`specVersion` is now `apiVersion` and is bumped to 1.0.0
`name` is now nested under the new `metadata` element.
Signed-off-by: Lukas Krejci <lkrejci@redhat.com>
Merge api-devfile and api-workspace together and put the infrastructure-dependent code behind injectable interfaces.
Signed-off-by: Lukas Krejci <lkrejci@redhat.com>
validation to require the alias when 2 components are otherwise
indistinguishable by their identifying attributes (like image name of
the dockerimage component).
Signed-off-by: Lukas Krejci <lkrejci@redhat.com>
Trace the prepare storage, deploy, and wait broker result phases of
plugin brokering.
Additionally clean up start tracing code slightly:
- Move span names to a separate file
- Move TracingUtil functionality into TracingTags
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
- Group machine start traces under a separate span
- Move wait running and check servers spans out of start machines span
since the start machine span ends before check servers is complete
- Track wait running async and check servers spans separately
- Add tracing to bootstrap servers
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
When enabled, tracing database calls fills each span with dozens of
hard-to-parse, ~1-100 ms spans. This commit allows enabling database
tracing separately, using the CHE_DB_TRACING_ENABLED environment
variable.
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Fix ZipUtilsWriteTest for Windows, slashes get converted inside
ZipUtils.
Add test for unzipping. This was not explicitely tested.
Signed-off-by: Gerben Oolbekkink <g.j.w.oolbekkink@gmail.com>
defined with the dockerimage recipe.
Note that this only works in kubernetes and openshift environments.
Signed-off-by: Lukas Krejci <lkrejci@redhat.com>
* Provide more informative error message in case of rejection on major websocket endpoint of JSON RPC stack
Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
* Introduced two web-socket endpoints for workspace master to split JSON-RPC messages
Based on Dmytro's Kulieshov work https://github.com/eclipse/che/pull/12252
Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
K8s does the expansion only if it already knows about the variable being
expanded.
This means we have to sort the environment variable list prior to sending
it to k8s in such a way that vars that reference others always follow the
referenced ones.
Signed-off-by: Lukas Krejci <lkrejci@redhat.com>
Provider of "cors.allowed.origins" setting for CORS Filter of WS Agent. Provides the value such algorithm:
1. If set che.wsagent.cors.allowed_origins
2. Server with "ide" attribute in workspace config
3. Server from url of "ide" link in workspace config
4. che.api
Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
* Adding support for @Traced annotation to enable whole method tracing
* Trace the creation and removal of workspace
* Trace the start of async start of the workspace
Note that this does not actually trace the async operations but merely
the "kick off" of those. For tracing the async operations, we need to
introduce support for propagating the span ids over the thread boundaries
using opentracing-concurrent.
* Enable tracing across the thread boundaries by augmenting the
WorkspaceSharedPool threadpool with tracing support.
Note that this does not add any new traces, merely enables the async
tracing.
* Add support for adding tags to @Traced methods.
The interceptor also reports the actual invoked class and method
(cleansed of Guice subclass name garbage)
* Trace the startup of pods during workspace startup.
* Trace stop of a workspace
* Introduce utility methods for tracing parts of methods.
* Trace provisioning of k8s objects (in both Kubernetes and Openshift
infrastructures).
* Create a common set of tags and enable strongly typed tags
* Apply the standard tags instead of hardcoded strings.
* Adding @Beta annotations for the tracing-related classes.
This needs to stabilize first.
* Replacing the "Traces" machinery with just annotated package private methods.
This way the code is easier to ready while we also keep all the flexibility
needed for the tag definitions.
* Rename CheTags to more descriptive TracingTags.
* Evaluate the tag values lazily.
This will reduce the load when tracing is switched off.
* Simplify the machine startup tracing logic and distinguish between
true error and mere cancellation due to prior errors.
* Trivial - applying formatting.
* Use getContext().getEnvironment().getMachines().size() to get the precise
number of machines that will be starting up.
* Trivial - change the name of the machine creation tag
* Use a formatted message instead of string concat.
* Update to the latest parent so that che-core-commons-tracing is correctly
incorporated into the full build.
* Fix tracing of the asynchronous stop of a workspace.
* Don't fall over when tracing is not available.
Allows running Che 7 workspace without any user environment but with Che 7 tooling set.
Workspace without environment has an empty list of environments and null value in `defaultEnv` field.
Field `activeEnv` is supposed to be `null` too.
What is changed:
- Migration of DB
- make defaultEnv nullable
- remove env_name from runtimes primary key
- make env_name in runtimes nullable
- Make code respect the fact that there are workspaces with no env
- settings API that returns the list of supported environment types returns no-environment type that - indicates that infrastructure support workspace with no environment at all.
Signed-off-by: Oleksandr Garagatyi <ogaragat@redhat.com>
- Make Resource memory request configurable for k8s and OpenShift.
- Add alias for backwards compatibility to che.workspace.default_memory_limit_mb.
- set memory request to 512Mb.
- document CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB in che.env.
- Configure helm scripts to allow memory attributes on deployment.
Signed-off-by: Sergey Kuperman <sergey.kuperman@sap.com>
* CHE-10754. Log at the DEBUG level when xml document parsing is quiet
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com>
* Return problem instead of error logging when pom file for reconciling is empty
Signed-off-by: Roman Nikitenko <rnikiten@redhat.com>
Hide the 'From Archetype' input field in the Maven project type wizard if 'Parent' witch contains pom.xml is selected in the import project Wizard due to the maven archetype generation plugin restrictions.
The files are reformatted in order to suit the requirements of coveo maven fmt plug-in of v.2.5.1
Signed-off-by: Victor Rubezhny <vrubezhny@redhat.com>
It is a bug in the Che GWT maven plugin (in the `ProcessExcludesMojo`) that prevents `rh-che` to build correctly against the Che upstream `master` branch.
The fix consists in using the `baseVersion` (i.e. `6.8.0-SNAPSHOT` for example), instead of the precise version (i.e. `6.8.0-20180625.090508-19` for example) when trying to resolve excluded artifacts, since the precise version available in the Maven repositories can be a different between the main artifact and excluded artifacts.
Signed-off-by: David Festal <dfestal@redhat.com>
* CHE-8557: No Dto available for FormattingOptions
The Dto isn't needed for FormattingOptions as it is really a specialized
Map and the types that contain a FormattingOptions field handle
the field as a Map during JSON serialize/deserialize
Signed-off-by: Jonah Graham <jonah@kichwacoders.com>
* CHE-8557: Test cases for Either deserializing
Signed-off-by: Jonah Graham <jonah@kichwacoders.com>
* CHE-8557: Fix Either handling when deserializing on the server
Signed-off-by: Jonah Graham <jonah@kichwacoders.com>
* CHE-8557: Use actual type for Map conversions
The is necessary to ensure handling types which are of type Map are
still instantiated in their real type. Consider
DocumentFormattingParams.setOptions() which takes a FormattingOptions
class.
Signed-off-by: Jonah Graham <jonah@kichwacoders.com>
* CHE-8557: Register LSP4J's Either adapter factory
This is effectively a follow up CHE-3103 which uses Gson directly
to serialize/deserialize Json. To support LSP4J's Either types,
the either type adapter factory is needed.
Signed-off-by: Jonah Graham <jonah@kichwacoders.com>
* load EitherTypeAdapterFactory for registration
Signed-off-by: Valeriy Svydenko <vsvydenk@redhat.com>
Allows to use NULL as a value of JDBC config to simplify usage of
environment variables for JDBC settings in k8s/Openshift
deployment files. NULL is treated as unset variable.
Signed-off-by: Oleksandr Garagatyi <ogaragat@redhat.com>
* Copy the boostrapper config file to POD *installer by installer* to avoid executing a huge command, which in turn tries to send a huge GET request (73kb-long URL).
This long GET request was previously not supported by the fabric8 oso proxy.
See https://github.com/openshiftio/openshift.io/issues/2254 for more
details.
* Make the Kubernetes / Openshift infrastructures multi-tenant-compatible
This includes:
1. Reworking the `KubernetesClientFactory` and `OpenshiftClientFactory`
to:
- share a single `OkHttpClient` that is the basis of all created
Kubernetes or Openshift clients potentially pointing to
different.cluster URL with different authorization tokens
- provide the workspaceId in the `create` methods whenever it's
available (workspace start / stop, idling, etc ...
- have distinct methods for creating the Kubernetes client and the
Openshift client (required since the Openshift client creates connection
leaks on some calls such as exec of POD watch)
This is the implementation of issue
https://github.com/redhat-developer/rh-che/issues/516
2. Adding the `userId` into the SPI `RuntimeIdentity` object. Currently,
only the `userName` is available in this object that gathers information
about the identity attached to a workspace runtime. This change is
required because the `userId` should be accessible from the
`workspaceId` for implementing multi-tenancy and creating workspace
resources in a user-specific location.
This is the implementation of issue
https://github.com/redhat-developer/rh-che/issues/501
* In the Openshift infrastructure, the authentication interceptor should
always convert userName/password-based authentication to
oauth-token-based authentication, even when using the
`KubernetesClient`.
Signed-off-by: David Festal <dfestal@redhat.com>
During code evolution might be the case then someone will want to rename some property. This brings a couple of problems like support of old property name in external plugins and support old configuration values in code with the new property name. To cover these cases there is a file che_aliases.properties that contains old names of all existed properties. It has such format current_name =old_name, very_old_name. In this case will be such binding.
Always current_name = current_value
if old_name property exist it will be binded to old_value, and current_name = old_value and very_old_name = old_value
if very_old_name property exist it will be binded to very_old_value, and current_name = very_old_value and old_name = very_old_value
NOTE: its prohibited to use a different name for same property on the same level. From the example above - you can use environment property CHE_CURRENT_NAME and CHE_OLD_NAME. But you can use it on a different level, for instance, environment property and system property.
Extract default machine memory limit setting from
InternalEnvironmentFactory to recipe specific environment
factories.
Make memory limit attribute optional by respecting it by
resource API subsystem.
Signed-off-by: Oleksandr Garagatyi <ogaragat@redhat.com>
- Workspace projects are now stored in folders, named after their workspace id, rather than name,
to prevent issues with workspace renaming. Applies to Docker infrastructure only.
- Add migration, that would move workspace projects to their new location. Occurs on Che startup.
- Added configuration property to enable/disable this migration.
- Improved Workspace DAO/Manager to use pagination for methods, that return lists of workspaces
Adapted modules to gwt-lib/gwt-app lifecycle;
shared libs have been cleaned up from the GWT related stuff;
enabled launching Super DevMode with a reactor goal gwt:codeserver;
enabled launching Super DevMode inside a dev-machine (for Che in Che development);
separate compiling IDE GWT app from packaging IDE Web app.
Signed-off-by: Artem Zatsarynnyi <azatsary@redhat.com>
Publish port in Docker machines only in case there is a server
in the workspace config that represents the port.
Refactor OpenShift infrastructure code.
Refactor Docker infrastructure code.
Add constant of memory attribute and reuse it everywhere it is
hardcoded.
Add constant for installer environment attribute and reuse it
everywhere it is hardcoded.
Add machine memory attribute validation to workspace validation.
Move provisioning of servers, environment variables from
infrastructure implementations to runtime SPI abstract level.
Signed-off-by: Oleksandr Garagatyi <ogaragat@redhat.com>
* Ping the wsagent URL (possibly external), not the *internal URL*.
* Use `getProperties().getInternalUrl()` when `getUrl()` returns `null`
* Add a new provider for an optional routing suffix for workspaces to be
used in the external URLs of created workspace agents in the
use-cases where a custom server evaluation strategy is used (Openshift,
Traeffik, etc ...).
* Add 2 new macros for the custom server evaluation template which are:
- `user`: the current environment context user if any,
- `workspacesRoutingSuffix`: the suffix returned by the available
`WorspacesRoutingSuffixProvider` if any.
Both values can null, in which case they are not added to the ST
variables, so that it is possible to test on their existence in the
template. For example:
```
<if(workspacesRoutingSuffix)><user>-che.<workspacesRoutingSuffix><else><externalAddress><endif>
```
* Add a new provider to get workspace-related Openshift configuration containing:
- the `io.fabric8.kubernetes.client.Config` object to connect the right
Openshift cluster / namespace in which workspaces will be created
- The name of the namespace in which workspaces are cteated
- A boolean that tell if the workspaces will be created in a different
cluster as the che-server.
These data returned by the subclasses of the new provider can of course
depend on the current user (and this will be the case for multi-tenancy)
* Also support the `application/vnd.api+json` content type in responses
* Now use the new providers to connect to the right clutser / namespace
* Allow the Docker connector to return the API endpoint...
The base `DockerConnector` class returns `null` as the endpoint, thus
keeping the previous behavior.
However the `OpenshiftConnector` implementation now returns the API
endpoint without the need for any environment variable:
Indeed in the case of Openshift, the API endpoint is either based on:
- the internal fully-qualified name of the `che-host` service if
workspaces are to be hosted on the same Openshift cluster,
- the external URL of the `che` route if workspaces may be hosted on a
distinct Openshift cluster.
* If related properties or env variables are void, use the connector to retrieve
the API endpoint.
* Required changes for multi-tenancy in deployment script
* Allow overriding the agent log directories in a clean way so that we don't need
to replace the `XXXWsMasterModule` class only
to override the `run_command` binding.
* Move some local-docker-related configuration into a separate `dynamodule`.
This avoid the need to override the `WsMasterModule` class and comment
these bindings in derived assemblies that use a distinct implementation
or don't need Traeffik (such as for Openshift deployments).
* Return `OpenShiftException` when workspaces namespace cannot be reached
* Add multi-tenancy options to the deploy script
* Add the `CHE_EPHEMERAL` and `CHE_USE_ACME_CERTIFICATE` options
* Fix the name of the used docker image for multi-tenant
Signed-off-by: David Festal <dfestal@redhat.com>
* CHE-6702 Add env variables to machine config
* CHE-6702 Add setting of env variables into OpenShift machines
* CHE-6702 Add setting of env variables into Docker machines
* CHE-6702 Make env field known for stack validator
Some changes are required like
- anyString() --> nullable(String.class) for many tests as in fact we provide null values
- add class for VerificationMode as there are more than one method now (can't use lambdas)
- remove cast on ArgumentMatcher (now we can use lambdas as there is generics)
- remove unecessary stubbing (mockito is now reporting un-needed stubs)
Change-Id: I69c7ccc86bc85a4401d5e33671229ae0ce560dbb
Signed-off-by: Florent BENOIT <fbenoit@redhat.com>
Multi-user Eclipse Che (#6441)
#### How to run it.
```docker run -it -e CHE_MULTIUSER=true -e CHE_HOST=<your ip> -e CHE_KEYCLOAK_AUTH-SERVER-URL=http://<your ip>:5050/auth -v /var/run/docker.sock:/var/run/docker.sock -v ~/.che-multiuser:/data eclipse/che:nightly start --skip:pull --skip:nightly```
#### How to manage it
- Keycloak configured with two realms. ```Master``` and ```che```. Also we have one user admin/admin in both realm. Admin user in master realm is - super admin.
- Eclipse Che configured for che realm
- We enabled user registration in ```Che``` realm
#### Known limitation
- swagger would not work. We need to upgrade a version. to support openid authentification https://github.com/eclipse/che/issues/6015
- It's working on local docker. We are going to provide scalable version based on OpenShift on next versions.
- Invitation of non-existent users to Eclipse Che organization https://github.com/eclipse/che/issues/6335
#### How to run it when it is in a branch
To run an multiuser Che version, the following steps are required after building the branch:
- Rebuild init, cli and che images (in the given sequence). To do that, proceed to folder _dockerfiles/<image_name>_ and run _build.sh_
- Run Che in a usual way using cli, with additional parameters: `-e CHE_MULTIUSER=true` and `--skip:pull --skip:nightly`
Full command example:
`docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /home/user/.che:/data -e CHE_MULTIUSER=true eclipse/che-cli:nightly start --skip:pull --skip:nightly`
- MacOS users may need to edit _che.env_ file in the data folder, changing `CHE_HOST` and `CHE_KEYCLOAK_AUTH__SERVER__URL` values to their specific IP.
When start is succeeded, the following docker containers should be created:
- che, exposing 8080 port;
- che_keycloak, exposing 5050 port;
- che_postgres, exposing 5432 port;
Max Shaposhnik