fbe9a3ecd4
Fix proxy and internal hostname case ( #646 ) ( #649 )
...
* Fix proxy and internal hostname case
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-28 09:20:16 +02:00
a4da381730
Increase liveness probe initial delay for Keycloak and Che server to prevent failure in case of longer start ( #647 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2021-01-27 16:01:11 +02:00
49bf7c8635
Define Required Metadata Labels on deployment definitions ( #603 )
...
* Add default kubernetes labels
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-26 15:50:05 +02:00
d5ea65afdd
Specify resources limits ( #612 )
...
* Specify resource limits
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-25 13:48:06 +02:00
b1a756dc73
Add 'SecurityContext' of Containers into diff ignore on Deployments comparison ( #635 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2021-01-19 18:17:55 +02:00
a1add39d3c
Drop all capabilities ( #622 )
...
* Drop all capabilities
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-18 12:24:37 +02:00
482155b7e2
Automate the setup of github identity provider with internal keycloak ( #589 )
...
* GitHub identity provider provision
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-13 17:06:54 +02:00
5b78d6b545
`cd /home/jboss` before exec into identity provider container ( #623 )
...
* cd /home/jboss before exec
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-01-13 11:20:11 +02:00
39b7a1e7b8
Add liveness and readiness probes ( #598 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-12-30 12:51:46 +02:00
42684b836f
Mount secrets in containers ( #595 )
...
* Mount secrets in containers
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-12-24 12:25:01 +02:00
ae79476106
Improve oauth handling. ( #551 )
...
* Improve oauth handling.
Signed-off-by: Oleksandr Andriienko <oandriie@redhat.com>
2020-12-21 10:38:37 +02:00
cdb613a73d
Fix potential NPE ( #587 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-12-18 14:07:39 +02:00
ed3df35359
Import all certificates from propagated bundles into Keycloak's trust store ( #560 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-12-09 12:51:35 +02:00
a6848bf1b6
install kubernetes image puller/kip operator from che-operator ( #541 )
...
* Allow the che-operator to install the Kubernetes Image Puller operator and configure a KubernetesImagePuller CR in the same namespace that che is installed in.
Adds a new field to the CheCluster CR, imagePuller, that will install the operator and create a CR if enabled. If disabled, it will uninstall and remove the image puller artifacts.
Signed-off-by: Tom George <tgeorge@redhat.com>
2020-12-08 08:53:24 -06:00
cd239ce7a4
Gh18399 che SA cluster roles ( #543 )
...
Signed-off-by: Michal Vala <mvala@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
2020-12-02 18:03:11 +01:00
8b4a5e076f
Fix outdated README file and add development notes ( #553 )
...
* Fix outdated README file. Add more useful development info.
Signed-off-by: Oleksandr Andriienko <oandriie@redhat.com>
Co-authored-by: Flavius Lacatusu <flacatus@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Yana Hontyk <yhontyk@redhat.com>
2020-12-01 14:42:49 +02:00
3d9c611522
Implement addition CA config maps merge and propagation to Che server ( #531 )
...
Implement CA certs sources merge and propagate resulting config map to Che server
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-11-27 15:04:33 +02:00
73d951b3f3
Add ability to use internal network for Keycloak ( #507 )
...
Signed-off-by: Oleksandr Andriienko <oandriie@redhat.com>
2020-11-26 17:26:56 +02:00
b103569906
Refresh oauth client ( #550 )
...
Fixes eclipse/che#17886 Update the OAuthClient each time there is a change.
2020-11-26 15:53:41 +01:00
73053b2bc4
Provide internal network urls for plugin registry, devfile registry and internal che api endpoint url. ( #468 )
...
* Provide internal network urls for plugin, devfile registries and internal che api endpoint url.
Signed-off-by: Oleksandr Andriienko <oandriie@redhat.com>
2020-11-26 13:54:26 +02:00
2e0bfecd45
Add metrics role and extend view role ( #519 )
...
* Extend view role. Add a role for metrics api
Signed-off-by: svor <vsvydenk@redhat.com>
2020-11-23 10:51:26 +02:00
7ccd18d34d
Add codeready user readonly theme ( #540 )
...
* Add codeready user readonly theme
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-11-19 17:49:28 +02:00
390b3fe061
Implement ability to use default ingress TLS certificate ( #508 )
...
Implement ability to use default ingress TLS certificate
2020-11-06 14:51:42 +02:00
227046459c
fix: Revert "CRW-1254 can we use the standard ubi URLs" (turns out no, it breaks stuff); also bump versions to 7.20.0-13.nightly ( #494 )
...
* Revert "CRW-1254 can we use the standard,... (#484 )"
This reverts commit c5ab66b099
2020-10-13 12:06:49 -04:00
47a01d7276
Automatically propagate ca-certs configmap content into server and identity provider ( #487 )
...
* Automatically propagate serverTrustStoreConfigMap context to server and identity provider
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-10-13 14:04:20 +03:00
c5ab66b099
CRW-1254 can we use the standard,... ( #484 )
...
* CRW-1254 can we use the standard, non-deprecated registry registry.redhat.io instead of registry.access.redhat.com for ubi minimal images? also we should use the safer path /ubi8/ubi-minimal vs. /ubi8-minimal so that OCP 4.x airgap mirroring works
Change-Id: I04112ce8cf9a3311872e7fb295fd742d75055d06
Signed-off-by: nickboldt <nboldt@redhat.com>
* revert to registry.access.redhat.com, but keep ubi8/ubi-minimal instead of ubi8-minimal
Change-Id: I60370daa74b03c8370a912068f5ce5d8f6cbee29
Signed-off-by: nickboldt <nboldt@redhat.com>
* include generated che-operator.clusterserviceversion.yaml files thanks to ./olm/update-nightly-bundle.sh and operator-sdk 0.10.1
Change-Id: I9718547051a918c2a91fa49645521655c8d3dc9a
Signed-off-by: nickboldt <nboldt@redhat.com>
* Update csv files
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
2020-10-07 10:32:29 +03:00
cc93735274
Refactor deploy package ( #474 )
...
* Move exposure logic to one place & Group deploy classes
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-10-05 17:34:43 +03:00
6953a195ed
Add keycloak admin username and password to the che deployment ( #446 )
...
Signed-off-by: Vitalii Parfonov <vparfono@redhat.com>
2020-10-01 16:16:50 +03:00
37e6a9d18f
Define labels for route/ingress ( #449 )
...
* Define labels for route/ingress
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-09-25 14:17:19 +03:00
f0545195f8
CRW-1229 use ArchitectureDependentEnv values instead of amd64-specific ones to match values set in defaults.go ( #454 )
...
Change-Id: I88022bd2b4faa09c1cbf489d75b198ddc98f19c1
Signed-off-by: nickboldt <nboldt@redhat.com>
2020-09-21 10:08:31 -04:00
bda65a4e40
Manage the Traefik gateway for implementing single host on OpenShift ( #378 )
...
Co-authored-by: Michal Vala <michal.vala@gmail.com>
2020-09-16 15:21:57 +02:00
c824447348
Add validation for username field to be dns compatible ( #444 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-09-16 12:26:09 +03:00
ef0a2fa705
Correctly convert wildcards in nonProxyHosts for JAVA_OPTS ( #440 )
...
* Correctly convert wildcards in nonProxyHosts for JAVA_OPTS
* Fix propogation of wildcard non-proxy hosts into Keycloak
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-09-16 11:46:52 +03:00
4c9b256619
Fix reconciling of single user Che ( #432 )
2020-09-08 16:23:30 +03:00
aeef0ef21a
Make additional requiest for test route certs if first one fails without proxy ( #424 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-09-02 11:53:51 +03:00
8ebde182a0
Add more checks to tls certificates into che configmap ( #425 )
...
* Add more checks to tls certificates into che configmap
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-09-02 11:02:41 +03:00
4d77be4117
Add server TLS key and cert into Che configmap if a separate namespace for Che workspaces is configured ( #421 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-08-31 14:23:35 +03:00
ed6594528c
Create a general deployContext to pass to all functions
...
Signed-off-by: Flavius Lacatusu <flacatus@redhat.com>
2020-08-27 11:30:20 +02:00
4c138d82b8
Do not use proxy settings for test route while getting cluster CA certificate ( #409 )
...
Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
2020-08-19 17:10:49 +03:00
611738366f
don't set probes when debug=true ( #399 )
...
Signed-off-by: Michal Vala <mvala@redhat.com>
2020-08-13 14:31:39 +02:00
bcf77d451b
Allow to customize cheHost ( #380 )
...
* Allow to customize cheHost
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-08-12 11:21:01 +03:00
68764c888d
Use architecture dependent images ( #398 )
...
* Use architecture dependent images
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-08-10 09:01:22 +03:00
08c51a4e11
Ignore the error if test route already exists ( #383 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-08-04 14:39:43 +03:00
9ed6e3789e
Remove secrets when checluster is removed ( #379 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-08-03 10:59:53 +03:00
c64d61faf4
Allow to use external PostgreSQL ( #371 )
...
* Allow to use exteranl PostgreSQL
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-07-30 09:06:27 +03:00
006304de41
Update the configmap property name ( #356 )
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2020-07-23 14:21:09 +03:00
26c69782bd
Use the default ingress strategy if there is no value in CR ( #346 )
...
Signed-off-by: Anatoliy Bazko <abazko@redhat.com>
2020-07-16 11:16:02 +03:00
96916bb790
Add truststore config map name to che config map ( #344 )
...
Signed-off-by: Anatoliy Bazko <abazko@redhat.com>
2020-07-15 18:39:32 +03:00
b193773469
Fix deployment Eclipse Che with single-host strategy ( #341 )
...
* Fix deployment Eclipse Che with single-host strategy
Signed-off-by: Anatoliy Bazko <abazko@redhat.com>
2020-07-15 16:20:44 +03:00
ec7e316c2e
Added test check
2020-07-09 09:31:40 +03:00
Anatolii Bazko