:27 +02:00
12169def8b
feat: Remove PostgreSQL component ( #1630 )
...
* feat: Remove PostgreSQL component
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-02-28 15:42:22 +02:00
8d0ee22923
feat: Support Azure DevOps Service OAuth ( #1622 )
...
* feat: Support Azure DevOps Service OAuth2 config
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-02-27 18:09:40 +02:00
822da3fcd0
chore: increase failureThreshold for a liveness probe in plugin-registry deployment ( #1628 )
...
Signed-off-by: Valerii Svydenko <vsvydenk@redhat.com>
2023-02-23 10:39:52 +02:00
277a038f1b
chore: increase the number of threshold for plugin reg to 90 ( #1623 )
...
Signed-off-by: Valerii Svydenko <vsvydenk@redhat.com>
2023-02-21 17:24:03 +02:00
d3fdf2476b
Support Bitbucket-server oAuth2 secret config ( #1618 )
...
Add an ability to configure bitbucket-server oAuth secret for the factory flow.
2023-02-15 16:41:16 +02:00
8f5c3b41fa
feat: Configure disable subdomain isolation via secret ( #1613 )
...
* feat: Configre disable subdomin isolation via secet
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
* Deprecate Enpoints
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-02-09 12:43:56 +02:00
978a2d39a0
fix: set scc priority to null ( #1606 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-01-30 07:52:06 +02:00
4e75590a11
chore: Refactor Kubernetes Image Puller ( #1598 )
...
* chore: Refactor Kubernetes Image Puller
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-01-12 12:25:05 +02:00
3d07ff759a
Set SCC allowPrivilegeEscalation to true when container build enabled ( #1596 )
...
* Set SCC allowPrivilegeEscalation to true when container build enabled
Running Podman inside a container in OpenShift requires the pod to have
allowPrivilegeEscalation: true in its security context.
* Fix tests
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
2023-01-11 10:39:23 -05:00
6110221447
chore: Allow to run che-server on OpenShift with FIPS enabled ( #1597 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-01-11 14:59:57 +02:00
571cd1e329
feat: configure workspace start timeout from Che Cluster CR ( #1576 )
...
* feat: configure workspace security context for container builds
Fix eclipse/che#21770
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* feat: add spec.devEnvironments.startTimeout to Che Cluster CR
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: add tests for configuring DWO progressTimeout with Che Cluster CR
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* chore: update deployment, bundle, CSV and CRD
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
* Update resources
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Signed-off-by: Andrew Obuchowicz <aobuchow@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
2022-12-28 10:20:12 +02:00
4774568459
feat: spec.devEnvironments.podSchedulerName in CR ( #1587 )
...
* feat: spec.devEnvironments.podSchedulerName in CR
Signed-off-by: David Kwon <dakwon@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
2022-12-23 11:18:34 -05:00
d8e1be1948
fix(utils): whitelist should not cut off second-level domain ( #1588 )
2022-12-23 15:10:36 +02:00
bd74906edc
feat: Support ephemeral pvc strategy ( #1580 )
...
* feat: Support ephemeral pvc strategy
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2022-12-21 09:24:19 +02:00
e9e578ab15
Add retry middleware to retry connecting to mainurl if connection failed ( #1579 )
...
Signed-off-by: David Kwon <dakwon@redhat.com>
2022-12-16 10:22:28 -05:00
79d470a61a
chore: Adding the 'get' verb to OpenShift route permissions ( #1577 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2022-12-08 11:27:17 +02:00
783d35046c
feat: Use a pre-created ServiceAccount for workspace Pods ( #1569 )
...
* feat: Use a pre-created ServiceAccount for workspace Pods
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2022-12-07 15:25:01 +02:00
04e016fa7b
chore: Add permissions to watch events ( #1573 )
...
* chore: Add permissions to watch events
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2022-12-06 15:07:45 +02:00
Anatolii Bazko