seg_yinzy
/
che-operator
mirror of https://github.com/eclipse-che/che-operator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
che-operator/deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che...

5002 lines
363 KiB
YAML
Raw Blame History

#
# Copyright (c) 2019-2022 Red Hat, Inc.
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
# Contributors:
# Red Hat, Inc. - initial API and implementation
#
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: eclipse-che/che-operator-serving-cert
controller-gen.kubebuilder.io/version: v0.7.0
labels:
app.kubernetes.io/instance: che
app.kubernetes.io/name: che
app.kubernetes.io/part-of: che.eclipse.org
name: checlusters.org.eclipse.che
spec:
conversion:
strategy: Webhook
webhook:
clientConfig:
service:
name: che-operator-service
namespace: eclipse-che
path: /convert
conversionReviewVersions:
- v1
- v2
group: org.eclipse.che
names:
kind: CheCluster
listKind: CheClusterList
plural: checlusters
singular: checluster
scope: Namespaced
versions:
- deprecated: true
deprecationWarning: org.eclipse.che/v1 CheCluster is deprecated and will be removed in future releases
name: v1
schema:
openAPIV3Schema:
description: The `CheCluster` custom resource allows defining and managing a Che server installation
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Desired configuration of the Che installation. Based on these settings, the Operator automatically creates and maintains several ConfigMaps that will contain the appropriate environment variables the various components of the Che installation. These generated ConfigMaps must NOT be updated manually.
properties:
auth:
description: Configuration settings related to the Authentication used by the Che installation.
properties:
debug:
description: Deprecated. The value of this flag is ignored. Debug internal identity provider.
type: boolean
externalIdentityProvider:
description: 'Deprecated. The value of this flag is ignored. Instructs the Operator on whether or not to deploy a dedicated Identity Provider (Keycloak or RH SSO instance). Instructs the Operator on whether to deploy a dedicated Identity Provider (Keycloak or RH-SSO instance). By default, a dedicated Identity Provider server is deployed as part of the Che installation. When `externalIdentityProvider` is `true`, no dedicated identity provider will be deployed by the Operator and you will need to provide details about the external identity provider you are about to use. See also all the other fields starting with: `identityProvider`.'
type: boolean
gatewayAuthenticationSidecarImage:
description: Gateway sidecar responsible for authentication when NativeUserMode is enabled. See link:https://github.com/oauth2-proxy/oauth2-proxy[oauth2-proxy] or link:https://github.com/openshift/oauth-proxy[openshift/oauth-proxy].
type: string
gatewayAuthorizationSidecarImage:
description: Gateway sidecar responsible for authorization when NativeUserMode is enabled. See link:https://github.com/brancz/kube-rbac-proxy[kube-rbac-proxy] or link:https://github.com/openshift/kube-rbac-proxy[openshift/kube-rbac-proxy]
type: string
gatewayConfigBumpEnv:
description: List of environment variables to set in the Configbump container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
gatewayEnv:
description: List of environment variables to set in the Gateway container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
gatewayHeaderRewriteSidecarImage:
description: Deprecated. The value of this flag is ignored. Sidecar functionality is now implemented in Traefik plugin.
type: string
gatewayKubeRbacProxyEnv:
description: List of environment variables to set in the Kube rbac proxy container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
gatewayOAuthProxyEnv:
description: List of environment variables to set in the OAuth proxy container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
identityProviderAdminUserName:
description: Deprecated. The value of this flag is ignored. Overrides the name of the Identity Provider administrator user. Defaults to `admin`.
type: string
identityProviderClientId:
description: Deprecated. The value of this flag is ignored. Name of a Identity provider, Keycloak or RH-SSO, `client-id` that is used for Che. Override this when an external Identity Provider is in use. See the `externalIdentityProvider` field. When omitted or left blank, it is set to the value of the `flavour` field suffixed with `-public`.
type: string
identityProviderContainerResources:
description: Deprecated. The value of this flag is ignored. Identity provider container custom settings.
properties:
limits:
description: Limits describes the maximum amount of compute resources allowed.
properties:
cpu:
description: CPU, in cores. (500m = .5 cores)
type: string
memory:
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
type: string
type: object
request:
description: Requests describes the minimum amount of compute resources required.
properties:
cpu:
description: CPU, in cores. (500m = .5 cores)
type: string
memory:
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
type: string
type: object
type: object
identityProviderImage:
description: Deprecated. The value of this flag is ignored. Overrides the container image used in the Identity Provider, Keycloak or RH-SSO, deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
identityProviderImagePullPolicy:
description: Deprecated. The value of this flag is ignored. Overrides the image pull policy used in the Identity Provider, Keycloak or RH-SSO, deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
identityProviderIngress:
description: Deprecated. The value of this flag is ignored. Ingress custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
identityProviderPassword:
description: Deprecated. The value of this flag is ignored. Overrides the password of Keycloak administrator user. Override this when an external Identity Provider is in use. See the `externalIdentityProvider` field. When omitted or left blank, it is set to an auto-generated password.
type: string
identityProviderPostgresPassword:
description: Deprecated. The value of this flag is ignored. Password for a Identity Provider, Keycloak or RH-SSO, to connect to the database. Override this when an external Identity Provider is in use. See the `externalIdentityProvider` field. When omitted or left blank, it is set to an auto-generated password.
type: string
identityProviderPostgresSecret:
description: 'Deprecated. The value of this flag is ignored. The secret that contains `password` for the Identity Provider, Keycloak or RH-SSO, to connect to the database. When the secret is defined, the `identityProviderPostgresPassword` is ignored. When the value is omitted or left blank, the one of following scenarios applies: 1. `identityProviderPostgresPassword` is defined, then it will be used to connect to the database. 2. `identityProviderPostgresPassword` is not defined, then a new secret with the name `che-identity-postgres-secret` will be created with an auto-generated value for `password`. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` label.'
type: string
identityProviderRealm:
description: Deprecated. The value of this flag is ignored. Name of a Identity provider, Keycloak or RH-SSO, realm that is used for Che. Override this when an external Identity Provider is in use. See the `externalIdentityProvider` field. When omitted or left blank, it is set to the value of the `flavour` field.
type: string
identityProviderRoute:
description: Deprecated. The value of this flag is ignored. Route custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
domain:
description: 'Operator uses the domain to generate a hostname for a route. In a conjunction with labels it creates a route, which is served by a non-default Ingress controller. The generated host name will follow this pattern: `<route-name>-<route-namespace>.<domain>`.'
type: string
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
identityProviderSecret:
description: 'Deprecated. The value of this flag is ignored. The secret that contains `user` and `password` for Identity Provider. When the secret is defined, the `identityProviderAdminUserName` and `identityProviderPassword` are ignored. When the value is omitted or left blank, the one of following scenarios applies: 1. `identityProviderAdminUserName` and `identityProviderPassword` are defined, then they will be used. 2. `identityProviderAdminUserName` or `identityProviderPassword` are not defined, then a new secret with the name `che-identity-secret` will be created with default value `admin` for `user` and with an auto-generated value for `password`. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` label.'
type: string
identityProviderURL:
description: Public URL of the Identity Provider server (Keycloak / RH-SSO server). Set this ONLY when a use of an external Identity Provider is needed. See the `externalIdentityProvider` field. By default, this will be automatically calculated and set by the Operator.
type: string
identityToken:
description: 'Identity token to be passed to upstream. There are two types of tokens supported: `id_token` and `access_token`. Default value is `id_token`. This field is specific to Che installations made for Kubernetes only and ignored for OpenShift.'
type: string
initialOpenShiftOAuthUser:
description: Deprecated. The value of this flag is ignored. For operating with the OpenShift OAuth authentication, create a new user account since the kubeadmin can not be used. If the value is true, then a new OpenShift OAuth user will be created for the HTPasswd identity provider. If the value is false and the user has already been created, then it will be removed. If value is an empty, then do nothing. The user's credentials are stored in the `openshift-oauth-user-credentials` secret in 'openshift-config' namespace by Operator. Note that this solution is Openshift 4 platform-specific.
type: boolean
nativeUserMode:
description: Deprecated. The value of this flag is ignored. Enables native user mode. Currently works only on OpenShift and DevWorkspace engine. Native User mode uses OpenShift OAuth directly as identity provider, without Keycloak.
type: boolean
oAuthClientName:
description: Name of the OpenShift `OAuthClient` resource used to setup identity federation on the OpenShift side. Auto-generated when left blank. See also the `OpenShiftoAuth` field.
type: string
oAuthScope:
description: Access Token Scope. This field is specific to Che installations made for Kubernetes only and ignored for OpenShift.
type: string
oAuthSecret:
description: Name of the secret set in the OpenShift `OAuthClient` resource used to setup identity federation on the OpenShift side. Auto-generated when left blank. See also the `OAuthClientName` field.
type: string
openShiftoAuth:
description: 'Deprecated. The value of this flag is ignored. Enables the integration of the identity provider (Keycloak / RHSSO) with OpenShift OAuth. Empty value on OpenShift by default. This will allow users to directly login with their OpenShift user through the OpenShift login, and have their workspaces created under personal OpenShift namespaces. WARNING: the `kubeadmin` user is NOT supported, and logging through it will NOT allow accessing the Che Dashboard.'
type: boolean
updateAdminPassword:
description: Deprecated. The value of this flag is ignored. Forces the default `admin` Che user to update password on first login. Defaults to `false`.
type: boolean
type: object
dashboard:
description: Configuration settings related to the User Dashboard used by the Che installation.
properties:
warning:
description: Warning message that will be displayed on the User Dashboard
type: string
type: object
database:
description: Configuration settings related to the database used by the Che installation.
properties:
chePostgresContainerResources:
description: PostgreSQL container custom settings
properties:
limits:
description: Limits describes the maximum amount of compute resources allowed.
properties:
cpu:
description: CPU, in cores. (500m = .5 cores)
type: string
memory:
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
type: string
type: object
request:
description: Requests describes the minimum amount of compute resources required.
properties:
cpu:
description: CPU, in cores. (500m = .5 cores)
type: string
memory:
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
type: string
type: object
type: object
chePostgresDb:
description: PostgreSQL database name that the Che server uses to connect to the DB. Defaults to `dbche`.
type: string
chePostgresHostName:
description: PostgreSQL Database host name that the Che server uses to connect to. Defaults is `postgres`. Override this value ONLY when using an external database. See field `externalDb`. In the default case it will be automatically set by the Operator.
type: string
chePostgresPassword:
description: PostgreSQL password that the Che server uses to connect to the DB. When omitted or left blank, it will be set to an automatically generated value.
type: string
chePostgresPort:
description: PostgreSQL Database port that the Che server uses to connect to. Defaults to 5432. Override this value ONLY when using an external database. See field `externalDb`. In the default case it will be automatically set by the Operator.
type: string
chePostgresSecret:
description: 'The secret that contains PostgreSQL`user` and `password` that the Che server uses to connect to the DB. When the secret is defined, the `chePostgresUser` and `chePostgresPassword` are ignored. When the value is omitted or left blank, the one of following scenarios applies: 1. `chePostgresUser` and `chePostgresPassword` are defined, then they will be used to connect to the DB. 2. `chePostgresUser` or `chePostgresPassword` are not defined, then a new secret with the name `postgres-credentials` will be created with default value of `pgche` for `user` and with an auto-generated value for `password`. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` label.'
type: string
chePostgresUser:
description: PostgreSQL user that the Che server uses to connect to the DB. Defaults to `pgche`.
type: string
externalDb:
description: 'Instructs the Operator on whether to deploy a dedicated database. By default, a dedicated PostgreSQL database is deployed as part of the Che installation. When `externalDb` is `true`, no dedicated database will be deployed by the Operator and you will need to provide connection details to the external DB you are about to use. See also all the fields starting with: `chePostgres`.'
type: boolean
postgresEnv:
description: List of environment variables to set in the PostgreSQL container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
postgresImage:
description: Overrides the container image used in the PostgreSQL database deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
postgresImagePullPolicy:
description: Overrides the image pull policy used in the PostgreSQL database deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
postgresVersion:
description: 'Indicates a PostgreSQL version image to use. Allowed values are: `9.6` and `13.3`. Migrate your PostgreSQL database to switch from one version to another.'
type: string
pvcClaimSize:
description: Size of the persistent volume claim for database. Defaults to `1Gi`. To update pvc storageclass that provisions it must support resize when Eclipse Che has been already deployed.
type: string
type: object
devWorkspace:
description: DevWorkspace operator configuration
properties:
controllerImage:
description: Overrides the container image used in the DevWorkspace controller deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
enable:
description: Deploys the DevWorkspace Operator in the cluster. Does nothing when a matching version of the Operator is already installed. Fails when a non-matching version of the Operator is already installed.
type: boolean
env:
description: List of environment variables to set in the DevWorkspace container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
runningLimit:
description: Maximum number of the running workspaces per user.
type: string
secondsOfInactivityBeforeIdling:
default: 1800
description: Idle timeout for workspaces in seconds. This timeout is the duration after which a workspace will be idled if there is no activity. To disable workspace idling due to inactivity, set this value to -1.
format: int32
type: integer
secondsOfRunBeforeIdling:
default: -1
description: Run timeout for workspaces in seconds. This timeout is the maximum duration a workspace runs. To disable workspace run timeout, set this value to -1.
format: int32
type: integer
required:
- enable
type: object
gitServices:
description: A configuration that allows users to work with remote Git repositories.
properties:
bitbucket:
description: Enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted).
items:
description: BitBucketService enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted).
properties:
endpoint:
default: https://bitbucket.org
description: Bitbucket server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application link consumer key and Bitbucket Application link shared secret must be stored in `private.key`, `consumer.key` and `shared_secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer secret must be stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.'
type: string
required:
- secretName
type: object
type: array
github:
description: Enables users to work with repositories hosted on GitHub (github.com or GitHub Enterprise).
items:
description: GitHubService enables users to work with repositories hosted on GitHub (GitHub.com or GitHub Enterprise).
properties:
endpoint:
default: https://github.com
description: GitHub server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret, that stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.'
type: string
required:
- endpoint
- secretName
type: object
type: array
gitlab:
description: Enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted).
items:
description: GitLabService enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted).
properties:
endpoint:
default: https://gitlab.com
description: GitLab server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret, that stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.'
type: string
required:
- endpoint
- secretName
type: object
type: array
type: object
imagePuller:
description: Kubernetes Image Puller configuration
properties:
enable:
description: Install and configure the Community Supported Kubernetes Image Puller Operator. When set to `true` and no spec is provided, it will create a default KubernetesImagePuller object to be managed by the Operator. When set to `false`, the KubernetesImagePuller object will be deleted, and the Operator will be uninstalled, regardless of whether a spec is provided. If the `spec.images` field is empty, a set of recommended workspace-related images will be automatically detected and pre-pulled after installation. Note that while this Operator and its behavior is community-supported, its payload may be commercially-supported for pulling commercially-supported images.
type: boolean
spec:
description: A KubernetesImagePullerSpec to configure the image puller in the CheCluster
properties:
affinity:
type: string
cachingCPULimit:
type: string
cachingCPURequest:
type: string
cachingIntervalHours:
type: string
cachingMemoryLimit:
type: string
cachingMemoryRequest:
type: string
configMapName:
type: string
daemonsetName:
type: string
deploymentName:
type: string
imagePullSecrets:
type: string
imagePullerImage:
type: string
images:
type: string
nodeSelector:
type: string
type: object
required:
- enable
type: object
k8s:
description: Configuration settings specific to Che installations made on upstream Kubernetes.
properties:
ingressClass:
description: 'Ingress class that will define the which controller will manage ingresses. Defaults to `nginx`. NB: This drives the `kubernetes.io/ingress.class` annotation on Che-related ingresses.'
type: string
ingressDomain:
description: 'Global ingress domain for a Kubernetes cluster. This MUST be explicitly specified: there are no defaults.'
type: string
ingressStrategy:
description: 'Deprecated. The value of this flag is ignored. Strategy for ingress creation. Options are: `multi-host` (host is explicitly provided in ingress), `single-host` (host is provided, path-based rules) and `default-host` (no host is provided, path-based rules). Defaults to `multi-host` Deprecated in favor of `serverExposureStrategy` in the `server` section, which defines this regardless of the cluster type. When both are defined, the `serverExposureStrategy` option takes precedence.'
type: string
securityContextFsGroup:
description: The FSGroup in which the Che Pod and workspace Pods containers runs in. Default value is `1724`.
type: string
securityContextRunAsUser:
description: ID of the user the Che Pod and workspace Pods containers run as. Default value is `1724`.
type: string
singleHostExposureType:
description: Deprecated. The value of this flag is ignored. When the serverExposureStrategy is set to `single-host`, the way the server, registries and workspaces are exposed is further configured by this property. The possible values are `native`, which means that the server and workspaces are exposed using ingresses on K8s or `gateway` where the server and workspaces are exposed using a custom gateway based on link:https://doc.traefik.io/traefik/[Traefik]. All the endpoints whether backed by the ingress or gateway `route` always point to the subpaths on the same domain. Defaults to `native`.
type: string
tlsSecretName:
description: Name of a secret that will be used to setup ingress TLS termination when TLS is enabled. When the field is empty string, the default cluster certificate will be used. See also the `tlsSupport` field.
type: string
type: object
metrics:
description: Configuration settings related to the metrics collection used by the Che installation.
properties:
enable:
description: Enables `metrics` the Che server endpoint. Default to `true`.
type: boolean
type: object
server:
description: General configuration settings related to the Che server, the plugin and devfile registries
properties:
airGapContainerRegistryHostname:
description: Optional host name, or URL, to an alternate container registry to pull images from. This value overrides the container registry host name defined in all the default container images involved in a Che deployment. This is particularly useful to install Che in a restricted environment.
type: string
airGapContainerRegistryOrganization:
description: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful to install Eclipse Che in a restricted environment.
type: string
allowAutoProvisionUserNamespace:
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
type: boolean
allowUserDefinedWorkspaceNamespaces:
description: Deprecated. The value of this flag is ignored. Defines that a user is allowed to specify a Kubernetes namespace, or an OpenShift project, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
type: boolean
cheClusterRoles:
description: A comma-separated list of ClusterRoles that will be assigned to Che ServiceAccount. Each role must have `app.kubernetes.io/part-of=che.eclipse.org` label. Be aware that the Che Operator has to already have all permissions in these ClusterRoles to grant them.
type: string
cheDebug:
description: Enables the debug mode for Che server. Defaults to `false`.
type: string
cheFlavor:
description: Deprecated. The value of this flag is ignored. Specifies a variation of the installation. The options are `che` for upstream Che installations or `devspaces` for Red Hat OpenShift Dev Spaces (formerly Red Hat CodeReady Workspaces) installation
type: string
cheHost:
description: Public host name of the installed Che server. When value is omitted, the value it will be automatically set by the Operator. See the `cheHostTLSSecret` field.
type: string
cheHostTLSSecret:
description: Name of a secret containing certificates to secure ingress or route for the custom host name of the installed Che server. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` label. See the `cheHost` field.
type: string
cheImage:
description: Overrides the container image used in Che deployment. This does NOT include the container image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
cheImagePullPolicy:
description: Overrides the image pull policy used in Che deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
cheImageTag:
description: Overrides the tag of the container image used in Che deployment. Omit it or leave it empty to use the default image tag provided by the Operator.
type: string
cheLogLevel:
description: 'Log level for the Che server: `INFO` or `DEBUG`. Defaults to `INFO`.'
type: string
cheServerEnv:
description: List of environment variables to set in the Che server container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
cheServerIngress:
description: The Che server ingress custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
cheServerRoute:
description: The Che server route custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
domain:
description: 'Operator uses the domain to generate a hostname for a route. In a conjunction with labels it creates a route, which is served by a non-default Ingress controller. The generated host name will follow this pattern: `<route-name>-<route-namespace>.<domain>`.'
type: string
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
cheWorkspaceClusterRole:
description: Custom cluster role bound to the user for the Che workspaces. The role must have `app.kubernetes.io/part-of=che.eclipse.org` label. The default roles are used when omitted or left blank.
type: string
customCheProperties:
additionalProperties:
type: string
description: Map of additional environment variables that will be applied in the generated `che` ConfigMap to be used by the Che server, in addition to the values already generated from other fields of the `CheCluster` custom resource (CR). When `customCheProperties` contains a property that would be normally generated in `che` ConfigMap from other CR fields, the value defined in the `customCheProperties` is used instead.
type: object
dashboardCpuLimit:
description: Overrides the CPU limit used in the dashboard deployment. In cores. (500m = .5 cores). Default to 500m.
type: string
dashboardCpuRequest:
description: Overrides the CPU request used in the dashboard deployment. In cores. (500m = .5 cores). Default to 100m.
type: string
dashboardEnv:
description: List of environment variables to set in the dashboard container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
dashboardImage:
description: Overrides the container image used in the dashboard deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
dashboardImagePullPolicy:
description: Overrides the image pull policy used in the dashboard deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
dashboardIngress:
description: Deprecated. The value of this flag is ignored. Dashboard ingress custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
dashboardMemoryLimit:
description: Overrides the memory limit used in the dashboard deployment. Defaults to 256Mi.
type: string
dashboardMemoryRequest:
description: Overrides the memory request used in the dashboard deployment. Defaults to 16Mi.
type: string
dashboardRoute:
description: Deprecated. The value of this flag is ignored. Dashboard route custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
domain:
description: 'Operator uses the domain to generate a hostname for a route. In a conjunction with labels it creates a route, which is served by a non-default Ingress controller. The generated host name will follow this pattern: `<route-name>-<route-namespace>.<domain>`.'
type: string
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
devfileRegistryCpuLimit:
description: Overrides the CPU limit used in the devfile registry deployment. In cores. (500m = .5 cores). Default to 500m.
type: string
devfileRegistryCpuRequest:
description: Overrides the CPU request used in the devfile registry deployment. In cores. (500m = .5 cores). Default to 100m.
type: string
devfileRegistryEnv:
description: List of environment variables to set in the plugin registry container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
devfileRegistryImage:
description: Overrides the container image used in the devfile registry deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
devfileRegistryIngress:
description: Deprecated. The value of this flag is ignored. The devfile registry ingress custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
devfileRegistryMemoryLimit:
description: Overrides the memory limit used in the devfile registry deployment. Defaults to 256Mi.
type: string
devfileRegistryMemoryRequest:
description: Overrides the memory request used in the devfile registry deployment. Defaults to 16Mi.
type: string
devfileRegistryPullPolicy:
description: Overrides the image pull policy used in the devfile registry deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
devfileRegistryRoute:
description: Deprecated. The value of this flag is ignored. The devfile registry route custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
domain:
description: 'Operator uses the domain to generate a hostname for a route. In a conjunction with labels it creates a route, which is served by a non-default Ingress controller. The generated host name will follow this pattern: `<route-name>-<route-namespace>.<domain>`.'
type: string
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
devfileRegistryUrl:
description: Deprecated in favor of `externalDevfileRegistries` fields.
type: string
disableInternalClusterSVCNames:
description: Deprecated. The value of this flag is ignored. Disable internal cluster SVC names usage to communicate between components to speed up the traffic and avoid proxy issues.
type: boolean
externalDevfileRegistries:
description: External devfile registries, that serves sample, ready-to-use devfiles. Configure this in addition to a dedicated devfile registry (when `externalDevfileRegistry` is `false`) or instead of it (when `externalDevfileRegistry` is `true`)
items:
description: Settings for a configuration of the external devfile registries.
properties:
url:
description: Public URL of the devfile registry.
type: string
type: object
type: array
externalDevfileRegistry:
description: Instructs the Operator on whether to deploy a dedicated devfile registry server. By default, a dedicated devfile registry server is started. When `externalDevfileRegistry` is `true`, no such dedicated server will be started by the Operator and configure at least one devfile registry with `externalDevfileRegistries` field.
type: boolean
externalPluginRegistry:
description: Instructs the Operator on whether to deploy a dedicated plugin registry server. By default, a dedicated plugin registry server is started. When `externalPluginRegistry` is `true`, no such dedicated server will be started by the Operator and you will have to manually set the `pluginRegistryUrl` field.
type: boolean
gitSelfSignedCert:
description: When enabled, the certificate from `che-git-self-signed-cert` ConfigMap will be propagated to the Che components and provide particular configuration for Git. Note, the `che-git-self-signed-cert` ConfigMap must have `app.kubernetes.io/part-of=che.eclipse.org` label.
type: boolean
nonProxyHosts:
description: 'List of hosts that will be reached directly, bypassing the proxy. Specify wild card domain use the following form `.<DOMAIN>` and `|` as delimiter, for example: `localhost|.my.host.com|123.42.12.32` Only use when configuring a proxy is required. Operator respects OpenShift cluster wide proxy configuration and no additional configuration is required, but defining `nonProxyHosts` in a custom resource leads to merging non proxy hosts lists from the cluster proxy configuration and ones defined in the custom resources. See the doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. See also the `proxyURL` fields.'
type: string
openVSXRegistryURL:
description: Open VSX registry URL. If omitted an embedded instance will be used.
type: string
pluginRegistryCpuLimit:
description: Overrides the CPU limit used in the plugin registry deployment. In cores. (500m = .5 cores). Default to 500m.
type: string
pluginRegistryCpuRequest:
description: Overrides the CPU request used in the plugin registry deployment. In cores. (500m = .5 cores). Default to 100m.
type: string
pluginRegistryEnv:
description: List of environment variables to set in the devfile registry container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
pluginRegistryImage:
description: Overrides the container image used in the plugin registry deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
pluginRegistryIngress:
description: Deprecated. The value of this flag is ignored. Plugin registry ingress custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
pluginRegistryMemoryLimit:
description: Overrides the memory limit used in the plugin registry deployment. Defaults to 1536Mi.
type: string
pluginRegistryMemoryRequest:
description: Overrides the memory request used in the plugin registry deployment. Defaults to 16Mi.
type: string
pluginRegistryPullPolicy:
description: Overrides the image pull policy used in the plugin registry deployment. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
type: string
pluginRegistryRoute:
description: Deprecated. The value of this flag is ignored. Plugin registry route custom settings.
properties:
annotations:
additionalProperties:
type: string
description: Unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata.
type: object
domain:
description: 'Operator uses the domain to generate a hostname for a route. In a conjunction with labels it creates a route, which is served by a non-default Ingress controller. The generated host name will follow this pattern: `<route-name>-<route-namespace>.<domain>`.'
type: string
labels:
description: Comma separated list of labels that can be used to organize and categorize objects by scoping and selecting.
type: string
type: object
pluginRegistryUrl:
description: Public URL of the plugin registry that serves sample ready-to-use devfiles. Set this ONLY when a use of an external devfile registry is needed. See the `externalPluginRegistry` field. By default, this will be automatically calculated by the Operator.
type: string
proxyPassword:
description: Password of the proxy server. Only use when proxy configuration is required. See the `proxyURL`, `proxyUser` and `proxySecret` fields.
type: string
proxyPort:
description: Port of the proxy server. Only use when configuring a proxy is required. See also the `proxyURL` and `nonProxyHosts` fields.
type: string
proxySecret:
description: The secret that contains `user` and `password` for a proxy server. When the secret is defined, the `proxyUser` and `proxyPassword` are ignored. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` label.
type: string
proxyURL:
description: URL (protocol+host name) of the proxy server. This drives the appropriate changes in the `JAVA_OPTS` and `https(s)_proxy` variables in the Che server and workspaces containers. Only use when configuring a proxy is required. Operator respects OpenShift cluster wide proxy configuration and no additional configuration is required, but defining `proxyUrl` in a custom resource leads to overrides the cluster proxy configuration with fields `proxyUrl`, `proxyPort`, `proxyUser` and `proxyPassword` from the custom resource. See the doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. See also the `proxyPort` and `nonProxyHosts` fields.
type: string
proxyUser:
description: User name of the proxy server. Only use when configuring a proxy is required. See also the `proxyURL`, `proxyPassword` and `proxySecret` fields.
type: string
selfSignedCert:
description: Deprecated. The value of this flag is ignored. The Che Operator will automatically detect whether the router certificate is self-signed and propagate it to other components, such as the Che server.
type: boolean
serverCpuLimit:
description: Overrides the CPU limit used in the Che server deployment In cores. (500m = .5 cores). Default to 1.
type: string
serverCpuRequest:
description: Overrides the CPU request used in the Che server deployment In cores. (500m = .5 cores). Default to 100m.
type: string
serverExposureStrategy:
description: Deprecated. The value of this flag is ignored. Sets the server and workspaces exposure type. Possible values are `multi-host`, `single-host`, `default-host`. Defaults to `multi-host`, which creates a separate ingress, or OpenShift routes, for every required endpoint. `single-host` makes Che exposed on a single host name with workspaces exposed on subpaths. Read the docs to learn about the limitations of this approach. Also consult the `singleHostExposureType` property to further configure how the Operator and the Che server make that happen on Kubernetes. `default-host` exposes the Che server on the host of the cluster. Read the docs to learn about the limitations of this approach.
type: string
serverMemoryLimit:
description: Overrides the memory limit used in the Che server deployment. Defaults to 1Gi.
type: string
serverMemoryRequest:
description: Overrides the memory request used in the Che server deployment. Defaults to 512Mi.
type: string
serverTrustStoreConfigMapName:
description: Name of the ConfigMap with public certificates to add to Java trust store of the Che server. This is often required when adding the OpenShift OAuth provider, which has HTTPS endpoint signed with self-signed cert. The Che server must be aware of its CA cert to be able to request it. This is disabled by default. The Config Map must have `app.kubernetes.io/part-of=che.eclipse.org` label.
type: string
singleHostGatewayConfigMapLabels:
additionalProperties:
type: string
description: The labels that need to be present in the ConfigMaps representing the gateway configuration.
type: object
singleHostGatewayConfigSidecarImage:
description: The image used for the gateway sidecar that provides configuration to the gateway. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
singleHostGatewayImage:
description: The image used for the gateway in the single host mode. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
tlsSupport:
description: Deprecated. Instructs the Operator to deploy Che in TLS mode. This is enabled by default. Disabling TLS sometimes cause malfunction of some Che components.
type: boolean
useInternalClusterSVCNames:
description: Deprecated in favor of `disableInternalClusterSVCNames`.
type: boolean
workspaceDefaultComponents:
default:
- container:
image: quay.io/devfile/universal-developer-image:ubi8-38da5c2
name: universal-developer-image
description: Default components applied to DevWorkspaces. These default components are meant to be used when a Devfile does not contain any components.
items:
properties:
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
componentType:
description: Type of component
enum:
- Container
- Kubernetes
- Openshift
- Volume
- Image
- Plugin
- Custom
type: string
container:
description: Allows adding and configuring devworkspace-related containers
properties:
annotation:
description: Annotations that should be added to specific resources for this container
properties:
deployment:
additionalProperties:
type: string
description: Annotations to be added to deployment
type: object
service:
additionalProperties:
type: string
description: Annotations to be added to service
type: object
type: object
args:
description: "The arguments to supply to the command running the dockerimage component. The arguments are supplied either to the default command provided in the image or to the overridden command. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
command:
description: "The command to run in the dockerimage component instead of the default one provided in the image. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
cpuLimit:
type: string
cpuRequest:
type: string
dedicatedPod:
description: "Specify if a container should run in its own separated pod, instead of running as part of the main development environment pod. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
env:
description: "Environment variables used in this container. \n The following variables are reserved and cannot be overridden via env: \n - `$PROJECTS_ROOT` \n - `$PROJECT_SOURCE`"
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
image:
type: string
memoryLimit:
type: string
memoryRequest:
type: string
mountSources:
description: "Toggles whether or not the project source code should be mounted in the component. \n Defaults to true for all component types except plugins and components that set `dedicatedPod` to true."
type: boolean
sourceMapping:
default: /projects
description: Optional specification of the path in the container where project sources should be transferred/mounted when `mountSources` is `true`. When omitted, the default value of /projects is used.
type: string
volumeMounts:
description: List of volumes mounts that should be mounted is this container.
items:
description: Volume that should be mounted to a component container
properties:
name:
description: The volume mount name is the name of an existing `Volume` component. If several containers mount the same volume name then they will reuse the same volume and will be able to access to the same files.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: The path in the component container where the volume should be mounted. If not path is mentioned, default path is the is `/<name>`.
type: string
required:
- name
type: object
type: array
required:
- image
type: object
custom:
description: Custom component whose logic is implementation-dependant and should be provided by the user possibly through some dedicated controller
properties:
componentClass:
description: Class of component that the associated implementation controller should use to process this command with the appropriate logic
type: string
embeddedResource:
description: Additional free-form configuration for this custom component that the implementation controller will know how to use
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
required:
- componentClass
- embeddedResource
type: object
image:
description: Allows specifying the definition of an image for outer loop builds
properties:
autoBuild:
description: "Defines if the image should be built during startup. \n Default value is `false`"
type: boolean
dockerfile:
description: Allows specifying dockerfile type build
properties:
args:
description: The arguments to supply to the dockerfile build.
items:
type: string
type: array
buildContext:
description: Path of source directory to establish build context. Defaults to ${PROJECT_SOURCE} in the container
type: string
devfileRegistry:
description: Dockerfile's Devfile Registry source
properties:
id:
description: Id in a devfile registry that contains a Dockerfile. The src in the OCI registry required for the Dockerfile build will be downloaded for building the image.
type: string
registryUrl:
description: Devfile Registry URL to pull the Dockerfile from when using the Devfile Registry as Dockerfile src. To ensure the Dockerfile gets resolved consistently in different environments, it is recommended to always specify the `devfileRegistryUrl` when `Id` is used.
type: string
required:
- id
type: object
git:
description: Dockerfile's Git source
properties:
checkoutFrom:
description: Defines from what the project should be checked out. Required if there are more than one remote configured
properties:
remote:
description: The remote name should be used as init. Required if there are more than one remote configured
type: string
revision:
description: The revision to checkout from. Should be branch name, tag or commit id. Default branch is used if missing or specified revision is not found.
type: string
type: object
fileLocation:
description: Location of the Dockerfile in the Git repository when using git as Dockerfile src. Defaults to Dockerfile.
type: string
remotes:
additionalProperties:
type: string
description: The remotes map which should be initialized in the git project. Projects must have at least one remote configured while StarterProjects & Image Component's Git source can only have at most one remote configured.
type: object
required:
- remotes
type: object
rootRequired:
description: "Specify if a privileged builder pod is required. \n Default value is `false`"
type: boolean
srcType:
description: Type of Dockerfile src
enum:
- Uri
- DevfileRegistry
- Git
type: string
uri:
description: URI Reference of a Dockerfile. It can be a full URL or a relative URI from the current devfile as the base URI.
type: string
type: object
imageName:
description: Name of the image for the resulting outerloop build
type: string
imageType:
description: Type of image
enum:
- Dockerfile
type: string
required:
- imageName
type: object
kubernetes:
description: Allows importing into the devworkspace the Kubernetes resources defined in a given manifest. For example this allows reusing the Kubernetes definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
name:
description: Mandatory name that allows referencing the component from other elements (such as commands) or from an external devfile that may reference this component through a parent or a plugin.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
openshift:
description: Allows importing into the devworkspace the OpenShift resources defined in a given manifest. For example this allows reusing the OpenShift definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
plugin:
description: "Allows importing a plugin. \n Plugins are mainly imported devfiles that contribute components, commands and events as a consistent single unit. They are defined in either YAML files following the devfile syntax, or as `DevWorkspaceTemplate` Kubernetes Custom Resources"
properties:
commands:
description: Overrides of commands encapsulated in a parent devfile or a plugin. Overriding is done according to K8S strategic merge patch standard rules.
items:
properties:
apply:
description: "Command that consists in applying a given component definition, typically bound to a devworkspace event. \n For example, when an `apply` command is bound to a `preStart` event, and references a `container` component, it will start the container as a K8S initContainer in the devworkspace POD, unless the component has its `dedicatedPod` field set to `true`. \n When no `apply` command exist for a given component, it is assumed the component will be applied at devworkspace start by default, unless `deployByDefault` for that component is set to false."
properties:
component:
description: Describes component that will be applied
type: string
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
type: object
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
commandType:
description: Type of devworkspace command
enum:
- Exec
- Apply
- Composite
type: string
composite:
description: Composite command that allows executing several sub-commands either sequentially or concurrently
properties:
commands:
description: The commands that comprise this composite command
items:
type: string
type: array
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
parallel:
description: Indicates if the sub-commands should be executed concurrently
type: boolean
type: object
exec:
description: CLI Command executed in an existing component container
properties:
commandLine:
description: "The actual command-line string \n Special variables that can be used: \n - `$PROJECTS_ROOT`: A path where projects sources are mounted as defined by container component's sourceMapping. \n - `$PROJECT_SOURCE`: A path to a project source ($PROJECTS_ROOT/<project-name>). If there are multiple projects, this will point to the directory of the first one."
type: string
component:
description: Describes component to which given action relates
type: string
env:
description: Optional list of environment variables that have to be set before running the command
items:
properties:
name:
type: string
value:
type: string
required:
- name
type: object
type: array
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
hotReloadCapable:
description: "Whether the command is capable to reload itself when source code changes. If set to `true` the command won't be restarted and it is expected to handle file changes on its own. \n Default value is `false`"
type: boolean
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
workingDir:
description: "Working directory where the command should be executed \n Special variables that can be used: \n - `$PROJECTS_ROOT`: A path where projects sources are mounted as defined by container component's sourceMapping. \n - `$PROJECT_SOURCE`: A path to a project source ($PROJECTS_ROOT/<project-name>). If there are multiple projects, this will point to the directory of the first one."
type: string
type: object
id:
description: Mandatory identifier that allows referencing this command in composite commands, from a parent, or in events.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- id
type: object
type: array
components:
description: Overrides of components encapsulated in a parent devfile or a plugin. Overriding is done according to K8S strategic merge patch standard rules.
items:
properties:
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
componentType:
description: Type of component
enum:
- Container
- Kubernetes
- Openshift
- Volume
- Image
type: string
container:
description: Allows adding and configuring devworkspace-related containers
properties:
annotation:
description: Annotations that should be added to specific resources for this container
properties:
deployment:
additionalProperties:
type: string
description: Annotations to be added to deployment
type: object
service:
additionalProperties:
type: string
description: Annotations to be added to service
type: object
type: object
args:
description: "The arguments to supply to the command running the dockerimage component. The arguments are supplied either to the default command provided in the image or to the overridden command. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
command:
description: "The command to run in the dockerimage component instead of the default one provided in the image. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
cpuLimit:
type: string
cpuRequest:
type: string
dedicatedPod:
description: "Specify if a container should run in its own separated pod, instead of running as part of the main development environment pod. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
env:
description: "Environment variables used in this container. \n The following variables are reserved and cannot be overridden via env: \n - `$PROJECTS_ROOT` \n - `$PROJECT_SOURCE`"
items:
properties:
name:
type: string
value:
type: string
required:
- name
type: object
type: array
image:
type: string
memoryLimit:
type: string
memoryRequest:
type: string
mountSources:
description: "Toggles whether or not the project source code should be mounted in the component. \n Defaults to true for all component types except plugins and components that set `dedicatedPod` to true."
type: boolean
sourceMapping:
description: Optional specification of the path in the container where project sources should be transferred/mounted when `mountSources` is `true`. When omitted, the default value of /projects is used.
type: string
volumeMounts:
description: List of volumes mounts that should be mounted is this container.
items:
description: Volume that should be mounted to a component container
properties:
name:
description: The volume mount name is the name of an existing `Volume` component. If several containers mount the same volume name then they will reuse the same volume and will be able to access to the same files.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: The path in the component container where the volume should be mounted. If not path is mentioned, default path is the is `/<name>`.
type: string
required:
- name
type: object
type: array
type: object
image:
description: Allows specifying the definition of an image for outer loop builds
properties:
autoBuild:
description: "Defines if the image should be built during startup. \n Default value is `false`"
type: boolean
dockerfile:
description: Allows specifying dockerfile type build
properties:
args:
description: The arguments to supply to the dockerfile build.
items:
type: string
type: array
buildContext:
description: Path of source directory to establish build context. Defaults to ${PROJECT_SOURCE} in the container
type: string
devfileRegistry:
description: Dockerfile's Devfile Registry source
properties:
id:
description: Id in a devfile registry that contains a Dockerfile. The src in the OCI registry required for the Dockerfile build will be downloaded for building the image.
type: string
registryUrl:
description: Devfile Registry URL to pull the Dockerfile from when using the Devfile Registry as Dockerfile src. To ensure the Dockerfile gets resolved consistently in different environments, it is recommended to always specify the `devfileRegistryUrl` when `Id` is used.
type: string
type: object
git:
description: Dockerfile's Git source
properties:
checkoutFrom:
description: Defines from what the project should be checked out. Required if there are more than one remote configured
properties:
remote:
description: The remote name should be used as init. Required if there are more than one remote configured
type: string
revision:
description: The revision to checkout from. Should be branch name, tag or commit id. Default branch is used if missing or specified revision is not found.
type: string
type: object
fileLocation:
description: Location of the Dockerfile in the Git repository when using git as Dockerfile src. Defaults to Dockerfile.
type: string
remotes:
additionalProperties:
type: string
description: The remotes map which should be initialized in the git project. Projects must have at least one remote configured while StarterProjects & Image Component's Git source can only have at most one remote configured.
type: object
type: object
rootRequired:
description: "Specify if a privileged builder pod is required. \n Default value is `false`"
type: boolean
srcType:
description: Type of Dockerfile src
enum:
- Uri
- DevfileRegistry
- Git
type: string
uri:
description: URI Reference of a Dockerfile. It can be a full URL or a relative URI from the current devfile as the base URI.
type: string
type: object
imageName:
description: Name of the image for the resulting outerloop build
type: string
imageType:
description: Type of image
enum:
- Dockerfile
- AutoBuild
type: string
type: object
kubernetes:
description: Allows importing into the devworkspace the Kubernetes resources defined in a given manifest. For example this allows reusing the Kubernetes definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
name:
description: Mandatory name that allows referencing the component from other elements (such as commands) or from an external devfile that may reference this component through a parent or a plugin.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
openshift:
description: Allows importing into the devworkspace the OpenShift resources defined in a given manifest. For example this allows reusing the OpenShift definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
volume:
description: Allows specifying the definition of a volume shared by several other components
properties:
ephemeral:
description: Ephemeral volumes are not stored persistently across restarts. Defaults to false
type: boolean
size:
description: Size of the volume
type: string
type: object
required:
- name
type: object
type: array
id:
description: Id in a registry that contains a Devfile yaml file
type: string
importReferenceType:
description: type of location from where the referenced template structure should be retrieved
enum:
- Uri
- Id
- Kubernetes
type: string
kubernetes:
description: Reference to a Kubernetes CRD of type DevWorkspaceTemplate
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
registryUrl:
description: Registry URL to pull the parent devfile from when using id in the parent reference. To ensure the parent devfile gets resolved consistently in different environments, it is recommended to always specify the `registryUrl` when `id` is used.
type: string
uri:
description: URI Reference of a parent devfile YAML file. It can be a full URL or a relative URI with the current devfile as the base URI.
type: string
version:
description: Specific stack/sample version to pull the parent devfile from, when using id in the parent reference. To specify `version`, `id` must be defined and used as the import reference source. `version` can be either a specific stack version, or `latest`. If no `version` specified, default version will be used.
pattern: ^(latest)|(([1-9])\.([0-9]+)\.([0-9]+)(\-[0-9a-z-]+(\.[0-9a-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?)$
type: string
type: object
volume:
description: Allows specifying the definition of a volume shared by several other components
properties:
ephemeral:
description: Ephemeral volumes are not stored persistently across restarts. Defaults to false
type: boolean
size:
description: Size of the volume
type: string
type: object
required:
- name
type: object
type: array
workspaceDefaultEditor:
default: che-incubator/che-code/insiders
description: The default editor to workspace create with. It could be a plugin ID or a URI. The plugin ID must have `publisher/plugin/version`. The URI must start from `http`.
type: string
workspaceNamespaceDefault:
description: Defines Kubernetes default namespace in which user's workspaces are created for a case when a user does not override it. It's possible to use `<username>`, `<userid>` and `<workspaceid>` placeholders, such as che-workspace-<username>. In that case, a new namespace will be created for each user or workspace.
type: string
workspacePodNodeSelector:
additionalProperties:
type: string
description: The node selector that limits the nodes that can run the workspace pods.
type: object
workspacePodTolerations:
description: The pod tolerations put on the workspace pods to limit where the workspace pods can run.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
workspacesDefaultPlugins:
description: Default plug-ins applied to Devworkspaces.
items:
properties:
editor:
description: The editor id to specify default plug-ins for.
type: string
plugins:
description: Default plug-in uris for the specified editor.
items:
type: string
type: array
type: object
type: array
type: object
storage:
description: Configuration settings related to the persistent storage used by the Che installation.
properties:
perWorkspaceStrategyPVCStorageClassName:
description: Storage class for the Persistent Volume Claims dedicated to the Che workspaces. When omitted or left blank, a default storage class is used.
type: string
perWorkspaceStrategyPvcClaimSize:
description: Size of the persistent volume claim for workspaces.
type: string
postgresPVCStorageClassName:
description: Storage class for the Persistent Volume Claim dedicated to the PostgreSQL database. When omitted or left blank, a default storage class is used.
type: string
preCreateSubPaths:
description: Instructs the Che server to start a special Pod to pre-create a sub-path in the Persistent Volumes. Defaults to `false`, however it will need to enable it according to the configuration of your Kubernetes cluster.
type: boolean
pvcClaimSize:
description: Size of the persistent volume claim for workspaces. Defaults to `10Gi`.
type: string
pvcJobsImage:
description: Overrides the container image used to create sub-paths in the Persistent Volumes. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. See also the `preCreateSubPaths` field.
type: string
pvcStrategy:
description: Persistent volume claim strategy for the Che server. This Can be:`common` (all workspaces PVCs in one volume), `per-workspace` (one PVC per workspace for all declared volumes) and `unique` (one PVC per declared volume). Defaults to `common`.
type: string
workspacePVCStorageClassName:
description: Storage class for the Persistent Volume Claims dedicated to the Che workspaces. When omitted or left blank, a default storage class is used.
type: string
type: object
type: object
status:
description: CheClusterStatus defines the observed state of Che installation
properties:
cheClusterRunning:
description: Status of a Che installation. Can be `Available`, `Unavailable`, or `Available, Rolling Update in Progress`.
type: string
cheURL:
description: Public URL to the Che server.
type: string
cheVersion:
description: Current installed Che version.
type: string
dbProvisioned:
description: Indicates that a PostgreSQL instance has been correctly provisioned or not.
type: boolean
devfileRegistryURL:
description: Public URL to the devfile registry.
type: string
devworkspaceStatus:
description: The status of the Devworkspace subsystem
properties:
gatewayHost:
description: GatewayHost is the resolved host of the ingress/route. This is equal to the Host in the spec on Kubernetes but contains the actual host name of the route if Host is unspecified on OpenShift.
type: string
gatewayPhase:
description: GatewayPhase specifies the phase in which the gateway deployment currently is. If the gateway is disabled, the phase is "Inactive".
type: string
message:
description: Message contains further human-readable info for why the Che cluster is in the phase it currently is.
type: string
phase:
description: Phase is the phase in which the Che cluster as a whole finds itself in.
type: string
reason:
description: A brief CamelCase message indicating details about why the Che cluster is in this state.
type: string
workspaceBaseDomain:
description: The resolved workspace base domain. This is either the copy of the explicitly defined property of the same name in the spec or, if it is undefined in the spec and we're running on OpenShift, the automatically resolved basedomain for routes.
type: string
type: object
gitHubOAuthProvisioned:
description: Indicates whether an Identity Provider instance, Keycloak or RH-SSO, has been configured to integrate with the GitHub OAuth.
type: boolean
gitServerTLSCertificateConfigMapName:
description: The ConfigMap containing certificates to propagate to the Che components and to provide particular configuration for Git.
type: string
helpLink:
description: A URL that points to some URL where to find help related to the current Operator status.
type: string
keycloakProvisioned:
description: Indicates whether an Identity Provider instance, Keycloak or RH-SSO, has been provisioned with realm, client and user.
type: boolean
keycloakURL:
description: Public URL to the Identity Provider server, Keycloak or RH-SSO,.
type: string
message:
description: A human readable message indicating details about why the Pod is in this condition.
type: string
openShiftOAuthUserCredentialsSecret:
description: OpenShift OAuth secret in `openshift-config` namespace that contains user credentials for HTPasswd identity provider.
type: string
openShiftoAuthProvisioned:
description: Indicates whether an Identity Provider instance, Keycloak or RH-SSO, has been configured to integrate with the OpenShift OAuth.
type: boolean
pluginRegistryURL:
description: Public URL to the plugin registry.
type: string
reason:
description: A brief CamelCase message indicating details about why the Pod is in this state.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v2
schema:
openAPIV3Schema:
description: 'The `CheCluster` custom resource allows defining and managing Eclipse Che server installation. Based on these settings, the Operator automatically creates and maintains several ConfigMaps: `che`, `plugin-registry`, `devfile-registry` that will contain the appropriate environment variables of the various components of the installation. These generated ConfigMaps must NOT be updated manually.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Desired configuration of Eclipse Che installation.
properties:
components:
default:
cheServer:
debug: false
logLevel: INFO
database:
credentialsSecretName: postgres-credentials
externalDb: false
postgresDb: dbche
postgresHostName: postgres
postgresPort: "5432"
pvc:
claimSize: 1Gi
metrics:
enable: true
description: Che components configuration.
properties:
cheServer:
default:
debug: false
logLevel: INFO
description: General configuration settings related to the Che server.
properties:
clusterRoles:
description: 'ClusterRoles assigned to Che ServiceAccount. The defaults roles are: - `<che-namespace>-cheworkspaces-namespaces-clusterrole` - `<che-namespace>-cheworkspaces-clusterrole` - `<che-namespace>-cheworkspaces-devworkspace-clusterrole` where the <che-namespace> is the namespace where the CheCluster CRD is created. Each role must have a `app.kubernetes.io/part-of=che.eclipse.org` label. The Che Operator must already have all permissions in these ClusterRoles to grant them.'
items:
type: string
type: array
debug:
default: false
description: Enables the debug mode for Che server.
type: boolean
deployment:
description: Deployment override options.
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
extraProperties:
additionalProperties:
type: string
description: A map of additional environment variables applied in the generated `che` ConfigMap to be used by the Che server in addition to the values already generated from other fields of the `CheCluster` custom resource (CR). If the `extraProperties` field contains a property normally generated in `che` ConfigMap from other CR fields, the value defined in the `extraProperties` is used instead.
type: object
logLevel:
default: INFO
description: 'The log level for the Che server: `INFO` or `DEBUG`.'
type: string
proxy:
description: Proxy server settings for Kubernetes cluster. No additional configuration is required for OpenShift cluster. By specifying these settings for the OpenShift cluster, you override the OpenShift proxy configuration.
properties:
credentialsSecretName:
description: The secret name that contains `user` and `password` for a proxy server. The secret must have a `app.kubernetes.io/part-of=che.eclipse.org` label.
type: string
nonProxyHosts:
description: 'A list of hosts that can be reached directly, bypassing the proxy. Specify wild card domain use the following form `.<DOMAIN>`, for example: - localhost - my.host.com - 123.42.12.32 Use only when a proxy configuration is required. The Operator respects OpenShift cluster-wide proxy configuration, defining `nonProxyHosts` in a custom resource leads to merging non-proxy hosts lists from the cluster proxy configuration, and the ones defined in the custom resources. See the following page: https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html.'
items:
type: string
type: array
port:
description: Proxy server port.
type: string
url:
description: 'URL (protocol+hostname) of the proxy server. Use only when a proxy configuration is required. The Operator respects OpenShift cluster-wide proxy configuration, defining `url` in a custom resource leads to overriding the cluster proxy configuration. See the following page: https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html.'
type: string
type: object
type: object
dashboard:
description: Configuration settings related to the dashboard used by the Che installation.
properties:
deployment:
description: Deployment override options.
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
headerMessage:
description: Dashboard header message.
properties:
show:
description: Instructs dashboard to show the message.
type: boolean
text:
description: Warning message displayed on the user dashboard.
type: string
type: object
type: object
database:
default:
credentialsSecretName: postgres-credentials
externalDb: false
postgresDb: dbche
postgresHostName: postgres
postgresPort: "5432"
pvc:
claimSize: 1Gi
description: Configuration settings related to the database used by the Che installation.
properties:
credentialsSecretName:
default: postgres-credentials
description: The secret that contains PostgreSQL `user` and `password` that the Che server uses to connect to the database. The secret must have a `app.kubernetes.io/part-of=che.eclipse.org` label.
type: string
deployment:
description: Deployment override options.
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
externalDb:
default: false
description: Instructs the Operator to deploy a dedicated database. By default, a dedicated PostgreSQL database is deployed as part of the Che installation. When `externalDb` is set as `true`, no dedicated database is deployed by the Operator and you need to provide connection details about the external database you want to use.
type: boolean
postgresDb:
default: dbche
description: PostgreSQL database name that the Che server uses to connect to the database.
type: string
postgresHostName:
default: postgres
description: PostgreSQL database hostname that the Che server connects to. Override this value only when using an external database. See field `externalDb`.
type: string
postgresPort:
default: "5432"
description: PostgreSQL Database port the Che server connects to. Override this value only when using an external database. See field `externalDb`.
type: string
pvc:
default:
claimSize: 1Gi
description: PVC settings for PostgreSQL database.
properties:
claimSize:
description: Persistent Volume Claim size. To update the claim size, the storage class that provisions it must support resizing.
type: string
storageClass:
description: Storage class for the Persistent Volume Claim. When omitted or left blank, a default storage class is used.
type: string
type: object
type: object
devWorkspace:
description: DevWorkspace Operator configuration.
properties:
runningLimit:
description: The maximum number of running workspaces per user.
type: string
type: object
devfileRegistry:
description: Configuration settings related to the devfile registry used by the Che installation.
properties:
deployment:
description: Deployment override options.
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
disableInternalRegistry:
description: Disables internal devfile registry.
type: boolean
externalDevfileRegistries:
description: External devfile registries serving sample ready-to-use devfiles.
items:
description: External devfile registries configuration.
properties:
url:
description: The public UR of the devfile registry that serves sample ready-to-use devfiles.
type: string
type: object
type: array
type: object
imagePuller:
description: Kubernetes Image Puller configuration.
properties:
enable:
description: Install and configure the community supported Kubernetes Image Puller Operator. When you set the value to `true` without providing any specs, it creates a default Kubernetes Image Puller object managed by the Operator. When you set the value to `false`, the Kubernetes Image Puller object is deleted, and the Operator uninstalled, regardless of whether a spec is provided. If you leave the `spec.images` field empty, a set of recommended workspace-related images is automatically detected and pre-pulled after installation. Note that while this Operator and its behavior is community-supported, its payload may be commercially-supported for pulling commercially-supported images.
type: boolean
spec:
description: A Kubernetes Image Puller spec to configure the image puller in the CheCluster.
properties:
affinity:
type: string
cachingCPULimit:
type: string
cachingCPURequest:
type: string
cachingIntervalHours:
type: string
cachingMemoryLimit:
type: string
cachingMemoryRequest:
type: string
configMapName:
type: string
daemonsetName:
type: string
deploymentName:
type: string
imagePullSecrets:
type: string
imagePullerImage:
type: string
images:
type: string
nodeSelector:
type: string
type: object
type: object
metrics:
default:
enable: true
description: Che server metrics configuration.
properties:
enable:
default: true
description: Enables `metrics` for the Che server endpoint.
type: boolean
type: object
pluginRegistry:
description: Configuration settings related to the plug-in registry used by the Che installation.
properties:
deployment:
description: Deployment override options.
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
disableInternalRegistry:
description: Disables internal plug-in registry.
type: boolean
externalPluginRegistries:
description: External plugin registries.
items:
description: External plug-in registries configuration.
properties:
url:
description: Public URL of the plug-in registry.
type: string
type: object
type: array
openVSXURL:
description: Open VSX registry URL. If omitted an embedded instance will be used.
type: string
type: object
type: object
containerRegistry:
description: Configuration of an alternative registry that stores Che images.
properties:
hostname:
description: An optional hostname or URL of an alternative container registry to pull images from. This value overrides the container registry hostname defined in all the default container images involved in a Che deployment. This is particularly useful for installing Che in a restricted environment.
type: string
organization:
description: An optional repository name of an alternative registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a Che deployment. This is particularly useful for installing Eclipse Che in a restricted environment.
type: string
type: object
devEnvironments:
default:
defaultComponents:
- container:
image: quay.io/devfile/universal-developer-image:ubi8-38da5c2
name: universal-developer-image
defaultEditor: che-incubator/che-code/insiders
defaultNamespace:
autoProvision: true
template: <username>-che
disableContainerBuildCapabilities: true
secondsOfInactivityBeforeIdling: 1800
secondsOfRunBeforeIdling: -1
storage:
pvcStrategy: per-user
description: Development environment default configuration options.
properties:
containerBuildConfiguration:
description: Container build configuration.
properties:
openShiftSecurityContextConstraint:
default: container-build
description: OpenShift security context constraint to build containers.
type: string
type: object
defaultComponents:
default:
- container:
image: quay.io/devfile/universal-developer-image:ubi8-38da5c2
name: universal-developer-image
description: Default components applied to DevWorkspaces. These default components are meant to be used when a Devfile, that does not contain any components.
items:
properties:
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
componentType:
description: Type of component
enum:
- Container
- Kubernetes
- Openshift
- Volume
- Image
- Plugin
- Custom
type: string
container:
description: Allows adding and configuring devworkspace-related containers
properties:
annotation:
description: Annotations that should be added to specific resources for this container
properties:
deployment:
additionalProperties:
type: string
description: Annotations to be added to deployment
type: object
service:
additionalProperties:
type: string
description: Annotations to be added to service
type: object
type: object
args:
description: "The arguments to supply to the command running the dockerimage component. The arguments are supplied either to the default command provided in the image or to the overridden command. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
command:
description: "The command to run in the dockerimage component instead of the default one provided in the image. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
cpuLimit:
type: string
cpuRequest:
type: string
dedicatedPod:
description: "Specify if a container should run in its own separated pod, instead of running as part of the main development environment pod. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
env:
description: "Environment variables used in this container. \n The following variables are reserved and cannot be overridden via env: \n - `$PROJECTS_ROOT` \n - `$PROJECT_SOURCE`"
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
image:
type: string
memoryLimit:
type: string
memoryRequest:
type: string
mountSources:
description: "Toggles whether or not the project source code should be mounted in the component. \n Defaults to true for all component types except plugins and components that set `dedicatedPod` to true."
type: boolean
sourceMapping:
default: /projects
description: Optional specification of the path in the container where project sources should be transferred/mounted when `mountSources` is `true`. When omitted, the default value of /projects is used.
type: string
volumeMounts:
description: List of volumes mounts that should be mounted is this container.
items:
description: Volume that should be mounted to a component container
properties:
name:
description: The volume mount name is the name of an existing `Volume` component. If several containers mount the same volume name then they will reuse the same volume and will be able to access to the same files.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: The path in the component container where the volume should be mounted. If not path is mentioned, default path is the is `/<name>`.
type: string
required:
- name
type: object
type: array
required:
- image
type: object
custom:
description: Custom component whose logic is implementation-dependant and should be provided by the user possibly through some dedicated controller
properties:
componentClass:
description: Class of component that the associated implementation controller should use to process this command with the appropriate logic
type: string
embeddedResource:
description: Additional free-form configuration for this custom component that the implementation controller will know how to use
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
required:
- componentClass
- embeddedResource
type: object
image:
description: Allows specifying the definition of an image for outer loop builds
properties:
autoBuild:
description: "Defines if the image should be built during startup. \n Default value is `false`"
type: boolean
dockerfile:
description: Allows specifying dockerfile type build
properties:
args:
description: The arguments to supply to the dockerfile build.
items:
type: string
type: array
buildContext:
description: Path of source directory to establish build context. Defaults to ${PROJECT_SOURCE} in the container
type: string
devfileRegistry:
description: Dockerfile's Devfile Registry source
properties:
id:
description: Id in a devfile registry that contains a Dockerfile. The src in the OCI registry required for the Dockerfile build will be downloaded for building the image.
type: string
registryUrl:
description: Devfile Registry URL to pull the Dockerfile from when using the Devfile Registry as Dockerfile src. To ensure the Dockerfile gets resolved consistently in different environments, it is recommended to always specify the `devfileRegistryUrl` when `Id` is used.
type: string
required:
- id
type: object
git:
description: Dockerfile's Git source
properties:
checkoutFrom:
description: Defines from what the project should be checked out. Required if there are more than one remote configured
properties:
remote:
description: The remote name should be used as init. Required if there are more than one remote configured
type: string
revision:
description: The revision to checkout from. Should be branch name, tag or commit id. Default branch is used if missing or specified revision is not found.
type: string
type: object
fileLocation:
description: Location of the Dockerfile in the Git repository when using git as Dockerfile src. Defaults to Dockerfile.
type: string
remotes:
additionalProperties:
type: string
description: The remotes map which should be initialized in the git project. Projects must have at least one remote configured while StarterProjects & Image Component's Git source can only have at most one remote configured.
type: object
required:
- remotes
type: object
rootRequired:
description: "Specify if a privileged builder pod is required. \n Default value is `false`"
type: boolean
srcType:
description: Type of Dockerfile src
enum:
- Uri
- DevfileRegistry
- Git
type: string
uri:
description: URI Reference of a Dockerfile. It can be a full URL or a relative URI from the current devfile as the base URI.
type: string
type: object
imageName:
description: Name of the image for the resulting outerloop build
type: string
imageType:
description: Type of image
enum:
- Dockerfile
type: string
required:
- imageName
type: object
kubernetes:
description: Allows importing into the devworkspace the Kubernetes resources defined in a given manifest. For example this allows reusing the Kubernetes definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
name:
description: Mandatory name that allows referencing the component from other elements (such as commands) or from an external devfile that may reference this component through a parent or a plugin.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
openshift:
description: Allows importing into the devworkspace the OpenShift resources defined in a given manifest. For example this allows reusing the OpenShift definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
default: public
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
default: http
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
- targetPort
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
plugin:
description: "Allows importing a plugin. \n Plugins are mainly imported devfiles that contribute components, commands and events as a consistent single unit. They are defined in either YAML files following the devfile syntax, or as `DevWorkspaceTemplate` Kubernetes Custom Resources"
properties:
commands:
description: Overrides of commands encapsulated in a parent devfile or a plugin. Overriding is done according to K8S strategic merge patch standard rules.
items:
properties:
apply:
description: "Command that consists in applying a given component definition, typically bound to a devworkspace event. \n For example, when an `apply` command is bound to a `preStart` event, and references a `container` component, it will start the container as a K8S initContainer in the devworkspace POD, unless the component has its `dedicatedPod` field set to `true`. \n When no `apply` command exist for a given component, it is assumed the component will be applied at devworkspace start by default, unless `deployByDefault` for that component is set to false."
properties:
component:
description: Describes component that will be applied
type: string
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
type: object
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
commandType:
description: Type of devworkspace command
enum:
- Exec
- Apply
- Composite
type: string
composite:
description: Composite command that allows executing several sub-commands either sequentially or concurrently
properties:
commands:
description: The commands that comprise this composite command
items:
type: string
type: array
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
parallel:
description: Indicates if the sub-commands should be executed concurrently
type: boolean
type: object
exec:
description: CLI Command executed in an existing component container
properties:
commandLine:
description: "The actual command-line string \n Special variables that can be used: \n - `$PROJECTS_ROOT`: A path where projects sources are mounted as defined by container component's sourceMapping. \n - `$PROJECT_SOURCE`: A path to a project source ($PROJECTS_ROOT/<project-name>). If there are multiple projects, this will point to the directory of the first one."
type: string
component:
description: Describes component to which given action relates
type: string
env:
description: Optional list of environment variables that have to be set before running the command
items:
properties:
name:
type: string
value:
type: string
required:
- name
type: object
type: array
group:
description: Defines the group this command is part of
properties:
isDefault:
description: Identifies the default command for a given group kind
type: boolean
kind:
description: Kind of group the command is part of
enum:
- build
- run
- test
- debug
- deploy
type: string
type: object
hotReloadCapable:
description: "Whether the command is capable to reload itself when source code changes. If set to `true` the command won't be restarted and it is expected to handle file changes on its own. \n Default value is `false`"
type: boolean
label:
description: Optional label that provides a label for this command to be used in Editor UI menus for example
type: string
workingDir:
description: "Working directory where the command should be executed \n Special variables that can be used: \n - `$PROJECTS_ROOT`: A path where projects sources are mounted as defined by container component's sourceMapping. \n - `$PROJECT_SOURCE`: A path to a project source ($PROJECTS_ROOT/<project-name>). If there are multiple projects, this will point to the directory of the first one."
type: string
type: object
id:
description: Mandatory identifier that allows referencing this command in composite commands, from a parent, or in events.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- id
type: object
type: array
components:
description: Overrides of components encapsulated in a parent devfile or a plugin. Overriding is done according to K8S strategic merge patch standard rules.
items:
properties:
attributes:
description: Map of implementation-dependant free-form YAML attributes.
type: object
x-kubernetes-preserve-unknown-fields: true
componentType:
description: Type of component
enum:
- Container
- Kubernetes
- Openshift
- Volume
- Image
type: string
container:
description: Allows adding and configuring devworkspace-related containers
properties:
annotation:
description: Annotations that should be added to specific resources for this container
properties:
deployment:
additionalProperties:
type: string
description: Annotations to be added to deployment
type: object
service:
additionalProperties:
type: string
description: Annotations to be added to service
type: object
type: object
args:
description: "The arguments to supply to the command running the dockerimage component. The arguments are supplied either to the default command provided in the image or to the overridden command. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
command:
description: "The command to run in the dockerimage component instead of the default one provided in the image. \n Defaults to an empty array, meaning use whatever is defined in the image."
items:
type: string
type: array
cpuLimit:
type: string
cpuRequest:
type: string
dedicatedPod:
description: "Specify if a container should run in its own separated pod, instead of running as part of the main development environment pod. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
env:
description: "Environment variables used in this container. \n The following variables are reserved and cannot be overridden via env: \n - `$PROJECTS_ROOT` \n - `$PROJECT_SOURCE`"
items:
properties:
name:
type: string
value:
type: string
required:
- name
type: object
type: array
image:
type: string
memoryLimit:
type: string
memoryRequest:
type: string
mountSources:
description: "Toggles whether or not the project source code should be mounted in the component. \n Defaults to true for all component types except plugins and components that set `dedicatedPod` to true."
type: boolean
sourceMapping:
description: Optional specification of the path in the container where project sources should be transferred/mounted when `mountSources` is `true`. When omitted, the default value of /projects is used.
type: string
volumeMounts:
description: List of volumes mounts that should be mounted is this container.
items:
description: Volume that should be mounted to a component container
properties:
name:
description: The volume mount name is the name of an existing `Volume` component. If several containers mount the same volume name then they will reuse the same volume and will be able to access to the same files.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: The path in the component container where the volume should be mounted. If not path is mentioned, default path is the is `/<name>`.
type: string
required:
- name
type: object
type: array
type: object
image:
description: Allows specifying the definition of an image for outer loop builds
properties:
autoBuild:
description: "Defines if the image should be built during startup. \n Default value is `false`"
type: boolean
dockerfile:
description: Allows specifying dockerfile type build
properties:
args:
description: The arguments to supply to the dockerfile build.
items:
type: string
type: array
buildContext:
description: Path of source directory to establish build context. Defaults to ${PROJECT_SOURCE} in the container
type: string
devfileRegistry:
description: Dockerfile's Devfile Registry source
properties:
id:
description: Id in a devfile registry that contains a Dockerfile. The src in the OCI registry required for the Dockerfile build will be downloaded for building the image.
type: string
registryUrl:
description: Devfile Registry URL to pull the Dockerfile from when using the Devfile Registry as Dockerfile src. To ensure the Dockerfile gets resolved consistently in different environments, it is recommended to always specify the `devfileRegistryUrl` when `Id` is used.
type: string
type: object
git:
description: Dockerfile's Git source
properties:
checkoutFrom:
description: Defines from what the project should be checked out. Required if there are more than one remote configured
properties:
remote:
description: The remote name should be used as init. Required if there are more than one remote configured
type: string
revision:
description: The revision to checkout from. Should be branch name, tag or commit id. Default branch is used if missing or specified revision is not found.
type: string
type: object
fileLocation:
description: Location of the Dockerfile in the Git repository when using git as Dockerfile src. Defaults to Dockerfile.
type: string
remotes:
additionalProperties:
type: string
description: The remotes map which should be initialized in the git project. Projects must have at least one remote configured while StarterProjects & Image Component's Git source can only have at most one remote configured.
type: object
type: object
rootRequired:
description: "Specify if a privileged builder pod is required. \n Default value is `false`"
type: boolean
srcType:
description: Type of Dockerfile src
enum:
- Uri
- DevfileRegistry
- Git
type: string
uri:
description: URI Reference of a Dockerfile. It can be a full URL or a relative URI from the current devfile as the base URI.
type: string
type: object
imageName:
description: Name of the image for the resulting outerloop build
type: string
imageType:
description: Type of image
enum:
- Dockerfile
- AutoBuild
type: string
type: object
kubernetes:
description: Allows importing into the devworkspace the Kubernetes resources defined in a given manifest. For example this allows reusing the Kubernetes definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
name:
description: Mandatory name that allows referencing the component from other elements (such as commands) or from an external devfile that may reference this component through a parent or a plugin.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
openshift:
description: Allows importing into the devworkspace the OpenShift resources defined in a given manifest. For example this allows reusing the OpenShift definitions used to deploy some runtime components in production.
properties:
deployByDefault:
description: "Defines if the component should be deployed during startup. \n Default value is `false`"
type: boolean
endpoints:
items:
properties:
annotation:
additionalProperties:
type: string
description: Annotations to be added to Kubernetes Ingress or Openshift Route
type: object
attributes:
description: "Map of implementation-dependant string-based free-form attributes. \n Examples of Che-specific attributes: \n - cookiesAuthEnabled: \"true\" / \"false\", \n - type: \"terminal\" / \"ide\" / \"ide-dev\","
type: object
x-kubernetes-preserve-unknown-fields: true
exposure:
description: "Describes how the endpoint should be exposed on the network. \n - `public` means that the endpoint will be exposed on the public network, typically through a K8S ingress or an OpenShift route. \n - `internal` means that the endpoint will be exposed internally outside of the main devworkspace POD, typically by K8S services, to be consumed by other elements running on the same cloud internal network. \n - `none` means that the endpoint will not be exposed and will only be accessible inside the main devworkspace POD, on a local address. \n Default value is `public`"
enum:
- public
- internal
- none
type: string
name:
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
path:
description: Path of the endpoint URL
type: string
protocol:
description: "Describes the application and transport protocols of the traffic that will go through this endpoint. \n - `http`: Endpoint will have `http` traffic, typically on a TCP connection. It will be automaticaly promoted to `https` when the `secure` field is set to `true`. \n - `https`: Endpoint will have `https` traffic, typically on a TCP connection. \n - `ws`: Endpoint will have `ws` traffic, typically on a TCP connection. It will be automaticaly promoted to `wss` when the `secure` field is set to `true`. \n - `wss`: Endpoint will have `wss` traffic, typically on a TCP connection. \n - `tcp`: Endpoint will have traffic on a TCP connection, without specifying an application protocol. \n - `udp`: Endpoint will have traffic on an UDP connection, without specifying an application protocol. \n Default value is `http`"
enum:
- http
- https
- ws
- wss
- tcp
- udp
type: string
secure:
description: Describes whether the endpoint should be secured and protected by some authentication process. This requires a protocol of `https` or `wss`.
type: boolean
targetPort:
description: Port number to be used within the container component. The same port cannot be used by two different container components.
type: integer
required:
- name
type: object
type: array
inlined:
description: Inlined manifest
type: string
locationType:
description: Type of Kubernetes-like location
enum:
- Uri
- Inlined
type: string
uri:
description: Location in a file fetched from a uri.
type: string
type: object
volume:
description: Allows specifying the definition of a volume shared by several other components
properties:
ephemeral:
description: Ephemeral volumes are not stored persistently across restarts. Defaults to false
type: boolean
size:
description: Size of the volume
type: string
type: object
required:
- name
type: object
type: array
id:
description: Id in a registry that contains a Devfile yaml file
type: string
importReferenceType:
description: type of location from where the referenced template structure should be retrieved
enum:
- Uri
- Id
- Kubernetes
type: string
kubernetes:
description: Reference to a Kubernetes CRD of type DevWorkspaceTemplate
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
registryUrl:
description: Registry URL to pull the parent devfile from when using id in the parent reference. To ensure the parent devfile gets resolved consistently in different environments, it is recommended to always specify the `registryUrl` when `id` is used.
type: string
uri:
description: URI Reference of a parent devfile YAML file. It can be a full URL or a relative URI with the current devfile as the base URI.
type: string
version:
description: Specific stack/sample version to pull the parent devfile from, when using id in the parent reference. To specify `version`, `id` must be defined and used as the import reference source. `version` can be either a specific stack version, or `latest`. If no `version` specified, default version will be used.
pattern: ^(latest)|(([1-9])\.([0-9]+)\.([0-9]+)(\-[0-9a-z-]+(\.[0-9a-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?)$
type: string
type: object
volume:
description: Allows specifying the definition of a volume shared by several other components
properties:
ephemeral:
description: Ephemeral volumes are not stored persistently across restarts. Defaults to false
type: boolean
size:
description: Size of the volume
type: string
type: object
required:
- name
type: object
type: array
defaultEditor:
default: che-incubator/che-code/insiders
description: The default editor to workspace create with. It could be a plugin ID or a URI. The plugin ID must have `publisher/plugin/version` format. The URI must start from `http://` or `https://`.
type: string
defaultNamespace:
default:
autoProvision: true
template: <username>-che
description: User's default namespace.
properties:
autoProvision:
default: true
description: Indicates if is allowed to automatically create a user namespace. If it set to false, then user namespace must be pre-created by a cluster administrator.
type: boolean
template:
default: <username>-che
description: If you don't create the user namespaces in advance, this field defines the Kubernetes namespace created when you start your first workspace. You can use `<username>` and `<userid>` placeholders, such as che-workspace-<username>.
pattern: <username>|<userid>
type: string
type: object
defaultPlugins:
description: Default plug-ins applied to DevWorkspaces.
items:
properties:
editor:
description: The editor ID to specify default plug-ins for.
type: string
plugins:
description: Default plug-in URIs for the specified editor.
items:
type: string
type: array
type: object
type: array
disableContainerBuildCapabilities:
default: true
description: Disables the container build capabilities.
type: boolean
nodeSelector:
additionalProperties:
type: string
description: The node selector limits the nodes that can run the workspace pods.
type: object
secondsOfInactivityBeforeIdling:
default: 1800
description: Idle timeout for workspaces in seconds. This timeout is the duration after which a workspace will be idled if there is no activity. To disable workspace idling due to inactivity, set this value to -1.
format: int32
type: integer
secondsOfRunBeforeIdling:
default: -1
description: Run timeout for workspaces in seconds. This timeout is the maximum duration a workspace runs. To disable workspace run timeout, set this value to -1.
format: int32
type: integer
storage:
default:
pvcStrategy: per-user
description: Workspaces persistent storage.
properties:
perUserStrategyPvcConfig:
description: PVC settings when using the `per-user` PVC strategy.
properties:
claimSize:
description: Persistent Volume Claim size. To update the claim size, the storage class that provisions it must support resizing.
type: string
storageClass:
description: Storage class for the Persistent Volume Claim. When omitted or left blank, a default storage class is used.
type: string
type: object
perWorkspaceStrategyPvcConfig:
description: PVC settings when using the `per-workspace` PVC strategy.
properties:
claimSize:
description: Persistent Volume Claim size. To update the claim size, the storage class that provisions it must support resizing.
type: string
storageClass:
description: Storage class for the Persistent Volume Claim. When omitted or left blank, a default storage class is used.
type: string
type: object
pvcStrategy:
default: per-user
description: 'Persistent volume claim strategy for the Che server. The supported strategies are: `per-user` (all workspaces PVCs in one volume) and ''per-workspace'' (each workspace is given its own individual PVC). For details, see https://github.com/eclipse/che/issues/21185.'
enum:
- common
- per-user
- per-workspace
type: string
type: object
tolerations:
description: The pod tolerations of the workspace pods limit where the workspace pods can run.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
trustedCerts:
description: Trusted certificate settings.
properties:
gitTrustedCertsConfigMapName:
description: 'The ConfigMap contains certificates to propagate to the Che components and to provide a particular configuration for Git. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/deploying-che-with-support-for-git-repositories-with-self-signed-certificates/ The ConfigMap must have a `app.kubernetes.io/part-of=che.eclipse.org` label.'
type: string
type: object
type: object
gitServices:
description: A configuration that allows users to work with remote Git repositories.
properties:
bitbucket:
description: Enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted).
items:
description: BitBucketService enables users to work with repositories hosted on Bitbucket (bitbucket.org or self-hosted).
properties:
endpoint:
default: https://bitbucket.org
description: Bitbucket server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded Bitbucket OAuth 1.0 or OAuth 2.0 data. For OAuth 1.0: private key, Bitbucket Application link consumer key and Bitbucket Application link shared secret must be stored in `private.key`, `consumer.key` and `shared_secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-1-for-a-bitbucket-server/. For OAuth 2.0: Bitbucket OAuth consumer key and Bitbucket OAuth consumer secret must be stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-the-bitbucket-cloud/.'
type: string
required:
- secretName
type: object
type: array
github:
description: Enables users to work with repositories hosted on GitHub (github.com or GitHub Enterprise).
items:
description: GitHubService enables users to work with repositories hosted on GitHub (GitHub.com or GitHub Enterprise).
properties:
disableSubdomainIsolation:
description: Disables subdomain isolation.
type: boolean
endpoint:
default: https://github.com
description: GitHub server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded GitHub OAuth Client id and GitHub OAuth Client secret, that stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-github/.'
type: string
required:
- endpoint
- secretName
type: object
type: array
gitlab:
description: Enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted).
items:
description: GitLabService enables users to work with repositories hosted on GitLab (gitlab.com or self-hosted).
properties:
endpoint:
default: https://gitlab.com
description: GitLab server endpoint URL.
type: string
secretName:
description: 'Kubernetes secret, that contains Base64-encoded GitHub Application id and GitLab Application Client secret, that stored in `id` and `secret` keys respectively. See the following page: https://www.eclipse.org/che/docs/stable/administration-guide/configuring-oauth-2-for-gitlab/.'
type: string
required:
- endpoint
- secretName
type: object
type: array
type: object
networking:
default:
auth:
gateway:
configLabels:
app: che
component: che-gateway-config
description: Networking, Che authentication, and TLS configuration.
properties:
annotations:
additionalProperties:
type: string
description: 'Defines annotations which will be set for an Ingress (a route for OpenShift platform). The defaults for kubernetes platforms are: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/proxy-read-timeout: "3600", nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600", nginx.ingress.kubernetes.io/ssl-redirect: "true"'
type: object
auth:
default:
gateway:
configLabels:
app: che
component: che-gateway-config
description: Authentication settings.
properties:
gateway:
default:
configLabels:
app: che
component: che-gateway-config
description: Gateway settings.
properties:
configLabels:
additionalProperties:
type: string
default:
app: che
component: che-gateway-config
description: Gateway configuration labels.
type: object
deployment:
description: 'Deployment override options. Since gateway deployment consists of several containers, they must be distinguished in the configuration by their names: - `gateway` - `configbump` - `oauth-proxy` - `kube-rbac-proxy`'
properties:
containers:
description: List of containers belonging to the pod.
items:
description: Container custom settings.
properties:
env:
description: List of environment variables to set in the container.
items:
description: EnvVar represents an environment variable present in a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional for env vars'
type: string
divisor:
anyOf:
- type: integer
- type: string
description: Specifies the output format of the exposed resources, defaults to "1"
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
image:
description: Container image. Omit it or leave it empty to use the default container image provided by the Operator.
type: string
imagePullPolicy:
description: Image pull policy. Default value is `Always` for `nightly`, `next` or `latest` images, and `IfNotPresent` in other cases.
enum:
- Always
- IfNotPresent
- Never
type: string
name:
description: Container name.
type: string
resources:
description: Compute resources required by this container.
properties:
limits:
description: Describes the maximum amount of compute resources allowed.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
request:
description: Describes the minimum amount of compute resources required.
properties:
cpu:
anyOf:
- type: integer
- type: string
description: CPU, in cores. (500m = .5 cores)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
memory:
anyOf:
- type: integer
- type: string
description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
securityContext:
description: Security options the pod should run with.
properties:
fsGroup:
description: A special supplemental group that applies to all containers in a pod. The default value is `1724`.
format: int64
type: integer
runAsUser:
description: The UID to run the entrypoint of the container process. The default value is `1724`.
format: int64
type: integer
type: object
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.
type: string
identityToken:
description: 'Identity token to be passed to upstream. There are two types of tokens supported: `id_token` and `access_token`. Default value is `id_token`. This field is specific to Che installations made for Kubernetes only and ignored for OpenShift.'
enum:
- id_token
- access_token
type: string
oAuthAccessTokenInactivityTimeoutSeconds:
description: Inactivity timeout for tokens to set in the OpenShift `OAuthClient` resource used to set up identity federation on the OpenShift side. 0 means tokens for this client never time out.
format: int32
type: integer
oAuthAccessTokenMaxAgeSeconds:
description: Access token max age for tokens to set in the OpenShift `OAuthClient` resource used to set up identity federation on the OpenShift side. 0 means no expiration.
format: int32
type: integer
oAuthClientName:
description: Name of the OpenShift `OAuthClient` resource used to set up identity federation on the OpenShift side.
type: string
oAuthScope:
description: Access Token Scope. This field is specific to Che installations made for Kubernetes only and ignored for OpenShift.
type: string
oAuthSecret:
description: Name of the secret set in the OpenShift `OAuthClient` resource used to set up identity federation on the OpenShift side.
type: string
type: object
domain:
description: 'For an OpenShift cluster, the Operator uses the domain to generate a hostname for the route. The generated hostname follows this pattern: che-<che-namespace>.<domain>. The <che-namespace> is the namespace where the CheCluster CRD is created. In conjunction with labels, it creates a route served by a non-default Ingress controller. For a Kubernetes cluster, it contains a global ingress domain. There are no default values: you must specify them.'
type: string
hostname:
description: The public hostname of the installed Che server.
type: string
labels:
additionalProperties:
type: string
description: Defines labels which will be set for an Ingress (a route for OpenShift platform).
type: object
tlsSecretName:
description: The name of the secret used to set up Ingress TLS termination. If the field is an empty string, the default cluster certificate is used. The secret must have a `app.kubernetes.io/part-of=che.eclipse.org` label.
type: string
type: object
type: object
status:
description: Defines the observed state of Che installation.
properties:
chePhase:
description: Specifies the current phase of the Che deployment.
type: string
cheURL:
description: Public URL of the Che server.
type: string
cheVersion:
description: Currently installed Che version.
type: string
devfileRegistryURL:
description: The public URL of the internal devfile registry.
type: string
gatewayPhase:
description: Specifies the current phase of the gateway deployment.
type: string
message:
description: A human readable message indicating details about why the Che deployment is in the current phase.
type: string
pluginRegistryURL:
description: The public URL of the internal plug-in registry.
type: string
postgresVersion:
description: The PostgreSQL version of the image in use.
type: string
reason:
description: A brief CamelCase message indicating details about why the Che deployment is in the current phase.
type: string
workspaceBaseDomain:
description: The resolved workspace base domain. This is either the copy of the explicitly defined property of the same name in the spec or, if it is undefined in the spec and we're running on OpenShift, the automatically resolved basedomain for routes.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Reference in New Issue View Git Blame Copy Permalink