* Support identity provider token retrieval in both JSON or URL formats.
That's required because some identity providers (such a `openshift-v3`)
correctly return the token information in JSON, as expected. So
switching to the url-based syntax should only used when the returned
json is invalid.
Signed-off-by: David Festal <dfestal@redhat.com>
* Introduce an `OpenShiftClientConfigFactory` to allow customizing the OpenShift config returned according to the current context (workspace ID, current user)
Signed-off-by: David Festal <dfestal@redhat.com>
* Openshift Infra + Multi-user => allow using OpenShift identity provider to connect to openshift with the OS oauth token of the current Che user.
This introduces a new property:
`che.infra.openshift.oauth_identity_provider`
Signed-off-by: David Festal <dfestal@redhat.com>
* Notify the user when a workspace cannot be started from the nav bar.
Signed-off-by: David Festal <dfestal@redhat.com>
* Add the ability to install the Openshift certificate into Keycloak
Signed-off-by: David Festal <dfestal@redhat.com>
* Add a yaml file to provide the openshift certificate as a secret,
in case it has to be installed into the dedicated Keycloak server.
Then the commands to install Che multiuser on Minishift with this
certificate are:
```
oc new-project che
oc process -f multi/openshift-certificate-secret.yaml -p
CERTIFICATE="$(minishift ssh docker exec origin /bin/cat
./openshift.local.config/master/ca.crt)" | oc apply -f -; \
oc new-app -f multi/postgres-template.yaml; \
oc new-app -f multi/keycloak-template.yaml -p ROUTING_SUFFIX=$(minishift
ip).nip.io; \
oc apply -f pvc/che-server-pvc.yaml; \
oc new-app -f che-server-template.yaml -p ROUTING_SUFFIX=$(minishift
ip).nip.io -p CHE_MULTIUSER=true -p
CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER=openshift-v3; \
oc set volume dc/che --add -m /data --name=che-data-volume
--claim-name=che-data-volume
```
Of course it's still needed to register the `openshift-v3` identity
provider in the Keycloak server, as well as, add the corresponding
`OAuthClient` object in Minihshift.
Signed-off-by: David Festal <dfestal@redhat.com>
* Update OpenShift Origin version to 3.9
* Deploy script uses templates
* Pass args to deploy script
* Remove old scripts and yamls
* Add missing args to ocp.sh help and and help to deploy_che.sh
* Small fixes
* Remove mistakenly added file
* Remove mistakenly added file
* Remove -a in docker ps to get registry container
* Do not pass args but export envs in ocp.sh
* Messed envs a bit
* Delete test service that is used to compute routing suffix
* Remove unnecessary port from Keycloak route
* Fixes
* Fixes
* Typo
* Minor fixes
* Update OpenShift Origin version to 3.9
* Update grep to verify docker registyr container is in running state
* Do not list exited containers when looking for Registry container ID
* Use templates only to deploy Che to OpenShift
* Avoid breaking existing scripts
* Avoid breaking existing scripts
* Fixes
* Cleanup
* Cleanup
* Fixup
* New line and typos
* New line and typos
* Update dc/che. Env variables
* Remove creationtimestamp
* Template cleanup. Update README
* Fix DB URL env
* Add missing keycloak param
* Changes to ocp.sh to use new templates. Fix Keycloak template
* Env support
* Update server yaml. Update ocp.sh
* Configure CHE_IMAGE and CHE_TAG
* Add recycler
* Revern recycler sa
* Using credentials and creating ws in separate namespaces
* Use custom Keycloak image
* Use custom Keycloak image
* Remove use of credentials
Move openshift/k8s deployment files from dockerfiles/init folder
to deploy folder with a better structure because they are not
related to init dockerfile.
Add readme files in each deployment target folder with links to
Che docs where the process of deployment is described.
Remove delivery of deployment files by init image which is
useless.
Remove empty docs files from the repo and init image.
Fix some minor typos and trailing spaces.
Signed-off-by: Oleksandr Garagatyi <ogaragat@redhat.com>
Oleksandr Garagatyi