Update ch.qos.logback dependency version to latest (#687 )

In order to fix the CVE-2023-6378 vulnerability, update ch.qos.logback maven dependency version to 1.5.6
Support raw devfile urls without yaml extension (#683 )
2024-05-27 09:29:31 +03:00 · 2024-05-15 10:13:37 +03:00 · 2024-04-29 08:49:33 +03:00 · 2024-04-26 08:16:38 +03:00 · 2024-04-19 20:33:08 +03:00 · 2024-04-17 14:22:19 +02:00
828 changed files with 19498 additions and 48582 deletions
--- a/.ci/openshift-ci/Dockerfile
+++ b/.ci/openshift-ci/Dockerfile
@ -0,0 +1,29 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+
+# Dockerfile to bootstrap build and test in openshift-ci
+FROM registry.ci.openshift.org/openshift/release:golang-1.18
+# hadolint ignore=DL3002
+USER 0
+
+SHELL ["/bin/bash", "-c"]
+
+# Install yq, kubectl, chectl cli used by olm/olm.sh script.
+# hadolint ignore=DL3041
+# Install yq, kubectl, chectl cli.
+RUN yum install --assumeyes -d1 psmisc python3-pip  httpd-tools nodejs && \
+    pip3 install --upgrade setuptools && \
+    pip3 install yq && \
+    curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
+    chmod +x ./kubectl && \
+    mv ./kubectl /usr/local/bin && \
+    bash <(curl -sL https://che-incubator.github.io/chectl/install.sh) --channel=next
--- a/.ci/openshift-ci/ca.crt
+++ b/.ci/openshift-ci/ca.crt
@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDDBtpbmdy
+ZXNzLW9wZXJhdG9yQDE3MDI5MTczMzkwHhcNMjMxMjE4MTYzNTM4WhcNMjUxMjE3
+MTYzNTM5WjAmMSQwIgYDVQQDDBtpbmdyZXNzLW9wZXJhdG9yQDE3MDI5MTczMzkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDVfcIyqKLYcrmieDOCvAq
+RKFR0PXqjl54DyfhkP7TC/rA4WMaJgYamYNNRcy4rOb+i3P1yepeVlXj+4gka41W
+fh1QghqDGPpQTF7I8SDhnz3qdQymgSSkrxBWOGgJZRG3Gd50CNeh+ADdNlOxzZhJ
+c1HI9/36Zp0M7RHLNwrYzKf/Scrcl3t/Ps4KHKsNtjNygnPSTjGwza5TTTAvGQ+h
+3+c+bKJHZp6VFoEpubmBfCG8x+vJwBNI+YauXwti9EqFutnAbOiQ4aOvqQYINngV
+OQTOg3xnifnooaR2iZPOtxPLUDMydHP9sDVNGLICpnKcFN6x5JKq1fAuwOAMRMQr
+AgMBAAGjRTBDMA4GA1UdDwEB/wQEAwICpDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdDgQWBBRQfZkM6C20GT1YiTiS694vRPP2MDANBgkqhkiG9w0BAQsFAAOCAQEA
+qd9ug2Bo2s3CG0qjNtk19WYYAuwkEMZU9L/FbSfmPkkOTbrZB71ofZbVan8Dx9/W
+SfbkN1eJQNxd7QIDlExKEW2ufJIMCDe6haLHV8x+z3fISHg3wMUCPtadLG/exafy
+agfj8PQgnJ1sbA/fKl0rqcVYuIihZ0DdMe28Yj92BFcs5+TXzVYzjyeIGonUZrCR
+LtW2CxV7Ngue9pkWGsqQSlRwzp3knYfZxeQLneZcGlsSV4r9LOKIAA/MhBGgpwVc
+zrh7L93jajHD1AD0sRdUQp4VVhysXVmMMSAjaLkqHsvSyJp7yKJOmrts6a274qbU
+J1E6cXqtfF0NwRo2D9BouQ==
+-----END CERTIFICATE-----
--- a/.ci/openshift-ci/common.sh
+++ b/.ci/openshift-ci/common.sh
@ -0,0 +1,599 @@
+#!/bin/bash
+#
+# Copyright (c) 2023-2024 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+set -e
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+PR_IMAGE_TAG="pr-${PULL_NUMBER}"
+
+export CHE_NAMESPACE=${CHE_NAMESPACE:-"eclipse-che"}
+export CHE_SERVER_IMAGE=${CHE_SERVER_IMAGE:-"quay.io/eclipse/che-server:${PR_IMAGE_TAG}"}
+export ARTIFACTS_DIR=${ARTIFACT_DIR:-"/tmp/artifacts"}
+export CHE_FORWARDED_PORT="8081"
+export OCP_ADMIN_USER_NAME=${OCP_ADMIN_USER_NAME:-"admin"}
+export OCP_NON_ADMIN_USER_NAME=${OCP_NON_ADMIN_USER_NAME:-"user"}
+export OCP_LOGIN_PASSWORD=${OCP_LOGIN_PASSWORD:-"passw"}
+export ADMIN_CHE_NAMESPACE=${OCP_ADMIN_USER_NAME}"-che"
+export USER_CHE_NAMESPACE=${OCP_NON_ADMIN_USER_NAME}"-che"
+export GIT_PROVIDER_USERNAME=${GIT_PROVIDER_USERNAME:-"chepullreq1"}
+export PUBLIC_REPO_WORKSPACE_NAME=${PUBLIC_REPO_WORKSPACE_NAME:-"public-repo-wksp-testname"}
+export PRIVATE_REPO_WORKSPACE_NAME=${PRIVATE_REPO_WORKSPACE_NAME:-"private-repo-wksp-testname"}
+export PUBLIC_PROJECT_NAME=${PUBLIC_PROJECT_NAME:-"public-repo"}
+export PRIVATE_PROJECT_NAME=${PRIVATE_PROJECT_NAME:-"private-repo"}
+export YAML_FILE_NAME=${YAML_FILE_NAME:-"devfile.yaml"}
+export CUSTOM_CONFIG_MAP_NAME=${CUSTOM_CONFIG_MAP_NAME:-"custom-ca-certificates"}
+export GIT_SSL_CONFIG_MAP_NAME=${GIT_SSL_CONFIG_MAP_NAME:-"che-self-signed-cert"}
+
+provisionOpenShiftOAuthUser() {
+  echo "------- [INFO] Start provisioning Openshift OAuth user -------"
+  htpasswd -c -B -b users.htpasswd ${OCP_ADMIN_USER_NAME} ${OCP_LOGIN_PASSWORD}
+  htpasswd -b users.htpasswd ${OCP_NON_ADMIN_USER_NAME} ${OCP_LOGIN_PASSWORD}
+  oc create secret generic htpass-secret --from-file=htpasswd="users.htpasswd" -n openshift-config
+  oc apply -f ".ci/openshift-ci/htpasswdProvider.yaml"
+  oc adm policy add-cluster-role-to-user cluster-admin ${OCP_ADMIN_USER_NAME}
+
+  echo "------- [INFO] Waiting for htpasswd auth to be working up to 5 minutes -------"
+  CURRENT_TIME=$(date +%s)
+  ENDTIME=$((CURRENT_TIME + 300))
+  while [ "$(date +%s)" -lt $ENDTIME ]; do
+      if oc login -u=${OCP_ADMIN_USER_NAME} -p=${OCP_LOGIN_PASSWORD} --insecure-skip-tls-verify=false; then
+          echo "======= [INFO] OpenShift OAuth htpasswd is configured. =======
+======= [INFO] Login to OCP cluster with admin user credentials is success.======="
+          return 0
+      fi
+      sleep 5
+  done
+
+  echo "####### [ERROR] Error occurred while waiting OpenShift OAuth htpasswd setup. Try to rerun test. #######"
+  exit 1
+}
+
+configureGitSelfSignedCertificate() {
+  echo "------- [INFO] Configure self-signed certificate for Git provider -------"
+  oc adm new-project ${CHE_NAMESPACE}
+  oc project ${CHE_NAMESPACE}
+
+  echo "------- [INFO] Create ConfigMap with the required TLS certificate -------"
+  oc create configmap ${CUSTOM_CONFIG_MAP_NAME} --from-file=.ci/openshift-ci/ca.crt
+  oc label configmap ${CUSTOM_CONFIG_MAP_NAME} app.kubernetes.io/part-of=che.eclipse.org app.kubernetes.io/component=ca-bundle
+
+  echo "------- [INFO] Create ConfigMap to support Git repositories with self-signed certificates -------"
+  oc create configmap ${GIT_SSL_CONFIG_MAP_NAME} --from-file=.ci/openshift-ci/ca.crt --from-literal=githost=${GIT_PROVIDER_URL}
+  oc label configmap ${GIT_SSL_CONFIG_MAP_NAME} app.kubernetes.io/part-of=che.eclipse.org
+
+  echo "======= [INFO] ConfigMaps are configured ======="
+}
+
+createCustomResourcesFile() {
+  echo "------- [INFO] Create custom resourses file -------"
+  cat > custom-resources.yaml <<-END
+apiVersion: org.eclipse.che/v2
+spec:
+  devEnvironments:
+    maxNumberOfRunningWorkspacesPerUser: 10000
+END
+
+  echo "======= [INFO] Generated custom resources file ======="
+  cat custom-resources.yaml
+}
+
+patchCustomResourcesFile() {
+  echo "------- [INFO] Edit the custom resources file to add 'gitTrustedCertsConfigMapName' -------"
+  yq -y '.spec.devEnvironments.trustedCerts += {"gitTrustedCertsConfigMapName": "'${GIT_SSL_CONFIG_MAP_NAME}'"}' custom-resources.yaml -i
+
+  echo "======= [INFO] Patched custom resources file ======="
+  cat custom-resources.yaml
+}
+
+deployChe() {
+  echo "------- [INFO] Start installing Eclipse Che -------"
+  chectl server:deploy --cheimage=$CHE_SERVER_IMAGE \
+                       --che-operator-cr-patch-yaml=custom-resources.yaml \
+                       --platform=openshift \
+                       --telemetry=off \
+                       --batch
+
+  waitFinishDeploymentCheServer
+  echo "======= [INFO] Eclipse Che is successfully installed ======="
+}
+
+waitFinishDeploymentCheServer() {
+          CURRENT_TIME=$(date +%s)
+          ENDTIME=$((CURRENT_TIME + 60))
+
+          while [ "$(date +%s)" -lt $ENDTIME ]; do
+              podCheServerName=$(oc get pod -n ${CHE_NAMESPACE} -l component=che | grep "che" | awk '{ print $1 }')
+              echo "Pod Che_Server: $podCheServerName"
+              count=$(echo "$podCheServerName" | wc -l)
+              if [ $count -eq 1 ]; then
+                  echo "------- [INFO] Only one Che Server pod is left. -------"
+                  return 0
+              fi
+              echo "------- [INFO] Waiting until only one Che Server pod remains. -------"
+              sleep 5
+          done
+
+          echo "####### [ERROR] Error occurred while waiting for only one Che Server pod. #######"
+          exit 1
+}
+
+# this command starts port forwarding between the local machine and the che-host service in the OpenShift cluster.
+forwardPortToService() {
+  echo "------- [INFO] Start forwarding between the local machine and the che-host service -------"
+  oc port-forward service/che-host ${CHE_FORWARDED_PORT}:8080 -n ${CHE_NAMESPACE} &
+  sleep 3s
+}
+
+killProcessByPort() {
+  fuser -k ${CHE_FORWARDED_PORT}/tcp
+}
+
+requestFactoryResolverGitRepoUrl() {
+  GIT_REPO_URL=$1
+  CLUSTER_ACCESS_TOKEN=$(oc whoami -t)
+
+  curl -i -X 'POST' \
+    http://localhost:${CHE_FORWARDED_PORT}/api/factory/resolver \
+    -H 'accept: */*' \
+    -H "Authorization: Bearer ${CLUSTER_ACCESS_TOKEN}" \
+    -H 'Content-Type: application/json' \
+    -d '{
+    "url": "'${GIT_REPO_URL}'"
+  }'
+}
+
+# check that factory resolver returns correct value without any PAT/OAuth setup
+testFactoryResolverNoPatOAuth() {
+  echo "------- [INFO] Check factory resolver for public repository with NO PAT/OAuth setup -------"
+  testFactoryResolverResponse $1 200
+
+  echo "------- [INFO] Check factory resolver for private repository with NO PAT/OAuth setup -------"
+  testFactoryResolverResponse $2 500
+}
+
+# check that raw devfile url factory resolver returns correct value without any PAT/OAuth setup
+testFactoryResolverNoPatOAuthRaw() {
+  echo "------- [INFO] Check factory resolver for public repository with NO PAT/OAuth setup -------"
+  testFactoryResolverResponse $1 200
+
+  echo "------- [INFO] Check factory resolver for private repository with NO PAT/OAuth setup -------"
+  testFactoryResolverResponse $2 400
+}
+
+# check that factory resolver returns correct value with PAT/OAuth setup
+testFactoryResolverWithPatOAuth() {
+  echo "------- [INFO] Check factory resolver for public repository with PAT/OAuth setup -------"
+  testFactoryResolverResponse $1 200
+
+  echo "------- [INFO] Check factory resolver for private repository with PAT/OAuth setup -------"
+  testFactoryResolverResponse $2 200
+}
+
+testFactoryResolverResponse() {
+  URL=$1
+  RESPONSE_CODE=$2
+
+  if [ "$(requestFactoryResolverGitRepoUrl ${URL} | grep "HTTP/1.1 ${RESPONSE_CODE}")" ]; then
+    echo "======= [INFO] Factory resolver returned 'HTTP/1.1 ${RESPONSE_CODE}' status code. Expected client side response. ======="
+  else
+    echo "####### [ERROR] Factory resolver returned wrong status code. Expected: HTTP/1.1 ${RESPONSE_CODE}. #######
+####### Cause possible: PR code regress or service is changed. Need to investigate it. #######"
+    exit 1
+  fi
+}
+
+requestProvisionNamespace() {
+  CLUSTER_ACCESS_TOKEN=$(oc whoami -t)
+
+  curl -i -X 'POST' \
+    http://localhost:${CHE_FORWARDED_PORT}/api/kubernetes/namespace/provision \
+    -H 'accept: application/json' \
+    -H "Authorization: Bearer ${CLUSTER_ACCESS_TOKEN}" \
+    -d ''
+}
+
+initUserNamespace() {
+  OCP_USER_NAME=$1
+
+  echo "------- [INFO] Initialize user namespace -------"
+  oc login -u=${OCP_USER_NAME} -p=${OCP_LOGIN_PASSWORD} --insecure-skip-tls-verify=false
+
+  request_result=$(requestProvisionNamespace) || true
+
+  if [ -z "$request_result" ]; then
+    echo "####### [ERROR] Cause possible: lost connection to pod, this is an infrastructure problem. Try to rerun the test. #######"
+    exit 1
+  elif [ "$(echo "$request_result" | grep "HTTP/1.1 200")" ]; then
+    echo "======= [INFO] Request provision user namespace returned 'HTTP/1.1 200' status code. User namespace is created. ======="
+  else
+    echo "####### [ERROR] Request provision user namespace returned wrong status code. Expected: HTTP/1.1 200. #######
+####### User namespace creation failed. Cause possible: PR code regression or service is changed. Need to investigate. #######"
+    exit 1
+  fi
+}
+
+setupPersonalAccessToken() {
+  GIT_PROVIDER_TYPE=$1
+  GIT_PROVIDER_URL=$2
+  GIT_PROVIDER_PAT=$3
+
+  echo "------- [INFO] Setup Personal Access Token Secret -------"
+  oc project ${USER_CHE_NAMESPACE}
+  CHE_USER_ID=$(oc get secret user-profile -o jsonpath='{.data.id}' | base64 -d)
+  ENCODED_PAT=$(echo -n ${GIT_PROVIDER_PAT} | base64)
+  cat .ci/openshift-ci/pat-secret.yaml > pat-secret.yaml
+
+  # patch the pat-secret.yaml file
+  sed -i "s#che-user-id#${CHE_USER_ID}#g" pat-secret.yaml
+  sed -i "s#git-provider-name#${GIT_PROVIDER_TYPE}#g" pat-secret.yaml
+  sed -i "s#git-provider-url#${GIT_PROVIDER_URL}#g" pat-secret.yaml
+  sed -i "s#encoded-access-token#${ENCODED_PAT}#g" pat-secret.yaml
+
+  if [ "${GIT_PROVIDER_TYPE}" == "azure-devops" ]; then
+    sed -i "s#''#${GIT_PROVIDER_USERNAME}#g" pat-secret.yaml
+  fi
+
+  cat pat-secret.yaml
+
+  oc apply -f pat-secret.yaml -n ${USER_CHE_NAMESPACE}
+  echo "======= [INFO] Personal Access Token is created. ======="
+}
+
+setupSSHKeyPairs() {
+  GIT_PRIVATE_KEY=$1
+  GIT_PUBLIC_KEY=$2
+
+  echo "------- [INFO] Setup SSH Key Pairs Secret "-------
+  oc project ${USER_CHE_NAMESPACE}
+  ENCODED_GIT_PRIVATE_KEY=$(echo "${GIT_PRIVATE_KEY}" | base64 -w 0)
+  ENCODED_GIT_PUBLIC_KEY=$(echo "${GIT_PUBLIC_KEY}" | base64 -w 0)
+  cat .ci/openshift-ci/ssh-secret.yaml > ssh-secret.yaml
+
+  # patch the ssh-secret.yaml file
+  sed -i "s#ssh_private_key#${ENCODED_GIT_PRIVATE_KEY}#g" ssh-secret.yaml
+  sed -i "s#ssh_public_key#${ENCODED_GIT_PUBLIC_KEY}#g" ssh-secret.yaml
+
+  cat ssh-secret.yaml
+
+  oc apply -f ssh-secret.yaml -n ${USER_CHE_NAMESPACE}
+  echo "======= [INFO] SSH Secret is created. ======="
+}
+
+# Only for GitLab server administrator users
+createOAuthApplicationGitLabServer() {
+  ADMIN_ACCESS_TOKEN=$1
+
+  CHE_URL=https://$(oc get route -n ${CHE_NAMESPACE} che -o jsonpath='{.spec.host}')
+
+  echo "------- [INFO] Create OAuth Application -------"
+  response=$(curl -k -X POST \
+    ${GIT_PROVIDER_URL}/api/v4/applications \
+    -H "PRIVATE-TOKEN: ${ADMIN_ACCESS_TOKEN}" \
+    -d "name=${APPLICATION_NAME}" \
+    -d "redirect_uri=${CHE_URL}/api/oauth/callback" \
+    -d "scopes=api write_repository openid")
+
+  echo "------- [INFO] Response of the created OAuth Application -------"
+
+  OAUTH_ID=$(echo "$response" | jq -r '.id')
+  APPLICATION_ID=$(echo "$response" | jq -r '.application_id')
+  APPLICATION_SECRET=$(echo "$response" | jq -r '.secret')
+}
+
+# Only for GitLab server administrator users
+deleteOAuthApplicationGitLabServer() {
+  OAUTH_ID=$1
+  ADMIN_ACCESS_TOKEN=$2
+
+  echo "------- [INFO] Delete OAuth Application -------"
+  curl -i -k -X DELETE \
+    ${GIT_PROVIDER_URL}/api/v4/applications/${OAUTH_ID} \
+    -H "PRIVATE-TOKEN: ${ADMIN_ACCESS_TOKEN}"
+
+  echo "======= [INFO] OAuth Application is deleted ======="
+}
+
+# Only for GitLab server
+revokeAuthorizedOAuthApplication() {
+  APPLICATION_ID=$1
+  APPLICATION_SECRET=$2
+
+  echo "------- [INFO] Revoke authorized OAuth application -------"
+  oc project ${USER_CHE_NAMESPACE}
+  OAUTH_TOKEN_NAME=$(oc get secret | grep 'personal-access-token'| awk 'NR==1 { print $1 }')
+  OAUTH_TOKEN=$(oc get secret $OAUTH_TOKEN_NAME -o jsonpath='{.data.token}' | base64 -d)
+
+  curl -i -k -X POST \
+    ${GIT_PROVIDER_URL}/oauth/revoke \
+    -d "client_id=${APPLICATION_ID}" \
+    -d "client_secret=${APPLICATION_SECRET}" \
+    -d "token=${OAUTH_TOKEN}"
+
+  echo "======= [INFO] Authorized OAuth application is revoked ======="
+}
+
+# Only for GitLab server
+setupOAuthSecret() {
+  APPLICATION_ID=$1
+  APPLICATION_SECRET=$2
+
+  echo "------- [INFO] Setup OAuth Secret -------"
+  oc login -u=${OCP_ADMIN_USER_NAME} -p=${OCP_LOGIN_PASSWORD} --insecure-skip-tls-verify=false
+  oc project ${CHE_NAMESPACE}
+  SERVER_POD=$(oc get pod -l component=che | grep "che" | awk 'NR==1 { print $1 }')
+
+  ENCODED_APP_ID=$(echo -n "${APPLICATION_ID}" | base64 -w 0)
+  ENCODED_APP_SECRET=$(echo -n "${APPLICATION_SECRET}" | base64 -w 0)
+  cat .ci/openshift-ci/oauth-secret.yaml > oauth-secret.yaml
+
+  # patch the oauth-secret.yaml file
+  sed -i "s#git-provider-url#${GIT_PROVIDER_URL}#g" oauth-secret.yaml
+  sed -i "s#encoded-application-id#${ENCODED_APP_ID}#g" oauth-secret.yaml
+  sed -i "s#encoded-application-secret#${ENCODED_APP_SECRET}#g" oauth-secret.yaml
+
+  cat oauth-secret.yaml
+  oc apply -f oauth-secret.yaml -n ${CHE_NAMESPACE}
+
+  echo "------- [INFO] Wait updating deployment after create OAuth secret -------"
+  oc wait --for=delete pod/${SERVER_POD} --timeout=120s
+}
+
+runTestWorkspaceWithGitRepoUrl() {
+  WS_NAME=$1
+  PROJECT_NAME=$2
+  GIT_REPO_URL=$3
+  OCP_USER_NAMESPACE=$4
+
+  oc project ${OCP_USER_NAMESPACE}
+  cat .ci/openshift-ci/devworkspace-test.yaml > devworkspace-test.yaml
+
+  echo "------- [INFO] Preparing 'devworkspace-test.yaml' and run test workspace -------"
+  # patch the devworkspace-test.yaml file
+  sed -i "s#ws-name#${WS_NAME}#g" devworkspace-test.yaml
+  sed -i "s#project-name#${PROJECT_NAME}#g" devworkspace-test.yaml
+  sed -i "s#git-repo-url#${GIT_REPO_URL}#g" devworkspace-test.yaml
+
+  cat devworkspace-test.yaml
+
+  oc apply -f devworkspace-test.yaml -n ${OCP_USER_NAMESPACE}
+  oc wait -n ${OCP_USER_NAMESPACE} --for=condition=Ready dw ${WS_NAME} --timeout=360s
+  echo "======= [INFO] Test workspace is run ======="
+}
+
+testProjectIsCloned() {
+  PROJECT_NAME=$1
+  OCP_USER_NAMESPACE=$2
+
+  WORKSPACE_POD_NAME=$(oc get pods -n ${OCP_USER_NAMESPACE} | grep workspace | awk '{print $1}')
+  if oc exec -it -n ${OCP_USER_NAMESPACE} ${WORKSPACE_POD_NAME} -- test -f /projects/${PROJECT_NAME}/${YAML_FILE_NAME}; then
+    echo "======= [INFO] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} exists. ======="
+  else
+    echo "======= [INFO] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} is absent. ======="
+    return 1
+  fi
+}
+
+testGitCredentialsData() {
+  OCP_USER_NAMESPACE=$1
+  GIT_PROVIDER_PAT=$2
+  GIT_PROVIDER_URL=$3
+
+  echo "------- [INFO] Check the 'git credentials' is in a workspace -------"
+  hostName="${GIT_PROVIDER_URL#https://}"
+
+  if [ "${GIT_PROVIDER_TYPE}" == "azure-devops" ]; then
+    userName="username"
+  else
+    userName=${GIT_PROVIDER_USERNAME}
+  fi
+
+  gitCredentials="https://${userName}:${GIT_PROVIDER_PAT}@${hostName}"
+  WORKSPACE_POD_NAME=$(oc get pods -n ${OCP_USER_NAMESPACE} | grep workspace | awk '{print $1}')
+  if oc exec -it -n ${OCP_USER_NAMESPACE} ${WORKSPACE_POD_NAME} -- cat /.git-credentials/credentials | grep -q ${gitCredentials}; then
+    echo "======= [INFO] Git credentials file '/.git-credentials/credentials' exists and has the expected content. ======="
+  else
+    echo "####### [ERROR] Git credentials file '/.git-credentials/credentials' does not exist or has incorrect content. ######
+###### Cause possible: PR code regress or service is changed. Need to investigate it. #######"
+    exit 1
+  fi
+}
+
+deleteTestWorkspace() {
+  WS_NAME=$1
+  OCP_USER_NAMESPACE=$2
+  echo "------- [INFO] Delete test workspace -------"
+  oc delete dw ${WS_NAME} -n ${OCP_USER_NAMESPACE}
+}
+
+startOAuthFactoryTest() {
+  CHE_URL=https://$(oc get route -n ${CHE_NAMESPACE} che -o jsonpath='{.spec.host}')
+  # patch oauth-factory-test.yaml
+  cat .ci/openshift-ci/pod-oauth-factory-test.yaml > oauth-factory-test.yaml
+  sed -i "s#CHE_URL#${CHE_URL}#g" oauth-factory-test.yaml
+  sed -i "s#CHE-NAMESPACE#${CHE_NAMESPACE}#g" oauth-factory-test.yaml
+  sed -i "s#OCP_USER_NAME#${OCP_NON_ADMIN_USER_NAME}#g" oauth-factory-test.yaml
+  sed -i "s#OCP_USER_PASSWORD#${OCP_LOGIN_PASSWORD}#g" oauth-factory-test.yaml
+  sed -i "s#FACTORY_REPO_URL#${PRIVATE_REPO_URL}#g" oauth-factory-test.yaml
+  sed -i "s#GIT_BRANCH#${GIT_REPO_BRANCH}#g" oauth-factory-test.yaml
+  sed -i "s#GIT_PROVIDER_TYPE#${GIT_PROVIDER_TYPE}#g" oauth-factory-test.yaml
+  sed -i "s#GIT_PROVIDER_USER_NAME#${GIT_PROVIDER_LOGIN}#g" oauth-factory-test.yaml
+  sed -i "s#GIT_PROVIDER_USER_PASSWORD#${GIT_PROVIDER_PASSWORD}#g" oauth-factory-test.yaml
+
+  echo "------- [INFO] Applying the following patched OAuth Factory Test Pod: -------"
+  cat oauth-factory-test.yaml
+  echo "[INFO] --------------------------------------------------"
+  oc apply -f oauth-factory-test.yaml
+  # wait for the pod to start
+  n=0
+  while [ $n -le 120 ]
+  do
+    PHASE=$(oc get pod -n ${CHE_NAMESPACE} ${TEST_POD_NAME} \
+        --template='{{ .status.phase }}')
+    if [[ ${PHASE} == "Running" ]]; then
+      echo "======= [INFO] Factory test started successfully. ======="
+      return
+    fi
+
+    sleep 5
+    n=$(( n+1 ))
+  done
+
+  echo "####### [ERROR] Failed to start Factory test. #######
+###### Cause possible: an infrastructure problem, pod could not start, try to rerun the test. #######"
+  exit 1
+}
+
+startSmokeTest() {
+  CHE_URL=https://$(oc get route -n ${CHE_NAMESPACE} che -o jsonpath='{.spec.host}')
+  # patch che-smoke-test.yaml
+  cat .ci/openshift-ci/pod-che-smoke-test.yaml > che-smoke-test.yaml
+  sed -i "s#CHE_URL#${CHE_URL}#g" che-smoke-test.yaml
+  sed -i "s#CHE-NAMESPACE#${CHE_NAMESPACE}#g" che-smoke-test.yaml
+  sed -i "s#OCP_USER_NAME#${OCP_NON_ADMIN_USER_NAME}#g" che-smoke-test.yaml
+  sed -i "s#OCP_USER_PASSWORD#${OCP_LOGIN_PASSWORD}#g" che-smoke-test.yaml
+
+  echo "------- [INFO] Applying the following patched Smoke Test Pod: -------"
+  cat che-smoke-test.yaml
+  echo "[INFO] --------------------------------------------------"
+  oc apply -f che-smoke-test.yaml
+  # wait for the pod to start
+  n=0
+  while [ $n -le 120 ]
+  do
+    PHASE=$(oc get pod -n ${CHE_NAMESPACE} ${TEST_POD_NAME} \
+        --template='{{ .status.phase }}')
+    if [[ ${PHASE} == "Running" ]]; then
+      echo "======= [INFO] Smoke test started successfully. ======="
+      return
+    fi
+
+    sleep 5
+    n=$(( n+1 ))
+  done
+
+  echo "####### [ERROR] Failed to start Smoke test. #######
+####### Cause possible: an infrastructure problem, pod could not start, try to rerun the test. #######"
+  exit 1
+}
+
+# Catch the finish of the job and write logs in artifacts.
+catchFinish() {
+  local RESULT=$?
+  if [ "$RESULT" != "0" ]; then
+    set +e
+    collectEclipseCheLogs
+    set -e
+  fi
+
+  echo "------- [INFO] Terminate the process after finish the test script. -------"
+  set +e
+  killProcessByPort
+  set -e
+
+  [[ "${RESULT}" != "0" ]] && echo "####### [ERROR] Job failed. #######" || echo "####### [INFO] Job completed successfully. #######"
+  exit $RESULT
+}
+
+collectEclipseCheLogs() {
+  mkdir -p ${ARTIFACTS_DIR}/che-logs
+
+  # Collect all Eclipse Che logs and cluster CR
+  oc login -u=${OCP_ADMIN_USER_NAME} -p=${OCP_LOGIN_PASSWORD} --insecure-skip-tls-verify=false
+  oc get checluster -o yaml -n $CHE_NAMESPACE > "${ARTIFACTS_DIR}/che-cluster.yaml"
+  chectl server:logs -n $CHE_NAMESPACE --directory ${ARTIFACTS_DIR}/che-logs --telemetry off
+}
+
+collectLogs() {
+  echo "------- [INFO] Waiting until test pod finished. -------"
+  oc logs -n ${CHE_NAMESPACE} ${TEST_POD_NAME} -c test -f
+  sleep 3
+
+  # Download artifacts
+  set +e
+  echo -------" [INFO] Collect all Eclipse Che logs and cluster CR. -------"
+  collectEclipseCheLogs
+
+  echo "------- [INFO] Downloading test report. -------"
+  mkdir -p ${ARTIFACTS_DIR}/e2e
+  oc rsync -n ${CHE_NAMESPACE} ${TEST_POD_NAME}:/tmp/e2e/report/ ${ARTIFACTS_DIR}/e2e -c download-reports
+  oc exec -n ${CHE_NAMESPACE} ${TEST_POD_NAME} -c download-reports -- touch /tmp/done
+
+  # Revoke and delete the OAuth application
+  if [[ ${TEST_POD_NAME} == "oauth-factory-test" ]]; then
+    revokeAuthorizedOAuthApplication ${APPLICATION_ID} ${APPLICATION_SECRET}
+    deleteOAuthApplicationGitLabServer ${OAUTH_ID} ${ADMIN_ACCESS_TOKEN}
+  fi
+
+  set -e
+
+  EXIT_CODE=$(oc logs -n ${CHE_NAMESPACE} ${TEST_POD_NAME} -c test | grep EXIT_CODE)
+  if [[ ${EXIT_CODE} != "+ EXIT_CODE=0" ]]; then
+    echo "####### [ERROR] GUI test failed. Job failed. #######
+###### Cause possible: PR code regress or service is changed. Need to investigate it. #######"
+    exit 1
+  fi
+  echo "======= [INFO] Job completed successfully. ======="
+}
+
+testCloneGitRepoNoProjectExists() {
+    WS_NAME=$1
+    PROJECT_NAME=$2
+    GIT_REPO_URL=$3
+    OCP_USER_NAMESPACE=$4
+
+    runTestWorkspaceWithGitRepoUrl ${WS_NAME} ${PROJECT_NAME} ${GIT_REPO_URL} ${OCP_USER_NAMESPACE}
+    echo "------- [INFO] Check the private repository is NOT cloned with NO PAT/OAuth setup. -------"
+    testProjectIsCloned ${PROJECT_NAME} ${OCP_USER_NAMESPACE} && \
+    { echo "####### [ERROR] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} should NOT be present. #######
+####### Cause possible: PR code regress or service is changed. Need to investigate it. #######" && exit 1; }
+    echo "======= [INFO] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} is NOT present. This is EXPECTED. ======="
+}
+
+# Test that the repository is cloned when PAT, OAuth or SSH is configured
+testCloneGitRepoProjectShouldExists() {
+  WS_NAME=$1
+  PROJECT_NAME=$2
+  GIT_REPO_URL=$3
+  OCP_USER_NAMESPACE=$4
+
+  runTestWorkspaceWithGitRepoUrl ${WS_NAME} ${PROJECT_NAME} ${GIT_REPO_URL} ${OCP_USER_NAMESPACE}
+  echo "------- [INFO] Check the repository is cloned. -------"
+  testProjectIsCloned ${PROJECT_NAME} ${OCP_USER_NAMESPACE} || \
+  { echo "####### [ERROR] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} should be present. #######
+###### Cause possible: PR code regress or service is changed. Need to investigate it. #######" && exit 1; }
+}
+
+setupTestEnvironment() {
+  OCP_USER_NAME=$1
+
+  provisionOpenShiftOAuthUser
+  createCustomResourcesFile
+  deployChe
+  forwardPortToService
+  initUserNamespace ${OCP_USER_NAME}
+}
+
+setupTestEnvironmentOAuthFlow() {
+  ADMIN_ACCESS_TOKEN=$1
+  APPLICATION_ID=$2
+  APPLICATION_SECRET=$3
+
+  provisionOpenShiftOAuthUser
+  configureGitSelfSignedCertificate
+  createCustomResourcesFile
+  patchCustomResourcesFile
+  deployChe
+  createOAuthApplicationGitLabServer ${ADMIN_ACCESS_TOKEN} ${APPLICATION_NAME}
+  setupOAuthSecret ${APPLICATION_ID} ${APPLICATION_SECRET}
+}
--- a/.ci/openshift-ci/devworkspace-test.yaml
+++ b/.ci/openshift-ci/devworkspace-test.yaml
@ -0,0 +1,22 @@
+kind: DevWorkspace
+apiVersion: workspace.devfile.io/v1alpha2
+metadata:
+  name: ws-name
+spec:
+  started: true
+  routingClass: che
+  template:
+    projects:
+      - name: project-name
+        git:
+          remotes:
+            origin: git-repo-url
+  contributions:
+    - name: che-code
+      uri: https://eclipse-che.github.io/che-plugin-registry/main/v3/plugins/che-incubator/che-code/latest/devfile.yaml
+      components:
+        - name: che-code-runtime-description
+          container:
+            env:
+              - name: CODE_HOST
+                value: 0.0.0.0
--- a/.ci/openshift-ci/htpasswdProvider.yaml
+++ b/.ci/openshift-ci/htpasswdProvider.yaml
@ -0,0 +1,12 @@
+apiVersion: config.openshift.io/v1
+kind: OAuth
+metadata:
+  name: cluster
+spec:
+  identityProviders:
+    - name: htpasswd
+      mappingMethod: claim
+      type: HTPasswd
+      htpasswd:
+        fileData:
+          name: htpass-secret
--- a/.ci/openshift-ci/oauth-secret.yaml
+++ b/.ci/openshift-ci/oauth-secret.yaml
@ -0,0 +1,15 @@
+kind: Secret
+apiVersion: v1
+metadata:
+  name: gitlab-oauth-secret
+  namespace: eclipse-che
+  labels:
+    app.kubernetes.io/part-of: che.eclipse.org
+    app.kubernetes.io/component: oauth-scm-configuration
+  annotations:
+    che.eclipse.org/oauth-scm-server: gitlab
+    che.eclipse.org/scm-server-endpoint: git-provider-url
+type: Opaque
+data:
+  id: encoded-application-id
+  secret: encoded-application-secret
--- a/.ci/openshift-ci/pat-secret.yaml
+++ b/.ci/openshift-ci/pat-secret.yaml
@ -0,0 +1,15 @@
+kind: Secret
+apiVersion: v1
+metadata:
+  name: personal-access-token
+  labels:
+    app.kubernetes.io/component: scm-personal-access-token
+    app.kubernetes.io/part-of: che.eclipse.org
+  annotations:
+    che.eclipse.org/che-userid: che-user-id
+    che.eclipse.org/scm-personal-access-token-name: git-provider-name
+    che.eclipse.org/scm-url: git-provider-url
+    che.eclipse.org/scm-organization: ''
+data:
+  token: encoded-access-token
+type: Opaque
--- a/.ci/openshift-ci/pod-che-smoke-test.yaml
+++ b/.ci/openshift-ci/pod-che-smoke-test.yaml
@ -0,0 +1,77 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: che-smoke-test
+  namespace: CHE-NAMESPACE
+spec:
+  volumes:
+    - name: test-run-results
+    - name: ffmpeg-video
+    - name: dshm
+      emptyDir:
+        medium: Memory
+  containers:
+    # container containing the tests
+    - name: test
+      image: quay.io/eclipse/che-e2e:next
+      imagePullPolicy: Always
+      env:
+        - name: VIDEO_RECORDING
+          value: "true"
+        - name: TEST_SUITE
+          value: "test"
+        - name: TS_SELENIUM_EDITOR
+          value: "che-code"
+        - name: USERSTORY
+          value: "SmokeTest"
+        - name: NODE_TLS_REJECT_UNAUTHORIZED
+          value: "0"
+        - name: TS_SELENIUM_BASE_URL
+          value: "CHE_URL"
+        - name: TS_SELENIUM_LOG_LEVEL
+          value: "TRACE"
+        - name: TS_SELENIUM_OCP_USERNAME
+          value: "OCP_USER_NAME"
+        - name: TS_SELENIUM_OCP_PASSWORD
+          value: "OCP_USER_PASSWORD"
+        - name: TS_SELENIUM_VALUE_OPENSHIFT_OAUTH
+          value: "true"
+        - name: TS_OCP_LOGIN_PAGE_PROVIDER_TITLE
+          value: "htpasswd"
+        - name: DELETE_WORKSPACE_ON_FAILED_TEST
+          value: "true"
+        - name: TS_SELENIUM_START_WORKSPACE_TIMEOUT
+          value: "360000"
+        - name: TS_IDE_LOAD_TIMEOUT
+          value: "40000"
+      volumeMounts:
+        - name: test-run-results
+          mountPath: /tmp/e2e/report/
+        - name: ffmpeg-video
+          mountPath: /tmp/ffmpeg_report/
+        - name: dshm
+          mountPath: /dev/shm
+      resources:
+        requests:
+          memory: "3Gi"
+          cpu: "2"
+        limits:
+          memory: "4Gi"
+          cpu: "2"
+    # Download results
+    - name: download-reports
+      image: eeacms/rsync
+      imagePullPolicy: IfNotPresent
+      volumeMounts:
+        - name: test-run-results
+          mountPath: /tmp/e2e/report/
+        - name: ffmpeg-video
+          mountPath: /tmp/ffmpeg_report/
+      resources:
+      command: ["sh"]
+      args:
+        [
+          "-c",
+          "while true; if [[ -f /tmp/done ]]; then exit 0; fi; do sleep 1; done",
+        ]
+  restartPolicy: Never
--- a/.ci/openshift-ci/pod-oauth-factory-test.yaml
+++ b/.ci/openshift-ci/pod-oauth-factory-test.yaml
@ -0,0 +1,89 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: oauth-factory-test
+  namespace: CHE-NAMESPACE
+spec:
+  volumes:
+    - name: test-run-results
+    - name: ffmpeg-video
+    - name: dshm
+      emptyDir:
+        medium: Memory
+  containers:
+    # container containing the tests
+    - name: test
+      image: quay.io/eclipse/che-e2e:next
+      imagePullPolicy: Always
+      env:
+        - name: VIDEO_RECORDING
+          value: "true"
+        - name: TEST_SUITE
+          value: "test"
+        - name: TS_SELENIUM_EDITOR
+          value: "che-code"
+        - name: USERSTORY
+          value: "Factory"
+        - name: NODE_TLS_REJECT_UNAUTHORIZED
+          value: "0"
+        - name: TS_SELENIUM_BASE_URL
+          value: "CHE_URL"
+        - name: TS_SELENIUM_LOG_LEVEL
+          value: "TRACE"
+        - name: TS_SELENIUM_OCP_USERNAME
+          value: "OCP_USER_NAME"
+        - name: TS_SELENIUM_OCP_PASSWORD
+          value: "OCP_USER_PASSWORD"
+        - name: TS_SELENIUM_VALUE_OPENSHIFT_OAUTH
+          value: "true"
+        - name: TS_SELENIUM_FACTORY_GIT_REPO_URL
+          value: "FACTORY_REPO_URL"
+        - name: TS_SELENIUM_FACTORY_GIT_REPO_BRANCH
+          value: "GIT_BRANCH"
+        - name: TS_SELENIUM_FACTORY_GIT_PROVIDER
+          value: "GIT_PROVIDER_TYPE"
+        - name: TS_SELENIUM_GIT_PROVIDER_OAUTH
+          value: "true"
+        - name: TS_SELENIUM_GIT_PROVIDER_USERNAME
+          value: "GIT_PROVIDER_USER_NAME"
+        - name: TS_SELENIUM_GIT_PROVIDER_PASSWORD
+          value: "GIT_PROVIDER_USER_PASSWORD"
+        - name: TS_OCP_LOGIN_PAGE_PROVIDER_TITLE
+          value: "htpasswd"
+        - name: DELETE_WORKSPACE_ON_FAILED_TEST
+          value: "true"
+        - name: TS_SELENIUM_START_WORKSPACE_TIMEOUT
+          value: "360000"
+        - name: TS_IDE_LOAD_TIMEOUT
+          value: "40000"
+      volumeMounts:
+        - name: test-run-results
+          mountPath: /tmp/e2e/report/
+        - name: ffmpeg-video
+          mountPath: /tmp/ffmpeg_report/
+        - name: dshm
+          mountPath: /dev/shm
+      resources:
+        requests:
+          memory: "3Gi"
+          cpu: "2"
+        limits:
+          memory: "4Gi"
+          cpu: "2"
+    # Download results
+    - name: download-reports
+      image: eeacms/rsync
+      imagePullPolicy: IfNotPresent
+      volumeMounts:
+        - name: test-run-results
+          mountPath: /tmp/e2e/report/
+        - name: ffmpeg-video
+          mountPath: /tmp/ffmpeg_report/
+      resources:
+      command: ["sh"]
+      args:
+        [
+          "-c",
+          "while true; if [[ -f /tmp/done ]]; then exit 0; fi; do sleep 1; done",
+        ]
+  restartPolicy: Never
--- a/.ci/openshift-ci/ssh-secret.yaml
+++ b/.ci/openshift-ci/ssh-secret.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: git-ssh-key
+  annotations:
+    controller.devfile.io/mount-as: subpath
+    controller.devfile.io/mount-path: /etc/ssh/
+  labels:
+    controller.devfile.io/mount-to-devworkspace: "true"
+    controller.devfile.io/watch-secret: "true"
+type: Opaque
+data:
+  dwo_ssh_key: ssh_private_key
+  dwo_ssh_key.pub: ssh_public_key
+  ssh_config: aG9zdCAqCiAgSWRlbnRpdHlGaWxlIC9ldGMvc3NoL2R3b19zc2hfa2V5CiAgU3RyaWN0SG9zdEtleUNoZWNraW5nID0gbm8K
--- a/.ci/openshift-ci/test-azure-no-pat-oauth-flow-raw-devfile-url.sh
+++ b/.ci/openshift-ci/test-azure-no-pat-oauth-flow-raw-devfile-url.sh
@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://dev.azure.com/chepullreq1/che-pr-public/_apis/git/repositories/public-repo/items?path=/devfile.yaml"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://dev.azure.com/chepullreq1/che-pr-private/_apis/git/repositories/private-repo/items?path=/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverResponse ${PUBLIC_REPO_RAW_PATH_URL} 200
+testFactoryResolverResponse ${PRIVATE_REPO_RAW_PATH_URL} 500
+
+testCloneGitRepoNoProjectExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-azure-no-pat-oauth-flow-ssh-url.sh
+++ b/.ci/openshift-ci/test-azure-no-pat-oauth-flow-ssh-url.sh
@ -0,0 +1,40 @@
+
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@ssh.dev.azure.com:v3/chepullreq1/che-pr-public/public-repo"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@ssh.dev.azure.com:v3/chepullreq1/che-pr-private/private-repo"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${AZURE_PRIVATE_KEY}" "${AZURE_PUBLIC_KEY}"
+testFactoryResolverResponse ${PUBLIC_REPO_SSH_URL} 200
+testFactoryResolverResponse ${PRIVATE_REPO_SSH_URL} 500
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-azure-no-pat-oauth-flow.sh
+++ b/.ci/openshift-ci/test-azure-no-pat-oauth-flow.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://chepullreq1@dev.azure.com/chepullreq1/che-pr-public/_git/public-repo"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://dev.azure.com/chepullreq1/che-pr-private/_git/private-repo"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-azure-with-pat-setup-flow.sh
+++ b/.ci/openshift-ci/test-azure-with-pat-setup-flow.sh
@ -0,0 +1,59 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://chepullreq1@dev.azure.com/chepullreq1/che-pr-public/_git/public-repo"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://dev.azure.com/chepullreq1/che-pr-private/_git/private-repo"}
+export GIT_PROVIDER_TYPE=${GIT_PROVIDER_TYPE:-"azure-devops"}
+export GIT_PROVIDER_URL=${GIT_PROVIDER_URL:-"https://dev.azure.com"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@ssh.dev.azure.com:v3/chepullreq1/che-pr-private/private-repo"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://dev.azure.com/chepullreq1/che-pr-private/_apis/git/repositories/private-repo/items?path=/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupPersonalAccessToken  ${GIT_PROVIDER_TYPE} ${GIT_PROVIDER_URL} ${AZURE_PAT}
+requestProvisionNamespace
+testFactoryResolverWithPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+
+echo "------- [INFO] Check clone public repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${AZURE_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${AZURE_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository by raw devfile URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_RAW_PATH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+setupSSHKeyPairs "${AZURE_PRIVATE_KEY}" "${AZURE_PUBLIC_KEY}"
+
+echo "------- [INFO] Check clone private repository by SSH URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_SSH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-raw-devfile-url.sh
+++ b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-raw-devfile-url.sh
@ -0,0 +1,37 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://bitbucket.org/chepullreq/public-repo/raw/746000bd63a54eaf8ea8aba9dfe6620e5c6c61d7/devfile.yaml"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://bitbucket.org/chepullreq/private-repo/raw/80b183d27c6c533462128b0c092208aad73b2906/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuthRaw ${PUBLIC_REPO_RAW_PATH_URL} ${PRIVATE_REPO_RAW_PATH_URL}
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-ssh-url.sh
+++ b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-ssh-url.sh
@ -0,0 +1,38 @@
+
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@bitbucket.org:chepullreq/public-repo.git"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@bitbucket.org:chepullreq/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${BITBUCKET_PRIVATE_KEY}" "${BITBUCKET_PUBLIC_KEY}"
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_SSH_URL} ${PRIVATE_REPO_SSH_URL}
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow.sh
+++ b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://chepullreq1@bitbucket.org/chepullreq/public-repo.git"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://chepullreq1@bitbucket.org/chepullreq/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-che-smoke-test.sh
+++ b/.ci/openshift-ci/test-che-smoke-test.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+#
+# Copyright (c) 2024  Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export TEST_POD_NAME=${TEST_POD_NAME:-"che-smoke-test"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "collectLogs" EXIT SIGINT
+
+provisionOpenShiftOAuthUser
+createCustomResourcesFile
+deployChe
+startSmokeTest
--- a/.ci/openshift-ci/test-gitea-no-pat-oauth-flow.sh
+++ b/.ci/openshift-ci/test-gitea-no-pat-oauth-flow.sh
@ -0,0 +1,45 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@gitea.com:chepullreq1/public-repo.git"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@gitea.com:chepullreq1/private-repo.git"}
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://gitea.com/chepullreq1/public-repo/raw/branch/main/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${GITEA_PRIVATE_KEY}" "${GITEA_PUBLIC_KEY}"
+
+testFactoryResolverResponse ${PUBLIC_REPO_SSH_URL} 200
+testFactoryResolverResponse ${PRIVATE_REPO_SSH_URL} 200
+testFactoryResolverResponse ${PUBLIC_REPO_RAW_PATH_URL} 200
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoNoProjectExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-gitea-with-pat-setup-flow.sh
+++ b/.ci/openshift-ci/test-gitea-with-pat-setup-flow.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_RAW_PATH_URL:-"https://${GITEA_PAT}@gitea.com/chepullreq1/private-repo/raw/branch/main/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverResponse ${PRIVATE_REPO_RAW_PATH_URL} 200
+
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-github-no-pat-oauth-flow-raw-devfile-url.sh
+++ b/.ci/openshift-ci/test-github-no-pat-oauth-flow-raw-devfile-url.sh
@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://raw.githubusercontent.com/chepullreq1/public-repo/main/devfile.yaml"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://raw.githubusercontent.com/chepullreq1/private-repo/main/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuthRaw ${PUBLIC_REPO_RAW_PATH_URL} ${PRIVATE_REPO_RAW_PATH_URL}
+
+testCloneGitRepoNoProjectExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
--- a/.ci/openshift-ci/test-github-no-pat-oauth-flow-ssh-url.sh
+++ b/.ci/openshift-ci/test-github-no-pat-oauth-flow-ssh-url.sh
@ -0,0 +1,38 @@
+
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@github.com:chepullreq1/public-repo.git"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@github.com:chepullreq1/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${GITHUB_PRIVATE_KEY}" "${GITHUB_PUBLIC_KEY}"
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_SSH_URL} ${PRIVATE_REPO_SSH_URL}
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-github-no-pat-oauth-flow.sh
+++ b/.ci/openshift-ci/test-github-no-pat-oauth-flow.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://github.com/chepullreq1/public-repo.git"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://github.com/chepullreq1/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-github-with-pat-setup-flow.sh
+++ b/.ci/openshift-ci/test-github-with-pat-setup-flow.sh
@ -0,0 +1,59 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://github.com/chepullreq1/public-repo.git"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://github.com/chepullreq1/private-repo.git"}
+export GIT_PROVIDER_TYPE=${GIT_PROVIDER_TYPE:-"github"}
+export GIT_PROVIDER_URL=${GIT_PROVIDER_URL:-"https://github.com"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://raw.githubusercontent.com/chepullreq1/private-repo/main/devfile.yaml"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@github.com:chepullreq1/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupPersonalAccessToken  ${GIT_PROVIDER_TYPE} ${GIT_PROVIDER_URL} ${GITHUB_PAT}
+requestProvisionNamespace
+testFactoryResolverWithPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+
+echo "------- [INFO] Check clone public repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${GITHUB_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${GITHUB_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository by raw devfile URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_RAW_PATH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+setupSSHKeyPairs "${GITHUB_PRIVATE_KEY}" "${GITHUB_PUBLIC_KEY}"
+
+echo "------- [INFO] Check clone private repository by SSH URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_SSH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow-raw-devfile-url.sh
+++ b/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow-raw-devfile-url.sh
@ -0,0 +1,37 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://gitlab.com/chepullreq1/public-repo/-/raw/main/devfile.yaml"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://gitlab.com/chepullreq1/private-repo/-/raw/main/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuthRaw ${PUBLIC_REPO_RAW_PATH_URL} ${PRIVATE_REPO_RAW_PATH_URL}
+
+testCloneGitRepoNoProjectExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow-ssh-url.sh
+++ b/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow-ssh-url.sh
@ -0,0 +1,39 @@
+
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@gitlab.com:chepullreq1/public-repo.git"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@gitlab.com:chepullreq1/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${GITLAB_PRIVATE_KEY}" "${GITLAB_PUBLIC_KEY}"
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_SSH_URL} ${PRIVATE_REPO_SSH_URL}
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow.sh
+++ b/.ci/openshift-ci/test-gitlab-no-pat-oauth-flow.sh
@ -0,0 +1,35 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://gitlab.com/chepullreq1/public-repo.git"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://gitlab.com/chepullreq1/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+testCloneGitRepoNoProjectExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/openshift-ci/test-gitlab-with-oauth-setup-flow.sh
+++ b/.ci/openshift-ci/test-gitlab-with-oauth-setup-flow.sh
@ -0,0 +1,39 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export TEST_POD_NAME=${TEST_POD_NAME:-"oauth-factory-test"}
+export GIT_PROVIDER_TYPE=${GIT_PROVIDER_TYPE:-"gitlab"}
+export GIT_PROVIDER_URL=${GIT_PROVIDER_URL:-"https://gitlab-gitlab-system.apps.git.crw-qe.com"}
+export GIT_PROVIDER_LOGIN=${GIT_PROVIDER_LOGIN:-"admin-user"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://gitlab-gitlab-system.apps.git.crw-qe.com/admin-user/private-repo.git"}
+export GIT_REPO_BRANCH=${PRIVATE_REPO_BRANCH:-"main"}
+export APPLICATION_NAME=${APPLICATION_NAME:-"TestApp"}
+export OAUTH_ID=""
+export APPLICATION_ID=""
+export APPLICATION_SECRET=""
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "collectLogs" EXIT SIGINT
+
+setupTestEnvironmentOAuthFlow ${ADMIN_ACCESS_TOKEN} ${APPLICATION_NAME} ${APPLICATION_ID} ${APPLICATION_SECRET}
+startOAuthFactoryTest
--- a/.ci/openshift-ci/test-gitlab-with-pat-setup-flow.sh
+++ b/.ci/openshift-ci/test-gitlab-with-pat-setup-flow.sh
@ -0,0 +1,59 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+echo "======= [INFO] OpenShift CI infrastructure is ready. Running test. ======="
+
+export PUBLIC_REPO_URL=${PUBLIC_REPO_URL:-"https://gitlab.com/chepullreq1/public-repo.git"}
+export PRIVATE_REPO_URL=${PRIVATE_REPO_URL:-"https://gitlab.com/chepullreq1/private-repo.git"}
+export GIT_PROVIDER_TYPE=${GIT_PROVIDER_TYPE:-"gitlab"}
+export GIT_PROVIDER_URL=${GIT_PROVIDER_URL:-"https://gitlab.com"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@gitlab.com:chepullreq1/private-repo.git"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://gitlab.com/chepullreq1/private-repo/-/raw/main/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupPersonalAccessToken  ${GIT_PROVIDER_TYPE} ${GIT_PROVIDER_URL} ${GITLAB_PAT}
+requestProvisionNamespace
+testFactoryResolverWithPatOAuth ${PUBLIC_REPO_URL} ${PRIVATE_REPO_URL}
+
+echo "------- [INFO] Check clone public repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${GITLAB_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PUBLIC_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository with PAT setup -------"
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_URL} ${USER_CHE_NAMESPACE}
+testGitCredentialsData ${USER_CHE_NAMESPACE} ${GITLAB_PAT} ${GIT_PROVIDER_URL}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+echo "------- [INFO] Check clone private repository by raw devfile URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_RAW_PATH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
+
+setupSSHKeyPairs "${GITLAB_PRIVATE_KEY}" "${GITLAB_PUBLIC_KEY}"
+
+echo "------- [INFO] Check clone private repository by SSH URL with PAT setup -------"
+testFactoryResolverResponse ${PRIVATE_REPO_SSH_URL} 200
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+deleteTestWorkspace ${PRIVATE_REPO_WORKSPACE_NAME} ${USER_CHE_NAMESPACE}
--- a/.ci/set_tag_version_images.sh
+++ b/.ci/set_tag_version_images.sh
@ -1,20 +0,0 @@
-#!/bin/bash
-# Copyright (c) 2017-2021 Red Hat, Inc.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Eclipse Public License v1.0
-# which accompanies this distribution, and is available at
-# http://www.eclipse.org/legal/epl-v10.html
-
-sed_in_place() {
-    SHORT_UNAME=$(uname -s)
-  if [ "$(uname)" == "Darwin" ]; then
-    sed -i '' "$@"
-  elif [ "${SHORT_UNAME:0:5}" == "Linux" ]; then
-    sed -i "$@"
-  fi
-}
-
-# only use /latest plugins so updates are smoother (old plugins are deleted from registries with each new release)
-plugin_version="latest"
-sed_in_place -r -e "s#che.factory.default_editor=eclipse/che-theia/.*#che.factory.default_editor=eclipse/che-theia/$plugin_version#g" ../assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
-sed_in_place -r -e "s#che.workspace.devfile.default_editor=eclipse/che-theia/.*#che.workspace.devfile.default_editor=eclipse/che-theia/$plugin_version#g" ../assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1,41 +1,8 @@
 # Global Owners
-* @nickboldt @sparkoo
+* @SDawley @ibuziuk @vinokurig @tolusha

-# dockerfiles
-dockerfiles/** @nickboldt
-
-# assembly
-assembly/** @skabashnyuk @nickboldt
-assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/** @ibuziuk @nickboldt @themr0c @boczkowska @MichalMaler
-
-# core
-core/** @skabashnyuk @nickboldt
-
-# workspace runtime infrastructure implementations
-infrastructures/** @skabashnyuk @amisevsk @metlos @nickboldt
-
-# multiuser che
-multiuser/api/**  @skabashnyuk @nickboldt
-multiuser/integration-tests/**  @mshaposhnik @skabashnyuk @nickboldt
-multiuser/keycloak/**  @mshaposhnik @nickboldt
-multiuser/machine-auth/**  @mshaposhnik @nickboldt
-multiuser/permission/**  @skabashnyuk @nickboldt
-multiuser/personal-account/**  @skabashnyuk @nickboldt
-multiuser/sql-schema/**  @mshaposhnik @nickboldt
-
-# wsmaster
-wsmaster/** @skabashnyuk @nickboldt
-wsmaster/che-core-api-factory/** @mshaposhnik @nickboldt
-wsmaster/che-core-api-factory-shared/**   @mshaposhnik @nickboldt
-wsmaster/che-core-api-workspace-activity/**   @mshaposhnik @nickboldt
-wsmaster/che-core-api-workspace/**  @skabashnyuk @mshaposhnik @metlos @nickboldt
+# che.properties file is quasi-documentation, so in future we might grant access to this 
+# assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/** @osslate 

 # deploy
-deploy/** @tolusha @nickboldt
-deploy/openshift/templates/monitoring/** @skabashnyuk @metlos @nickboldt
-
-# e2e tests
-tests/e2e/**  @musienko-maxim @Ohrimenko1988 @rhopp @nickboldt @Katka92 @ScrewTSW
-
-# e2e tests infra
-tests/.infra/centos-ci/** @musienko-maxim @rhopp @nickboldt
+deploy/** @tolusha @dkwon17
--- a/.github/workflows/build-pr-check.yml
+++ b/.github/workflows/build-pr-check.yml
@ -11,20 +11,43 @@ name: build-pr-check

 on: [push, pull_request]

+env:
+  PR_IMAGE_TAG: pr-${{ github.event.pull_request.number }}
+
 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
    - name: Check all properties have description
      run: ./check_properties_description.sh
    - name: Set up JDK 11
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v3
      with:
        distribution: 'temurin'
-        java-version: '11.0.14'
+        java-version: '11'
        cache: 'maven'
+    - name: Login to docker.io
+      if: github.event_name == 'pull_request'
+      uses: redhat-actions/podman-login@v1
+      with:
+        username: ${{ secrets.DOCKERHUB_USERNAME }}
+        password: ${{ secrets.DOCKERHUB_PASSWORD }}
+        registry: docker.io
+    - name: Login to quay.io
+      if: github.event_name == 'pull_request'
+      uses: redhat-actions/podman-login@v1
+      with:
+        username: ${{ secrets.QUAY_USERNAME }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+        registry: quay.io
    - name: Build with Maven
      run: mvn -B clean install -U -Pintegration
+    - name: Build images
+      if: github.event_name == 'pull_request'
+      run: ./build/build.sh --tag:${{ env.PR_IMAGE_TAG }}
+    - name: Push images
+      if: github.event_name == 'pull_request'
+      run: podman push quay.io/eclipse/che-server:${{ env.PR_IMAGE_TAG }}
--- a/.github/workflows/che-properties-docs-update.yml
+++ b/.github/workflows/che-properties-docs-update.yml
@ -21,7 +21,7 @@ on:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
    - name: Execute workflow in Che Docs
      id: build
--- a/.github/workflows/next-build.yml
+++ b/.github/workflows/next-build.yml
@ -17,50 +17,40 @@ on:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
    - name: Set up JDK 11
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v3
      with:
        distribution: 'temurin'
-        java-version: '11.0.14'
+        java-version: '11'
        cache: 'maven'
    - name: Login to docker.io
-      uses: docker/login-action@v1
+      uses: redhat-actions/podman-login@v1
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_PASSWORD }}
        registry: docker.io
    - name: Login to quay.io
-      uses: docker/login-action@v1
+      uses: redhat-actions/podman-login@v1
      with:
        username: ${{ secrets.QUAY_USERNAME }}
        password: ${{ secrets.QUAY_PASSWORD }}
        registry: quay.io
    - name: Build with Maven
      run: mvn -B clean install -U -Pintegration
-    - name: Build docker images
+    - name: Build images
      id: build
      run: |
-          SHORT_SHA1=$(git rev-parse --short HEAD)
-          echo ::set-output name=short_sha1::${SHORT_SHA1}
-          ./dockerfiles/build.sh --tag:next --sha-tag
+          echo "short_sha1=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+          ./build/build.sh --tag:next --sha-tag
    - name: Push docker images
      run: |
-        docker push quay.io/eclipse/che-endpoint-watcher:next
-        docker push quay.io/eclipse/che-endpoint-watcher:${{ steps.build.outputs.short_sha1 }}
-
-        docker push quay.io/eclipse/che-keycloak:next
-        docker push quay.io/eclipse/che-keycloak:${{ steps.build.outputs.short_sha1 }}
-
-        docker push quay.io/eclipse/che-postgres:next
-        docker push quay.io/eclipse/che-postgres:${{ steps.build.outputs.short_sha1 }}
-
-        docker push quay.io/eclipse/che-server:next
-        docker push quay.io/eclipse/che-server:${{ steps.build.outputs.short_sha1 }}
+        podman push quay.io/eclipse/che-server:next
+        podman push quay.io/eclipse/che-server:${{ steps.build.outputs.short_sha1 }}
    - name: Create failure MM message
      if: ${{ failure() }}
      run: |
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2020 Red Hat, Inc.
+# Copyright (c) 2020-2023 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
@ -43,13 +43,13 @@ on:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
        with: 
          path: che-server
          fetch-depth: 0
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
        if: ${{ github.event.inputs.releaseParent == 'true' }}
        with:
          repository: eclipse/che-parent
@ -63,36 +63,35 @@ jobs:
            exit 1
          fi
      - name: Login to docker.io
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
          registry: docker.io
      - name: Login to quay.io
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.QUAY_USERNAME }}
          password: ${{ secrets.QUAY_PASSWORD }}
          registry: quay.io
-      - name: Set up Python 3.6
-        uses: actions/setup-python@v2
+      - name: Set up Python 3.9
+        uses: actions/setup-python@v4
        with:
-          python-version: 3.6
+          python-version: 3.9
      - name: Set up JDK 11
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
        with:
          distribution: 'temurin'
-          java-version: '11.0.14'
+          java-version: '11'
          cache: 'maven'
      - name: Set up environment
        run: |
          sudo apt-get update -y || true
          # install more dependencies
-          sudo apt-get -y -q install wget curl bash git 
+          sudo apt-get -y -q install wget curl bash git
          java -version
-
-          # want git >=2.24, hub >=2
-          hub --version # hub reports git version too
+          git --version
+          gh --version

          # want >=5
          bash --version
@ -132,7 +131,7 @@ jobs:
          ./che-server/make-release.sh
      - name: Create GH Release
        id: create_release
-        uses: ncipollo/release-action@v1.8.0
+        uses: ncipollo/release-action@v1
        env:
          GITHUB_TOKEN: ${{ secrets.CHE_BOT_GITHUB_TOKEN }} 
        with:
@ -145,17 +144,17 @@ jobs:
          prerelease: false
          tag: ${{ github.event.inputs.version }}
          token: ${{ secrets.CHE_BOT_GITHUB_TOKEN }}
-      - name: Create failure MM message
-        if: ${{ failure() }}
-        run: |
-          echo "{\"text\":\":no_entry_sign: Che Server ${{ github.event.inputs.version }} release has failed: https://github.com/eclipse-che/che-server/actions/workflows/release.yml\"}" > mattermost.json
-      - name: Create success MM message
-        run: |
-          echo "{\"text\":\":white_check_mark: Che Server ${{ github.event.inputs.version }} has been released: https://quay.io/eclipse/che-server:${{ github.event.inputs.version }}\"}" > mattermost.json
-      - name: Send MM message
-        if: ${{ success() }} || ${{ failure() }}
-        uses: mattermost/action-mattermost-notify@1.1.0
-        env:
-          MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK_URL }}
-          MATTERMOST_CHANNEL: eclipse-che-releases
-          MATTERMOST_USERNAME: che-bot
+      #- name: Create failure MM message
+        #if: ${{ failure() }}
+        #run: |
+          #echo "{\"text\":\":no_entry_sign: Che Server ${{ github.event.inputs.version }} release has failed: https://github.com/eclipse-che/che-server/actions/workflows/release.yml\"}" > mattermost.json
+      #- name: Create success MM message
+        #run: |
+          #echo "{\"text\":\":white_check_mark: Che Server ${{ github.event.inputs.version }} has been released: https://quay.io/eclipse/che-server:${{ github.event.inputs.version }}\"}" > mattermost.json
+      #- name: Send MM message
+        #if: ${{ success() }} || ${{ failure() }}
+        #uses: mattermost/action-mattermost-notify@1.1.0
+        #env:
+          #MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK_URL }}
+          #MATTERMOST_CHANNEL: eclipse-che-releases
+          #MATTERMOST_USERNAME: che-bot
--- a/.github/workflows/sonar.yaml
+++ b/.github/workflows/sonar.yaml
@ -6,19 +6,19 @@ on:
 jobs:
  build:
    name: Sonar
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Set up JDK 11
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v3
        with:
          distribution: 'temurin'
-          java-version: '11.0.14'
+          java-version: '11'
          cache: 'maven'
      - name: Cache SonarCloud packages
-        uses: actions/cache@v1
+        uses: actions/cache@v3
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
--- a/.github/workflows/try-in-web-ide.yaml
+++ b/.github/workflows/try-in-web-ide.yaml
@ -7,7 +7,7 @@ on:

 jobs:
  add-link:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
      - name: Web IDE Pull Request Check
        uses: redhat-actions/try-in-web-ide@v1
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,5 @@
+.repository/
+
 # Eclipse  #
 ###################

@ -11,10 +13,6 @@ test-output/
 maven-eclipse.xml
 .factorypath

-# Theia #
-##################
-.theia/
-
 # Idea #
 ##################
 *.iml
@ -48,8 +46,6 @@ maven-eclipse.xml
 *.war
 *.ear

-
-
 # Logs and databases #
 ######################
 *.log
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@ -0,0 +1,9 @@
+{
+    "recommendations": [
+      "redhat.java",
+      "redhat.fabric8-analytics",
+      "vscjava.vscode-maven",
+      "vscjava.vscode-java-debug",
+      "vscjava.vscode-java-test"
+    ]
+}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,3 @@
+{
+  "java.jdt.ls.vmargs": "-XX:+UseParallelGC -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xmx6G -Xms100m -Xlog:disable"
+}
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -0,0 +1,82 @@
+## Developing with Eclipse Che
+
+This project contains a [devfile v2](https://github.com/eclipse-che/che-server/blob/main/devfile.yaml) located in the project's root directory.
+With this devfile you can perform the following tasks:
+
+- Build project sources with maven.
+- Build a container image.
+- Push your changes to GitHub.
+
+### Starting a Workspace within Eclipse Che
+
+To start a new workspace within Eclipse Che, navigate to the following URL:
+
+```sh
+{CHE-HOST}/#https://github.com/eclipse-che/che-server
+```
+
+### Running Devfile Tasks for Downloading Dependencies and Building the Project
+
+For VS Code, execute tasks defined in the devfile with these steps:
+
+1. Open the command palette (Ctrl/Cmd + Shift + P).
+2. Execute the `Tasks: Run Task` command.
+3. Select the `devfile` folder  and select the `1. Build sources` task to build the project sources with maven.
+4. Follow steps 1 and 2 again, select the `1. Build image` task to build a container image.
+5. In the workspace terminal, tag the **che-server** image with your account: `podman tag quay.io/eclipse/che-server:next <docker registry>/<your account>/che-server:next`.
+6. Push the **che-server** image to your account: `podman push <docker registry>/<your account>/che-server:next`.
+
+# Local build requirements
+- Apache Maven 3.9 or later
+- JDK 11
+- Podman or Docker (required for running integration tests)
+A Che workspace environment allows to build the image internally, using the workspace terminal.
+
+# Start and debug
+1. Deploy Che to a [Red Hat OpenShift](https://www.eclipse.org/che/docs/stable/administration-guide/installing-che-on-openshift-using-cli/) or [Minikube](https://www.eclipse.org/che/docs/stable/administration-guide/installing-che-on-minikube/) cluster by using a previously built image: `chectl server:start --platform=<openshift / minikube> --cheimage=<docker registry>/<your account>/che-server:next`.
+2. Enable local debugging of the Eclipse Che server: `chectl server:debug`.
+3. In your IDE, create a new Remote JVM Debug configuration on `localhost:8000`.
+4. Hit a breakpoint in the code and activate the debug configuration.
+
+# Contributing an SCM provider
+An SCM provider support has to be provided by adding new maven modules to the wsmaster directory.
+
+## Implementing che-core-api-oauth-<SCM provider name> module
+This module is responsible for Oauth requests to the SCM provider and contans next implementations:
+1. `<SCM provider name>OAuthAuthenticator` contains specific implementation of Oauth token requestand authentication endpoint.
+2. `<SCM provider name>OAuthAuthenticatorProvider` a provider of the `OAuthAuthenticator`.
+
+## Implementing coresponding che-core-api-factory-<SCM provider name> module
+This module is responsible for API operations of the specific SCM provider.
+1. `<SCM provider name>ApiClient` contains all necessary HTTP API calls like `getUser()`.
+2. `<SCM provider name>AuthorisingFileContentProvider` overrides the common `AuthorisingFileContentProvider` to define the specific `isPublicRepository()` function.
+3. `<SCM provider name>FactoryParameterResolver` validates SCM URL if it corresponds to the SCM provider. Also Provides specific Factory Parameters resolver for the SCM repository.
+4. `<SCM provider name>PersonalAccessTokenFetcher` fetches Personal Access Token from the SCM provider by reqesting the OAuth API of the provider. Validates the token by comparing the token access scopes with the predefined scope list.
+5. `<SCM provider name>FileResolver` Implementation of a resolver that can return particular file content from specified SCM repository.
+6. `<SCM provider name>URLParser` Parses the string representation of the URL to an SCM specific object
+7. `<SCM provider name>UserDataFetcher` Implementation of a resolver that can return particular file content from specified SCM repository.
+
+# CI
+There are several [GitHub Actions](https://github.com/eclipse-che/che-server/actions) workflows implemented for this repository:
+
+- [![build-next](https://github.com/eclipse-che/che-server/actions/workflows/next-build.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/next-build.yml)  
+Builds Maven artifacts, builds container images and pushes them to [quay.io](https://quay.io/organization/eclipse) on each commit to [`main`](https://github.com/eclipse-che/che-server/tree/main) branch.
+- [![Release Che Server](https://github.com/eclipse-che/che-server/actions/workflows/release.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/release.yml)  
+Builds Maven artifacts and container images. Images are public and pushed to [quay.io](https://quay.io/organization/eclipse). See [RELEASE.md](https://github.com/eclipse-che/che-server/blob/master/RELEASE.md) for more information about this workflow.
+- [![Release Changelog](https://github.com/eclipse-che/che-server/actions/workflows/release-changelog.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/release-changelog.yml)  
+Creates a GitHub release which will include a generated changelog.
+- [![Update Che docs variables](https://github.com/eclipse-che/che-server/actions/workflows/che-properties-docs-update.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/che-properties-docs-update.yml/badge.svg)  
+Runs on each commit to [`main`](https://github.com/eclipse-che/che-server/tree/main) branch.
+- [![build-pr-check](https://github.com/eclipse-che/che-server/actions/workflows/build-pr-check.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/build-pr-check.yml)  
+Builds Maven artifacts and container images. This workflow is used as a check for all pull requests that are submitted to this project.
+- [![Sonar](https://github.com/eclipse-che/che-server/actions/workflows/sonar.yaml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/sonar.yaml)  
+Runs Sonar against the main branch. The result can be seen [here](https://sonarcloud.io/dashboard?id=org.eclipse.che%3Ache-server).
+- [![Try in Web IDE](https://github.com/eclipse-che/che-server/actions/workflows/try-in-web-ide.yaml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/try-in-web-ide.yaml)  
+Used as a check for pull requests that are submitted to this project. 
+
+Downstream builds can be found at the link below, which is _internal to Red Hat_. Stable builds can be found by replacing the 3.x with a specific version like 3.2. 
+
+- [server_3.x](https://main-jenkins-csb-crwqe.apps.ocp-c1.prod.psi.redhat.com/job/DS_CI/job/server_3.x/)
+
+# Report issues
+Issues are tracked on the main Eclipse Che Repository: https://github.com/eclipse/che/issues
--- a/README.md
+++ b/README.md
@ -1,39 +1,29 @@
-[![Next build Status](https://github.com/eclipse-che/che-theia/actions/workflows/next-build.yml/badge.svg)]
-[![Release build Status](https://github.com/eclipse-che/che-theia/actions/workflows/release.yml/badge.svg)]
-
 # What is Che server
-Che Server is a core component of the [Eclipse Che](https://github.com/eclipse/che/). This component is responsible for creation and managing of Che workspaces, but will some day be replaced by the [Dev Workspace Operator](https://github.com/devfile/devworkspace-operator). 
+Che Server provides an API for managing Kubernetes namespaces and to retrieve devfile content from repositories,
+hosted on GitHub, GitLab, Bitbucket and Microsoft Azure Repos.

 # Project structure
-Che Server is mostly a Java web application deployed on a Apache Tomcat server in a container. 
- ['pom.xml'](https://github.com/eclipse-che/che-server/tree/main/pom.xml) The root Maven module, that lists all dependencies and structure. 
- ['assembly'](https://github.com/eclipse-che/che-server/tree/main/assembly) - module for final assemblies of Che web applications
- ['dockerfiles'](https://github.com/eclipse-che/che-server/tree/main/dockerfiles) - directory contains image Dockerfile for Che Server, as well as additional images.
- ['core'](https://github.com/eclipse-che/che-server/tree/main/core) - core and utility modules for Che.
- ['wsmaster'](https://github.com/eclipse-che/che-server/tree/main/wsmaster) - primary modules of the Che Server API.
- ['multiuser'](https://github.com/eclipse-che/che-server/tree/main/multiuser) - modules related to multiuser implementation of Che.
- ['infrastructure'](https://github.com/eclipse-che/che-server/tree/main/infrastructure) - implementations for the underlying infrastructure, on which Che is running (Kubernetes, Openshift, etc.)
- ['deploy'](https://github.com/eclipse-che/che-server/tree/main/deploy) - deployment files for Helm installation.
- ['typescript-dto'](https://github.com/eclipse-che/che-server/tree/main/typescript-dto) module, that provides DTO objects for typescript projects that may depend on Che Server, such as Che Theia.
+Che Server is mostly a Java web application deployed on an Apache Tomcat server in a container. Che Server uses the following modules:     
+### OAuth1 / OAuth2 API implementations
+- wsmaster/che-core-api-auth
+- wsmaster/che-core-api-azure-devops
+- wsmaster/che-core-api-bitbucket
+- wsmaster/che-core-api-github
+- wsmaster/che-core-api-gitlab
+### Factory flow implementations
+- wsmaster/che-core-api-factory-azure-devops
+- wsmaster/che-core-api-factory-bitbucket
+- wsmaster/che-core-api-factory-bitbucket-server
+- wsmaster/che-core-api-factory-github
+- wsmaster/che-core-api-factory-gitlab
+- wsmaster/che-core-api-factory-shared
+### Kubernetes namespace provisioning
+- infrastructures/kubernetes
+- infrastructure/openshift
+- infrastructures/infrastructure-factory

-# Build requirements
- Apache Maven 3.6.3 or Higher
- JDK Version 11
- Podman or Docker (required for running integration tests)
+Other modules are deprecated and will be removed in the future.

-# Build and debug
-Run `mvn clean install` to build 
-Activate a faster profile build by adding `-Pfast`
-To debug, run `mvn clean install -X` and connect your IDE to the debug port
-
-# CI
-There are several [GitHub Actions](https://github.com/eclipse-che/che-server/actions) workflows implemented for this repository:
-
- [`next`](https://github.com/eclipse-che/che-server/actions/workflows/next-build.yml) - builds Maven artifacts, builds container images and pushes them to [quay.io](https://quay.io/organization/eclipse) on each commit to [`main`](https://github.com/eclipse-che/che-server/tree/main) branch.
- [`release`](https://github.com/eclipse-che/che-server/actions/workflows/release.yml) - builds Maven artifacts and container images. Images are public and pushed to [quay.io](https://quay.io/organization/eclipse). See [RELEASE.md](https://github.com/eclipse-che/che-server/blob/master/RELEASE.md) for more information about this workflow.
- [`release-changelog`](https://github.com/eclipse-che/che-server/actions/workflows/release-changelog.yml) - create GitHub release and generate, which will include a generated changelog
- [`build-pr-check`](https://github.com/eclipse-che/che-server/actions/workflows/build-pr-check.yml) - builds Maven artifacts and container images. This workflow is used as a pull request check for all pull requests, that are submitted to this project 
- [`sonar`](https://github.com/eclipse-che/che-server/actions/workflows/sonar.yml) - This check runs Sonar against the main branch. The result can be seen here https://sonarcloud.io/dashboard?id=org.eclipse.che%3Ache-server
 # License

 - [Eclipse Public License 2.0](LICENSE)
@ -41,8 +31,8 @@ There are several [GitHub Actions](https://github.com/eclipse-che/che-server/act
 # Join the community

 The Eclipse Che community is globally reachable through public chat rooms, mailing list and weekly calls.
-See https://www.eclipse.org/che/docs/che-7/overview/introduction-to-eclipse-che/#_joining_the_community
+See the Eclipse Che Documentation about [how you can join our community](https://www.eclipse.org/che/docs/stable/overview/introduction-to-eclipse-che/#_joining_the_community).

-## Report issues
+## Builds

-Issues are tracked on the main Eclipse Che Repository: https://github.com/eclipse/che/issues
+* [![release latest stable](https://github.com/eclipse-che/che-server/actions/workflows/release.yml/badge.svg)](https://github.com/eclipse-che/che-server/actions/workflows/release.yml)
--- a/assembly/assembly-che-tomcat/pom.xml
+++ b/assembly/assembly-che-tomcat/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-assembly-parent</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>assembly-che-tomcat</artifactId>
    <packaging>jar</packaging>
--- a/assembly/assembly-che-tomcat/src/assembly/conf/server.xml
+++ b/assembly/assembly-che-tomcat/src/assembly/conf/server.xml
@ -69,6 +69,7 @@
      <Connector port="${port.http:-8080}" protocol="HTTP/1.1"
                 connectionTimeout="20000"
                 maxThreads="300"
+                 maxHttpHeaderSize="32768"
                 compression="on"
                 compressionMinSize="2048"
                 noCompressionUserAgents=".*MSIE 6.*"
--- a/assembly/assembly-main/pom.xml
+++ b/assembly/assembly-main/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-assembly-parent</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>assembly-main</artifactId>
    <packaging>pom</packaging>
--- a/assembly/assembly-root-war/pom.xml
+++ b/assembly/assembly-root-war/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-assembly-parent</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>assembly-root-war</artifactId>
    <packaging>war</packaging>
--- a/assembly/assembly-swagger-war/pom.xml
+++ b/assembly/assembly-swagger-war/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-assembly-parent</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>assembly-swagger-war</artifactId>
    <packaging>war</packaging>
--- a/assembly/assembly-wsmaster-war/pom.xml
+++ b/assembly/assembly-wsmaster-war/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-assembly-parent</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>assembly-wsmaster-war</artifactId>
    <packaging>war</packaging>
@ -91,18 +91,22 @@
            <groupId>net.logstash.logback</groupId>
            <artifactId>logstash-logback-encoder</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-api-account</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-auth</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-auth-azure-devops</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-auth-bitbucket</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-auth-github</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-auth-gitlab</artifactId>
@ -123,6 +127,10 @@
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-factory</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-factory-azure-devops</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-factory-bitbucket</artifactId>
@ -131,6 +139,10 @@
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-factory-bitbucket-server</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-factory-git-ssh</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-factory-github</artifactId>
@ -143,10 +155,6 @@
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-logger</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-api-metrics</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-api-ssh</artifactId>
@ -183,14 +191,6 @@
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-commons-schedule</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-db</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-db-vendor-postgresql</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.core</groupId>
            <artifactId>che-core-logback</artifactId>
@ -251,18 +251,10 @@
            <groupId>org.eclipse.che.multiuser</groupId>
            <artifactId>che-multiuser-api-authorization-impl</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.multiuser</groupId>
-            <artifactId>che-multiuser-api-organization</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.multiuser</groupId>
            <artifactId>che-multiuser-api-permission</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.multiuser</groupId>
-            <artifactId>che-multiuser-api-resource</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.multiuser</groupId>
            <artifactId>che-multiuser-api-workspace-activity</artifactId>
@ -275,10 +267,6 @@
            <groupId>org.eclipse.che.multiuser</groupId>
            <artifactId>che-multiuser-keycloak-token-provider</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.multiuser</groupId>
-            <artifactId>che-multiuser-keycloak-user-remover</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.eclipse.che.multiuser</groupId>
            <artifactId>che-multiuser-machine-authentication</artifactId>
@ -347,10 +335,6 @@
            <groupId>org.everrest</groupId>
            <artifactId>everrest-integration-guice</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.flywaydb</groupId>
-            <artifactId>flyway-core</artifactId>
-        </dependency>
        <dependency>
            <groupId>org.jgroups</groupId>
            <artifactId>jgroups</artifactId>
@ -467,6 +451,7 @@
                                <dep>org.everrest:everrest-core</dep>
                                <dep>io.jsonwebtoken:jjwt-jackson</dep>
                                <dep>io.jsonwebtoken:jjwt-impl</dep>
+                                <dep>org.eclipse.che.core:che-core-db-vendor-h2</dep>
                            </ignoredUnusedDeclaredDependencies>
                        </configuration>
                    </execution>
--- a/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
+++ b/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2022 Red Hat, Inc.
+ * Copyright (c) 2012-2024 Red Hat, Inc.
 * This program and the accompanying materials are made
 * available under the terms of the Eclipse Public License 2.0
 * which is available at https://www.eclipse.org/legal/epl-2.0/
@ -26,7 +26,6 @@ import io.jsonwebtoken.JwtParser;
 import io.jsonwebtoken.SigningKeyResolver;
 import java.util.HashMap;
 import java.util.Map;
-import javax.sql.DataSource;
 import org.eclipse.che.api.core.notification.RemoteSubscriptionStorage;
 import org.eclipse.che.api.core.rest.CheJsonProvider;
 import org.eclipse.che.api.core.rest.MessageBodyAdapter;
@ -36,17 +35,23 @@ import org.eclipse.che.api.factory.server.FactoryAcceptValidator;
 import org.eclipse.che.api.factory.server.FactoryCreateValidator;
 import org.eclipse.che.api.factory.server.FactoryEditValidator;
 import org.eclipse.che.api.factory.server.FactoryParametersResolver;
+import org.eclipse.che.api.factory.server.RawDevfileUrlFactoryParameterResolver;
 import org.eclipse.che.api.factory.server.ScmFileResolver;
 import org.eclipse.che.api.factory.server.ScmService;
+import org.eclipse.che.api.factory.server.azure.devops.AzureDevOpsFactoryParametersResolver;
+import org.eclipse.che.api.factory.server.azure.devops.AzureDevOpsScmFileResolver;
 import org.eclipse.che.api.factory.server.bitbucket.BitbucketFactoryParametersResolver;
 import org.eclipse.che.api.factory.server.bitbucket.BitbucketScmFileResolver;
 import org.eclipse.che.api.factory.server.bitbucket.BitbucketServerAuthorizingFactoryParametersResolver;
 import org.eclipse.che.api.factory.server.bitbucket.BitbucketServerScmFileResolver;
+import org.eclipse.che.api.factory.server.git.ssh.GitSshFactoryParametersResolver;
+import org.eclipse.che.api.factory.server.git.ssh.GitSshScmFileResolver;
 import org.eclipse.che.api.factory.server.github.GithubFactoryParametersResolver;
+import org.eclipse.che.api.factory.server.github.GithubFactoryParametersResolverSecond;
 import org.eclipse.che.api.factory.server.github.GithubScmFileResolver;
+import org.eclipse.che.api.factory.server.github.GithubScmFileResolverSecond;
 import org.eclipse.che.api.factory.server.gitlab.GitlabFactoryParametersResolver;
 import org.eclipse.che.api.factory.server.gitlab.GitlabScmFileResolver;
-import org.eclipse.che.api.metrics.WsMasterMetricsModule;
 import org.eclipse.che.api.system.server.ServiceTermination;
 import org.eclipse.che.api.system.server.SystemModule;
 import org.eclipse.che.api.user.server.NotImplementedTokenValidator;
@ -74,39 +79,28 @@ import org.eclipse.che.api.workspace.server.spi.provision.env.JavaOptsEnvVariabl
 import org.eclipse.che.api.workspace.server.spi.provision.env.LegacyEnvVarProvider;
 import org.eclipse.che.api.workspace.server.spi.provision.env.MachineTokenEnvVarProvider;
 import org.eclipse.che.api.workspace.server.spi.provision.env.MavenOptsEnvVariableProvider;
-import org.eclipse.che.api.workspace.server.spi.provision.env.ProjectsRootEnvVariableProvider;
 import org.eclipse.che.api.workspace.server.spi.provision.env.WorkspaceIdEnvVarProvider;
 import org.eclipse.che.api.workspace.server.spi.provision.env.WorkspaceNameEnvVarProvider;
 import org.eclipse.che.api.workspace.server.spi.provision.env.WorkspaceNamespaceNameEnvVarProvider;
 import org.eclipse.che.api.workspace.server.wsplugins.ChePluginsApplier;
 import org.eclipse.che.commons.observability.deploy.ExecutorWrapperModule;
-import org.eclipse.che.core.db.DBTermination;
-import org.eclipse.che.core.db.schema.SchemaInitializer;
 import org.eclipse.che.core.tracing.metrics.TracingMetricsModule;
 import org.eclipse.che.inject.DynaModule;
-import org.eclipse.che.multiuser.api.authentication.commons.token.ChainedTokenExtractor;
 import org.eclipse.che.multiuser.api.authentication.commons.token.HeaderRequestTokenExtractor;
 import org.eclipse.che.multiuser.api.authentication.commons.token.RequestTokenExtractor;
-import org.eclipse.che.multiuser.api.permission.server.AdminPermissionInitializer;
 import org.eclipse.che.multiuser.api.permission.server.PermissionChecker;
 import org.eclipse.che.multiuser.api.permission.server.PermissionCheckerImpl;
 import org.eclipse.che.multiuser.api.workspace.activity.MultiUserWorkspaceActivityModule;
-import org.eclipse.che.multiuser.keycloak.server.deploy.KeycloakModule;
-import org.eclipse.che.multiuser.keycloak.server.deploy.KeycloakUserRemoverModule;
 import org.eclipse.che.multiuser.machine.authentication.server.MachineAuthModule;
 import org.eclipse.che.multiuser.oidc.OIDCInfo;
 import org.eclipse.che.multiuser.oidc.OIDCInfoProvider;
 import org.eclipse.che.multiuser.oidc.OIDCJwkProvider;
 import org.eclipse.che.multiuser.oidc.OIDCJwtParserProvider;
 import org.eclipse.che.multiuser.oidc.OIDCSigningKeyResolver;
-import org.eclipse.che.multiuser.organization.api.OrganizationApiModule;
-import org.eclipse.che.multiuser.organization.api.OrganizationJpaModule;
 import org.eclipse.che.multiuser.permission.user.UserServicePermissionsFilter;
-import org.eclipse.che.multiuser.resource.api.ResourceModule;
 import org.eclipse.che.security.PBKDF2PasswordEncryptor;
 import org.eclipse.che.security.PasswordEncryptor;
 import org.eclipse.che.security.oauth.EmbeddedOAuthAPI;
-import org.eclipse.che.security.oauth.GitLabModule;
 import org.eclipse.che.security.oauth.OAuthAPI;
 import org.eclipse.che.security.oauth.OpenShiftOAuthModule;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesClientConfigFactory;
@ -128,7 +122,6 @@ import org.eclipse.che.workspace.infrastructure.openshift.OpenShiftInfrastructur
 import org.eclipse.che.workspace.infrastructure.openshift.environment.OpenShiftEnvironment;
 import org.eclipse.che.workspace.infrastructure.openshift.multiuser.oauth.KeycloakProviderConfigFactory;
 import org.eclipse.persistence.config.PersistenceUnitProperties;
-import org.flywaydb.core.internal.util.PlaceholderReplacer;

 /** @author andrew00x */
@DynaModule
@ -144,18 +137,10 @@ public class WsMasterModule extends AbstractModule {
    }

    // db related components modules
-    install(new org.eclipse.che.account.api.AccountModule());
    install(new org.eclipse.che.api.ssh.server.jpa.SshJpaModule());
    install(new org.eclipse.che.api.core.jsonrpc.impl.JsonRpcModule());
    install(new org.eclipse.che.api.core.websocket.impl.WebSocketModule());

-    // db configuration
-    bind(SchemaInitializer.class)
-        .to(org.eclipse.che.core.db.schema.impl.flyway.FlywaySchemaInitializer.class);
-    bind(org.eclipse.che.core.db.DBInitializer.class).asEagerSingleton();
-    bind(PlaceholderReplacer.class)
-        .toProvider(org.eclipse.che.core.db.schema.impl.flyway.PlaceholderReplacerProvider.class);
-
    // factory
    bind(FactoryAcceptValidator.class)
        .to(org.eclipse.che.api.factory.server.impl.FactoryAcceptValidatorImpl.class);
@ -171,27 +156,40 @@ public class WsMasterModule extends AbstractModule {
    Multibinder<FactoryParametersResolver> factoryParametersResolverMultibinder =
        Multibinder.newSetBinder(binder(), FactoryParametersResolver.class);
    factoryParametersResolverMultibinder.addBinding().to(GithubFactoryParametersResolver.class);
+    factoryParametersResolverMultibinder
+        .addBinding()
+        .to(GithubFactoryParametersResolverSecond.class);
    factoryParametersResolverMultibinder
        .addBinding()
        .to(BitbucketServerAuthorizingFactoryParametersResolver.class);
    factoryParametersResolverMultibinder.addBinding().to(GitlabFactoryParametersResolver.class);
    factoryParametersResolverMultibinder.addBinding().to(BitbucketFactoryParametersResolver.class);
+    factoryParametersResolverMultibinder
+        .addBinding()
+        .to(AzureDevOpsFactoryParametersResolver.class);
+    factoryParametersResolverMultibinder
+        .addBinding()
+        .to(RawDevfileUrlFactoryParameterResolver.class);
+    factoryParametersResolverMultibinder.addBinding().to(GitSshFactoryParametersResolver.class);

    Multibinder<ScmFileResolver> scmFileResolverResolverMultibinder =
        Multibinder.newSetBinder(binder(), ScmFileResolver.class);
    scmFileResolverResolverMultibinder.addBinding().to(GithubScmFileResolver.class);
+    scmFileResolverResolverMultibinder.addBinding().to(GithubScmFileResolverSecond.class);
    scmFileResolverResolverMultibinder.addBinding().to(BitbucketScmFileResolver.class);
    scmFileResolverResolverMultibinder.addBinding().to(GitlabScmFileResolver.class);
    scmFileResolverResolverMultibinder.addBinding().to(BitbucketServerScmFileResolver.class);
+    scmFileResolverResolverMultibinder.addBinding().to(AzureDevOpsScmFileResolver.class);
+    scmFileResolverResolverMultibinder.addBinding().to(GitSshScmFileResolver.class);

    install(new org.eclipse.che.api.factory.server.scm.KubernetesScmModule());
    install(new org.eclipse.che.api.factory.server.bitbucket.BitbucketServerModule());
    install(new org.eclipse.che.api.factory.server.gitlab.GitlabModule());
    install(new org.eclipse.che.api.factory.server.github.GithubModule());
    install(new org.eclipse.che.api.factory.server.bitbucket.BitbucketModule());
+    install(new org.eclipse.che.api.factory.server.azure.devops.AzureDevOpsModule());

    bind(org.eclipse.che.api.core.rest.ApiInfoService.class);
-    bind(org.eclipse.che.api.ssh.server.SshService.class);
    bind(org.eclipse.che.api.user.server.UserService.class);
    bind(org.eclipse.che.api.user.server.ProfileService.class);
    bind(org.eclipse.che.api.user.server.PreferencesService.class);
@ -201,10 +199,9 @@ public class WsMasterModule extends AbstractModule {
    install(new DevfileModule());

    bind(WorkspaceEntityProvider.class);
-    bind(org.eclipse.che.api.workspace.server.TemporaryWorkspaceRemover.class);
    bind(org.eclipse.che.api.workspace.server.WorkspaceService.class);
-    bind(org.eclipse.che.api.devfile.server.DevfileService.class);
    bind(org.eclipse.che.api.devfile.server.UserDevfileEntityProvider.class);
+
    install(new FactoryModuleBuilder().build(ServersCheckerFactory.class));

    Multibinder<InternalEnvironmentProvisioner> internalEnvironmentProvisioners =
@ -221,7 +218,6 @@ public class WsMasterModule extends AbstractModule {
    envVarProviders.addBinding().to(WorkspaceIdEnvVarProvider.class);
    envVarProviders.addBinding().to(WorkspaceNamespaceNameEnvVarProvider.class);
    envVarProviders.addBinding().to(WorkspaceNameEnvVarProvider.class);
-    envVarProviders.addBinding().to(ProjectsRootEnvVariableProvider.class);

    Multibinder<LegacyEnvVarProvider> legacyEnvVarProviderMultibinders =
        Multibinder.newSetBinder(binder(), LegacyEnvVarProvider.class);
@ -270,10 +266,6 @@ public class WsMasterModule extends AbstractModule {
    terminationMultiBinder
        .addBinding()
        .to(org.eclipse.che.api.system.server.CronThreadPullTermination.class);
-    terminationMultiBinder
-        .addBinding()
-        .to(org.eclipse.che.api.workspace.server.hc.probe.ProbeSchedulerTermination.class);
-    bind(DBTermination.class);

    final Map<String, String> persistenceProperties = new HashMap<>();
    persistenceProperties.put(PersistenceUnitProperties.TARGET_SERVER, "None");
@ -289,7 +281,9 @@ public class WsMasterModule extends AbstractModule {
    install(new FactoryModuleBuilder().build(PassThroughProxyProvisionerFactory.class));
    installDefaultSecureServerExposer(infrastructure);
    install(new org.eclipse.che.security.BitbucketModule());
-    install(new GitLabModule());
+    install(new org.eclipse.che.security.oauth.GitLabModule());
+    install(new org.eclipse.che.security.oauth.AzureDevOpsModule());
+    install(new org.eclipse.che.security.oauth.GithubModule());

    configureMultiUserMode(persistenceProperties, infrastructure);

@ -314,7 +308,6 @@ public class WsMasterModule extends AbstractModule {
    }
    if (Boolean.valueOf(System.getenv("CHE_METRICS_ENABLED"))) {
      install(new org.eclipse.che.core.metrics.MetricsModule());
-      install(new WsMasterMetricsModule());
      install(new InfrastructureMetricsModule());
    } else {
      install(new org.eclipse.che.core.metrics.NoopMetricsModule());
@ -355,10 +348,7 @@ public class WsMasterModule extends AbstractModule {
    persistenceProperties.put(
        PersistenceUnitProperties.EXCEPTION_HANDLER_CLASS,
        "org.eclipse.che.core.db.postgresql.jpa.eclipselink.PostgreSqlExceptionHandler");
-    bind(DataSource.class).toProvider(org.eclipse.che.core.db.JndiDataSourceProvider.class);

-    install(new org.eclipse.che.multiuser.api.permission.server.jpa.SystemPermissionsJpaModule());
-    install(new org.eclipse.che.multiuser.api.permission.server.PermissionsModule());
    install(
        new org.eclipse.che.multiuser.permission.workspace.server.WorkspaceApiPermissionsModule());
    install(
@ -393,10 +383,6 @@ public class WsMasterModule extends AbstractModule {
        org.eclipse.che.multiuser.permission.resource.filters
            .FreeResourcesLimitServicePermissionsFilter.class);

-    install(new ResourceModule());
-    install(new OrganizationApiModule());
-    install(new OrganizationJpaModule());
-
    if (Boolean.parseBoolean(System.getenv("CHE_AUTH_NATIVEUSER"))) {
      bind(RequestTokenExtractor.class).to(HeaderRequestTokenExtractor.class);
      if (KubernetesInfrastructure.NAME.equals(infrastructure)) {
@ -407,14 +393,9 @@ public class WsMasterModule extends AbstractModule {
      }
      bind(TokenValidator.class).to(NotImplementedTokenValidator.class);
      bind(ProfileDao.class).to(JpaProfileDao.class);
-      bind(OAuthAPI.class).to(EmbeddedOAuthAPI.class);
-    } else {
-      install(new KeycloakModule());
-      install(new KeycloakUserRemoverModule());
-      bind(RequestTokenExtractor.class).to(ChainedTokenExtractor.class);
+      bind(OAuthAPI.class).to(EmbeddedOAuthAPI.class).asEagerSingleton();
    }

-    bind(AdminPermissionInitializer.class).asEagerSingleton();
    install(new MachineAuthModule());

    // User and profile - use profile from keycloak and other stuff is JPA
--- a/assembly/assembly-wsmaster-war/src/main/resources/META-INF/persistence.xml
+++ b/assembly/assembly-wsmaster-war/src/main/resources/META-INF/persistence.xml
@ -1,6 +1,6 @@
 <!--

-    Copyright (c) 2012-2021 Red Hat, Inc.
+    Copyright (c) 2012-2023 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
--- a/assembly/assembly-wsmaster-war/src/main/webapp/META-INF/context.xml
+++ b/assembly/assembly-wsmaster-war/src/main/webapp/META-INF/context.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2021 Red Hat, Inc.
+    Copyright (c) 2012-2023 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -16,5 +16,5 @@

  <Resource name="jdbc/che" auth="Container"
    type="javax.sql.DataSource"
-    factory="org.eclipse.che.core.db.postgresql.PostgreSQLJndiDataSourceFactory"/>
+    factory="org.eclipse.che.core.db.h2.jpa.eclipselink.H2SQLJndiDataSourceFactory"/>
 </Context>
--- a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
+++ b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2012-2022 Red Hat, Inc.
+# Copyright (c) 2012-2024 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
@ -29,48 +29,6 @@ che.websocket.endpoint=ws://${CHE_HOST}:${CHE_PORT}/api/websocket
 # for major WebSocket interactions and messaging.
 che.websocket.internal.endpoint=NULL

-# Your projects are synchronized from the {prod-short} server into the machine running each
-# workspace. This is the directory in the machine where your projects are placed.
-che.workspace.projects.storage=/projects
-
-
-# Defines the directory inside the machine where all the workspace logs are placed.
-# Provide this value into the machine, for example, as an environment variable.
-# This is to ensure that agent developers can use this directory to back up agent logs.
-che.workspace.logs.root_dir=/workspace_logs
-
-# Configures environment variable HTTP_PROXY to a specified value in containers powering workspaces.
-che.workspace.http_proxy=
-
-# Configures environment variable HTTPS_PROXY to a specified value in containers powering workspaces.
-che.workspace.https_proxy=
-
-# Configures environment variable NO_PROXY to a specified value in containers powering workspaces.
-che.workspace.no_proxy=
-
-# By default, when users access a workspace with its URL, the workspace
-# automatically starts (if currently stopped). Set this to `false` to disable this behavior.
-che.workspace.auto_start=true
-
-# Workspace threads pool configuration. This pool is used for workspace-related
-# operations that require asynchronous execution, for example, starting and stopping.
-# Possible values are: `fixed` and `cached`.
-che.workspace.pool.type=fixed
-
-# This property is ignored when pool type is different from `fixed`.
-# It configures the exact size of the pool. When set, the `multiplier` property is ignored.
-# If this property is not set (`0`, `<0`, `NULL`), then the pool size equals the number of cores.
-# See also `che.workspace.pool.cores_multiplier`.
-che.workspace.pool.exact_size=30
-
-# This property is ignored when `che.workspace.pool.exact_size`
-# is set and pool type is not set to `fixed`. When set, the pool size is `N_CORES * multiplier`.
-che.workspace.pool.cores_multiplier=2
-
-# This property specifies how many threads to use for workspace server liveness probes.
-che.workspace.probe_pool_size=10
-
-
 # HTTP proxy setting for workspace JVM.
 che.workspace.http_proxy_java_options=NULL

@ -118,30 +76,6 @@ che.workspace.sidecar.default_cpu_limit_cores=-1
 # Specify it either in floating point cores or in integer millicores, for example: `0.125` or `125m`.
 che.workspace.sidecar.default_cpu_request_cores=-1

-# Defines image pull strategy for sidecars. Possible values are: `Always`,
-# `Never`, `IfNotPresent`. For any other value, `Always` is assumed for images
-# with the `:latest` tag, or `IfNotPresent` for all other cases.
-che.workspace.sidecar.image_pull_policy=Always
-
-
-# Period of inactive workspaces suspend job execution.
-che.workspace.activity_check_scheduler_period_s=60
-
-# Period of cleanup of the activity table. The activity table can contain invalid or stale data
-# if an unforeseen error happens, such as a server failure at a particular point in time. The default is set to
-# run the cleanup job every hour.
-che.workspace.activity_cleanup_scheduler_period_s=3600
-
-# Delay after a server startup to start the first activity cleanup job.
-che.workspace.activity_cleanup_scheduler_initial_delay_s=60
-
-
-# Delay before the first workspace idleness check job is started to avoid
-# a mass suspend if {prod-short} server was unavailable for a period close to
-# inactivity timeout.
-che.workspace.activity_check_scheduler_delay_s=180
-
-
 # Delay before the first execution of a temporary workspaces cleanup job.
 che.workspace.cleanup_temporary_initial_delay_min=5

@ -149,14 +83,6 @@ che.workspace.cleanup_temporary_initial_delay_min=5
 # of the next execution of temporary workspaces cleanup job.
 che.workspace.cleanup_temporary_period_min=180

-
-# Number of sequential successful pings to a server after which it is treated as available.
-# For the {prod-short} Operator, the property is common for all servers, for example: `workspace agent`, `terminal`, and `exec`.
-che.workspace.server.ping_success_threshold=1
-
-# Interval (in milliseconds) between successive pings to a workspace server.
-che.workspace.server.ping_interval_milliseconds=3000
-
 # List of names of the servers that require liveness probes.
 che.workspace.server.liveness_probes=wsagent/http,exec-agent/http,terminal,theia,jupyter,dirigible,cloud-shell,intellij

@ -165,10 +91,6 @@ che.workspace.server.liveness_probes=wsagent/http,exec-agent/http,terminal,theia
 # The default is: 10MB=10485760.
 che.workspace.startup_debug_log_limit_bytes=10485760

-# If set to `true`, 'stop-workspace' role with the edit privileges is granted to the 'che' ServiceAccount if OpenShift OAuth is enabled.
-# This configuration is mainly required for workspace idling when the OpenShift OAuth is enabled.
-che.workspace.stop.role.enabled=true
-
 # Specifies whether {prod-short} is deployed with DevWorkspaces enabled.
 # This property is set by the {prod-short} Operator if it also installed the support for DevWorkspaces.
 # This property is used to advertise this fact to the {prod-short} dashboard.
@ -187,24 +109,74 @@ che.auth.access_denied_error_page=/error-oauth
 # Reserved user names.
 che.auth.reserved_user_names=

+# Configuration of the Azure DevOps Service OAuth2 client. Used to obtain personal access tokens.
+# Location of the file with Azure DevOps Service Application ID.
+che.oauth2.azure.devops.clientid_filepath=NULL
+
+# Location of the file with Azure DevOps Service Client Secret.
+che.oauth2.azure.devops.clientsecret_filepath=NULL
+
+# Azure DevOps Service OAuth2 scopes.
+# Separate multiple values with comma, for example: scope,scope,scope
+# The full list of scopes: https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#scopes
+che.integration.azure.devops.application_scopes=vso.code_write
+
+# Azure DevOps Service OAuth2 authorization URI.
+che.oauth.azure.devops.authuri=https://app.vssps.visualstudio.com/oauth2/authorize
+
+# Azure DevOps OAuth Service token URI.
+che.oauth.azure.devops.tokenuri=https://app.vssps.visualstudio.com/oauth2/token
+
+# Azure DevOps Service API server address.
+che.integration.azure.devops.api_endpoint=https://vssps.dev.azure.com
+
+# Azure DevOps SCM API server address.
+che.integration.azure.devops.scm.api_endpoint=https://dev.azure.com
+
+# Azure DevOps Service redirect URIs.
+# Separate multiple values with comma, for example: URI,URI,URI.
+che.oauth.azure.devops.redirecturis=https://${CHE_HOST}/api/oauth/callback

 # Configuration of the GitHub OAuth2 client. Used to obtain personal access tokens.
 # Location of the file with GitHub client id.
 che.oauth2.github.clientid_filepath=NULL

+# Configuration of the GitHub OAuth2 client. Used to obtain personal access tokens.
+# Location of the file with GitHub client id (The second GitHub instance).
+che.oauth2.github.clientid_filepath_2=NULL
+
 # Location of the file with GitHub client secret.
 che.oauth2.github.clientsecret_filepath=NULL

+# Location of the file with GitHub client secret (The second GitHub instance).
+che.oauth2.github.clientsecret_filepath_2=NULL
+
 # GitHub OAuth authorization URI.
 che.oauth.github.authuri= https://github.com/login/oauth/authorize

+# GitHub OAuth authorization URI (The second GitHub instance).
+che.oauth.github.authuri_2= https://github.com/login/oauth/authorize
+
 # GitHub OAuth token URI.
 che.oauth.github.tokenuri= https://github.com/login/oauth/access_token

+# GitHub OAuth token URI (The second GitHub instance).
+che.oauth.github.tokenuri_2= https://github.com/login/oauth/access_token
+
 # GitHub server address.
 # Prerequisite: OAuth 2 integration is configured on the GitHub server.
 che.integration.github.oauth_endpoint=NULL

+# GitHub server address.
+# Prerequisite: OAuth 2 integration is configured on the GitHub server (The second GitHub instance).
+che.integration.github.oauth_endpoint_2=NULL
+
+# GitHub server disable subdomain isolation flag.
+che.integration.github.disable_subdomain_isolation=false
+
+# GitHub server disable subdomain isolation flag (The second GitHub instance).
+che.integration.github.disable_subdomain_isolation_2=false
+
 # GitHub OAuth redirect URIs.
 # Separate multiple values with comma, for example: URI,URI,URI.
 che.oauth.github.redirecturis= http://localhost:${CHE_PORT}/api/oauth/callback
@ -226,7 +198,7 @@ che.oauth1.bitbucket.consumerkeypath=NULL
 che.oauth1.bitbucket.privatekeypath=NULL
 # Bitbucket Server URL. To work correctly with factories, the same URL
 # has to be part of `che.integration.bitbucket.server_endpoints` too.
-che.oauth1.bitbucket.endpoint=NULL
+che.oauth.bitbucket.endpoint=https://bitbucket.org

 # Configuration of Bitbucket OAuth2 client. Used to obtain Personal access tokens.
 # Location of the file with Bitbucket client id.
@ -243,7 +215,7 @@ che.oauth.bitbucket.tokenuri= https://bitbucket.org/site/oauth2/access_token

 # Bitbucket OAuth redirect URIs.
 # Separate multiple values with comma, for example: URI,URI,URI
-che.oauth.bitbucket.redirecturis= http://localhost:${CHE_PORT}/api/oauth/callback
+che.oauth.bitbucket.redirecturis= https://${CHE_HOST}/api/oauth/callback

 ### Internal

@ -370,9 +342,6 @@ che.infra.kubernetes.workspace_sa_cluster_roles=NULL
 # Cluster roles to assign to user in their namespace.
 che.infra.kubernetes.user_cluster_roles=NULL

-# Defines wait time that limits the Kubernetes workspace start time.
-che.infra.kubernetes.workspace_start_timeout_min=8
-
 # Defines the timeout (in minutes) that limits the period for which {orch-ingress} becomes ready.
 che.infra.kubernetes.ingress_start_timeout_min=5

@ -673,16 +642,6 @@ che.workspace.provision.secret.labels=app.kubernetes.io/part-of=che.eclipse.org,
 # and supported by the environment.
 che.workspace.devfile.async.storage.plugin=eclipse/che-async-pv-plugin/latest

-# Optionally configures node selector for workspace pod. The format is comma-separated
-# `key=value` pairs, for example: `disktype=ssd,cpu=xlarge,foo=bar`
-che.workspace.pod.node_selector=NULL
-
-# Optionally configures tolerations for workspace pod. The format is a string representing a JSON Array of taint tolerations,
-# or `NULL` to disable it. The objects contained in the array have to follow the
-# link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core[toleration v1 core specifications].
-# For example: `[{"effect":"NoExecute","key":"aNodeTaint","operator":"Equal","value":"aValue"}]`
-che.workspace.pod.tolerations_json=NULL
-
 # Bitbucket endpoints used for factory integrations.
 # A comma separated list of Bitbucket server URLs or `NULL` if no integration is expected.
 che.integration.bitbucket.server_endpoints=NULL
@ -700,3 +659,16 @@ che.oauth2.gitlab.clientid_filepath=NULL

 # Location of the file with GitLab client secret.
 che.oauth2.gitlab.clientsecret_filepath=NULL
+
+### Advanced authorization
+# Comma separated list of users allowed to access Che.
+che.infra.kubernetes.advanced_authorization.allow_users=NULL
+
+# Comma separated list of groups of users allowed to access Che.
+che.infra.kubernetes.advanced_authorization.allow_groups=NULL
+
+# Comma separated list of users denied to access Che.
+che.infra.kubernetes.advanced_authorization.deny_users=NULL
+
+# Comma separated list of groups of users denied to access Che.
+che.infra.kubernetes.advanced_authorization.deny_groups=NULL
--- a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/multiuser.properties
+++ b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/multiuser.properties
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2012-2022 Red Hat, Inc.
+# Copyright (c) 2012-2023 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
@ -64,24 +64,6 @@ che.limits.user.workspaces.count=-1
 # stop a running workspace to activate another.
 che.limits.user.workspaces.run.count=1

-### Organizations workspace limits
-
-# The total amount of RAM that a single organization (team) is allowed to allocate
-# to running workspaces. An organization owner can allocate this RAM however they
-# see fit across the team's workspaces.
-che.limits.organization.workspaces.ram=-1
-
-# The maximum number of workspaces that an organization is allowed to own. The
-# organization will be presented with an error message if they try to create
-# additional workspaces. This applies to the total number of both running
-# and stopped workspaces.
-che.limits.organization.workspaces.count=-1
-
-# The maximum number of running workspaces that a single organization is allowed to have.
-# If the organization has reached this threshold, and they try to start an
-# additional workspace, they will be presented with an error message. The
-# organization will need to stop a running workspace to activate another.
-che.limits.organization.workspaces.run.count=-1

 ### Multi-user-specific OpenShift infrastructure configuration

@ -157,22 +139,6 @@ che.keycloak.use_fixed_redirect_urls=false
 # Runtime Exception `wii` will be thrown, if this property isn't set properly.
 che.oauth.service_mode=delegated

-# Configuration for enabling removing user from Keycloak server on removing user from Che database.
-# It's disabled by default. You can enable it in special cases when deleting a user in Che database
-# should execute removing related-user from Keycloak.
-# For it to work correctly, you need to set an administrator username ${che.keycloak.admin_username} and password
-# ${che.keycloak.admin_password}.
-che.keycloak.cascade_user_removal_enabled=false
-
-# Keycloak administrator username. It will be used for deleting user from Keycloak on removing user
-# from Che database. Using it makes sense only if ${che.keycloak.cascade_user_removal_enabled} is
-# set to 'true'.
-che.keycloak.admin_username=NULL
-
-# Keycloak administrator password. Will be used for deleting user from Keycloak on removing user
-# from Che database. Using it makes sense only if ${che.keycloak.cascade_user_removal_enabled} is
-# set to 'true'
-che.keycloak.admin_password=NULL

 # User name adjustment configuration. Che needs to use the usernames as part of Kubernetes object names and labels.
 # Therefore there are stricter requirements on their format than the identity providers usually
--- a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che_aliases.properties
+++ b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che_aliases.properties
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2012-2022 Red Hat, Inc.
+# Copyright (c) 2012-2023 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
--- a/assembly/assembly-wsmaster-war/src/test/java/org/eclipse/che/integration/IntegrityConfigurationTest.java
+++ b/assembly/assembly-wsmaster-war/src/test/java/org/eclipse/che/integration/IntegrityConfigurationTest.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2021 Red Hat, Inc.
+ * Copyright (c) 2012-2024 Red Hat, Inc.
 * This program and the accompanying materials are made
 * available under the terms of the Eclipse Public License 2.0
 * which is available at https://www.eclipse.org/legal/epl-2.0/
@ -37,6 +37,7 @@ import org.reflections.scanners.FieldAnnotationsScanner;
 import org.reflections.scanners.MethodAnnotationsScanner;
 import org.reflections.scanners.MethodParameterScanner;
 import org.testng.Assert;
+import org.testng.annotations.Ignore;
 import org.testng.annotations.Test;

 public class IntegrityConfigurationTest {
@ -125,6 +126,7 @@ public class IntegrityConfigurationTest {
  }

  @Test
+  @Ignore
  public void shouldNotDeclareUnused() {
    Reflections reflections =
        new Reflections(
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-server</artifactId>
        <groupId>org.eclipse.che</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <artifactId>che-assembly-parent</artifactId>
--- a/dockerfiles/README.md
+++ b/dockerfiles/README.md
--- a/dockerfiles/build.include
+++ b/dockerfiles/build.include
@ -1,5 +1,6 @@
 #!/bin/bash
-# Copyright (c) 2017 Red Hat, Inc.
+#
+# Copyright (c) 2017-2023 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
@ -14,6 +15,7 @@ IMAGE_ALIASES=${IMAGE_ALIASES:-}
 ERROR=${ERROR:-}
 DIR=${DIR:-}
 SHA_TAG=${SHA_TAG:-}
+BUILDER=${BUILDER:-}

 skip_tests() {
  if [ $SKIP_TESTS = "true" ]; then
@ -48,6 +50,7 @@ init() {
  ARGS=""
  OPTIONS=""
  DOCKERFILE=""
+  BUILD_COMMAND="build"
  BUILD_ARGS=""

  while [ $# -gt 0 ]; do
@ -103,6 +106,37 @@ build() {
      DIR=$(cd "$(dirname "$0")"; pwd)
  fi

+  BUILD_COMAMAND="build"
+  if [ -z $BUILDER ]; then
+      echo "BUILDER is not specified, trying with podman"
+      BUILDER=$(command -v podman || true)
+      if [[ ! -x $BUILDER ]]; then
+          echo "[WARNING] podman is not installed, trying with buildah"
+          BUILDER=$(command -v buildah || true)
+          if [[ ! -x $BUILDER ]]; then
+              echo "[WARNING] buildah is not installed, trying with docker"
+              BUILDER=$(command -v docker || true)
+              if [[ ! -x $BUILDER ]]; then
+                  echo "[ERROR] This script requires podman, buildah or docker to be installed. Must abort!"; exit 1
+              fi
+          else
+              BUILD_COMMAND="bud"
+          fi
+      fi
+  else
+      if [[ ! -x $(command -v "$BUILDER" || true) ]]; then
+          echo "Builder $BUILDER is missing. Aborting."; exit 1
+      fi
+      if [[ $BUILDER =~ "docker" || $BUILDER =~ "podman" ]]; then
+          if [[ ! $($BUILDER ps) ]]; then
+              echo "Builder $BUILDER is not functioning. Aborting."; exit 1
+          fi
+      fi
+      if [[ $BUILDER =~ "buildah" ]]; then
+          BUILD_COMMAND="bud"
+      fi
+  fi
+
  # If Dockerfile is empty, build all Dockerfiles
  if [ -z ${DOCKERFILE} ]; then
    DOCKERFILES_TO_BUILD="$(ls ${DIR}/Dockerfile*)"
@ -137,26 +171,26 @@ build_image() {
    -e "s;\${BUILD_PREFIX};${PREFIX};" \
    -e "s;\${BUILD_TAG};${TAG};" \
    > ${DIR}/.Dockerfile
-  cd "${DIR}" && docker build -f ${DIR}/.Dockerfile -t ${IMAGE_NAME} ${BUILD_ARGS} .
+  cd "${DIR}" && "${BUILDER}" "${BUILD_COMMAND}" -f ${DIR}/.Dockerfile -t ${IMAGE_NAME} ${BUILD_ARGS} .
  DOCKER_BUILD_STATUS=$?
  rm ${DIR}/.Dockerfile
  if [ $DOCKER_BUILD_STATUS -eq 0 ]; then
    printf "Build of ${BLUE}${IMAGE_NAME} ${GREEN}[OK]${NC}\n"
    if [ ! -z "${SHA_TAG}" ]; then
      SHA_IMAGE_NAME=${ORGANIZATION}/${PREFIX}-${NAME}:${SHA_TAG}
-      docker tag ${IMAGE_NAME} ${SHA_IMAGE_NAME}
+      "${BUILDER}" tag ${IMAGE_NAME} ${SHA_IMAGE_NAME}
      DOCKER_TAG_STATUS=$?
      if [ $DOCKER_TAG_STATUS -eq 0 ]; then
        printf "Re-tagging with SHA based tag ${BLUE}${SHA_IMAGE_NAME} ${GREEN}[OK]${NC}\n"
      else
        printf "${RED}Failure when tagging docker image ${SHA_IMAGE_NAME}${NC}\n"
        exit 1
-      fi      
+      fi
    fi
    if [ ! -z "${IMAGE_ALIASES}" ]; then
      for TMP_IMAGE_NAME in ${IMAGE_ALIASES}
      do
-        docker tag ${IMAGE_NAME} ${TMP_IMAGE_NAME}:${TAG}
+        "${BUILDER}" tag ${IMAGE_NAME} ${TMP_IMAGE_NAME}:${TAG}
        DOCKER_TAG_STATUS=$?
        if [ $DOCKER_TAG_STATUS -eq 0 ]; then
          printf "  /alias ${BLUE}${TMP_IMAGE_NAME}:${TAG}${NC} ${GREEN}[OK]${NC}\n"
@ -174,32 +208,6 @@ build_image() {
  fi
 }

-check_docker() {
-  if ! docker ps > /dev/null 2>&1; then
-    output=$(docker ps)
-    printf "${RED}Docker not installed properly: ${output}${NC}\n"
-    exit 1
-  fi
-}
-
-docker_exec() {
-  if has_docker_for_windows_client; then
-    MSYS_NO_PATHCONV=1 docker.exe "$@"
-  else
-    "$(which docker)" "$@"
-  fi
-}
-
-has_docker_for_windows_client() {
-  GLOBAL_HOST_ARCH=$(docker version --format {{.Client}})
-
-  if [[ "${GLOBAL_HOST_ARCH}" = *"windows"* ]]; then
-    return 0
-  else
-    return 1
-  fi
-}
-
 get_full_path() {
  echo "$(cd "$(dirname "${1}")"; pwd)/$(basename "$1")"
 }
@ -227,3 +235,27 @@ get_mount_path() {
  CLEAN_PATH=$(get_clean_path "${POSIX_PATH}")
  echo $CLEAN_PATH
 }
+
+# grab assembly
+DIR="$(cd "$(dirname "$0")"; pwd)/dockerfiles"
+if [ ! -d "${DIR}/../../assembly/assembly-main/target" ]; then
+  echo "${ERROR}Have you built assembly/assemby-main in ${DIR}/../assembly/assembly-main 'mvn clean install'?"
+  exit 2
+fi
+
+# Use of folder
+BUILD_ASSEMBLY_DIR=$(echo "${DIR}"/../../assembly/assembly-main/target/eclipse-che-*/eclipse-che-*/)
+LOCAL_ASSEMBLY_DIR="${DIR}"/eclipse-che
+
+if [ -d "${LOCAL_ASSEMBLY_DIR}" ]; then
+  rm -r "${LOCAL_ASSEMBLY_DIR}"
+fi
+
+echo "Copying assembly ${BUILD_ASSEMBLY_DIR} --> ${LOCAL_ASSEMBLY_DIR}"
+cp -r "${BUILD_ASSEMBLY_DIR}" "${LOCAL_ASSEMBLY_DIR}"
+
+init --name:server "$@"
+build
+
+#cleanUp
+rm -rf ${DIR}/eclipse-che
--- a/build/dockerfiles/Dockerfile
+++ b/build/dockerfiles/Dockerfile
@ -1,4 +1,4 @@
-# Copyright (c) 2018-2022 Red Hat, Inc.
+# Copyright (c) 2018-2023 Red Hat, Inc.
 # This program and the accompanying materials are made
 # available under the terms of the Eclipse Public License 2.0
 # which is available at https://www.eclipse.org/legal/epl-2.0/
@ -10,12 +10,12 @@
 #

 # https://access.redhat.com/containers/?tab=tags#/registry.access.redhat.com/ubi8-minimal
-FROM registry.access.redhat.com/ubi8-minimal:8.6-902.1661794353
+FROM registry.access.redhat.com/ubi8-minimal:8.9-1161
 USER root
 ENV CHE_HOME=/home/user/eclipse-che
 ENV JAVA_HOME=/usr/lib/jvm/jre
-RUN microdnf install java-11-openjdk-headless tar gzip shadow-utils findutils && \
-    microdnf update -y gnutls && \
+RUN microdnf install java-17-openjdk-headless tar gzip shadow-utils findutils && \
+    microdnf update -y && \
    microdnf -y clean all && rm -rf /var/cache/yum && echo "Installed Packages" && rpm -qa | sort -V && echo "End Of Installed Packages" && \
    adduser -G root user && mkdir -p /home/user/eclipse-che
 COPY entrypoint.sh /entrypoint.sh
--- a/build/dockerfiles/brew.Dockerfile
+++ b/build/dockerfiles/brew.Dockerfile
@ -0,0 +1,40 @@
+# Copyright (c) 2018-2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# https://access.redhat.com/containers/?tab=tags#/registry.access.redhat.com/ubi8-minimal
+FROM ubi8-minimal:8.9-1161
+USER root
+ENV CHE_HOME=/home/user/devspaces
+ENV JAVA_HOME=/usr/lib/jvm/jre
+RUN microdnf install java-11-openjdk-headless tar gzip shadow-utils findutils && \
+    microdnf update -y && \
+    microdnf -y clean all && rm -rf /var/cache/yum && echo "Installed Packages" && rpm -qa | sort -V && echo "End Of Installed Packages" && \
+    adduser -G root user && mkdir -p /home/user/devspaces
+COPY entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
+
+# see fetch-artifacts-pnc.yaml
+COPY artifacts/assembly-main.tar.gz /tmp/assembly-main.tar.gz
+RUN tar xzf /tmp/assembly-main.tar.gz --strip-components=1 -C /home/user/devspaces; rm -f /tmp/assembly-main.tar.gz
+
+# this should fail if the startup script is not found in correct path /home/user/devspaces/tomcat/bin/catalina.sh
+RUN mkdir /logs /data && \
+    chmod 0777 /logs /data && \
+    chgrp -R 0 /home/user /logs /data && \
+    chown -R user /home/user && \
+    chmod -R g+rwX /home/user && \
+    find /home/user -type d -exec chmod 777 {} \; && \
+    java -version && echo -n "Server startup script in: " && \
+    find /home/user/devspaces -name catalina.sh | grep -z /home/user/devspaces/tomcat/bin/catalina.sh
+
+USER user
+
+# append Brew metadata here
--- a/build/dockerfiles/entrypoint.sh
+++ b/build/dockerfiles/entrypoint.sh
--- a/core/che-core-api-core/pom.xml
+++ b/core/che-core-api-core/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-core-parent</artifactId>
        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>che-core-api-core</artifactId>
    <packaging>jar</packaging>
@ -116,6 +116,11 @@
            <artifactId>logback-classic</artifactId>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>commons-fileupload</groupId>
+            <artifactId>commons-fileupload</artifactId>
+            <scope>test</scope>
+        </dependency>
        <dependency>
            <groupId>io.rest-assured</groupId>
            <artifactId>rest-assured</artifactId>
--- a/core/che-core-api-core/src/main/java/org/eclipse/che/api/core/rest/RuntimeExceptionMapper.java
+++ b/core/che-core-api-core/src/main/java/org/eclipse/che/api/core/rest/RuntimeExceptionMapper.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2021 Red Hat, Inc.
+ * Copyright (c) 2012-2023 Red Hat, Inc.
 * This program and the accompanying materials are made
 * available under the terms of the Eclipse Public License 2.0
 * which is available at https://www.eclipse.org/legal/epl-2.0/
@ -11,7 +11,10 @@
 */
 package org.eclipse.che.api.core.rest;

+import static com.google.common.base.Strings.isNullOrEmpty;
 import static java.lang.String.format;
+import static java.util.Arrays.stream;
+import static java.util.stream.Collectors.toList;

 import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
@ -19,6 +22,7 @@ import jakarta.ws.rs.ext.ExceptionMapper;
 import jakarta.ws.rs.ext.Provider;
 import java.text.SimpleDateFormat;
 import java.util.Date;
+import java.util.List;
 import java.util.TimeZone;
 import javax.inject.Singleton;
 import org.eclipse.che.api.core.rest.shared.dto.ServiceError;
@ -42,11 +46,18 @@ public class RuntimeExceptionMapper implements ExceptionMapper<RuntimeException>
    final SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
    dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
    final String utcTime = dateFormat.format(new Date());
-    final String errorMessage = format("Internal Server Error occurred, error time: %s", utcTime);
+    String message = exception.getMessage();
+    final String errorMessage =
+        isNullOrEmpty(message)
+            ? format("Internal Server Error occurred, error time: %s", utcTime)
+            : message;

    LOG.error(errorMessage, exception);

-    ServiceError serviceError = DtoFactory.newDto(ServiceError.class).withMessage(errorMessage);
+    List<String> trace =
+        stream(exception.getStackTrace()).map(StackTraceElement::toString).collect(toList());
+    ServiceError serviceError =
+        DtoFactory.newDto(ServiceError.class).withMessage(errorMessage).withTrace(trace);
    return Response.serverError()
        .entity(DtoFactory.getInstance().toJson(serviceError))
        .type(MediaType.APPLICATION_JSON)
--- a/core/che-core-api-core/src/main/java/org/eclipse/che/api/core/rest/shared/dto/ServiceError.java
+++ b/core/che-core-api-core/src/main/java/org/eclipse/che/api/core/rest/shared/dto/ServiceError.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2018 Red Hat, Inc.
+ * Copyright (c) 2012-2023 Red Hat, Inc.
 * This program and the accompanying materials are made
 * available under the terms of the Eclipse Public License 2.0
 * which is available at https://www.eclipse.org/legal/epl-2.0/
@ -11,6 +11,7 @@
 */
 package org.eclipse.che.api.core.rest.shared.dto;

+import java.util.List;
 import org.eclipse.che.dto.shared.DTO;

 /**
@ -30,8 +31,12 @@ public interface ServiceError {
   */
  String getMessage();

+  List<String> getTrace();
+
  ServiceError withMessage(String message);

+  ServiceError withTrace(List<String> trace);
+
  /**
   * Set error message.
   *
--- a/core/che-core-api-dto-maven-plugin/pom.xml
+++ b/core/che-core-api-dto-maven-plugin/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-core-parent</artifactId>
        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>che-core-api-dto-maven-plugin</artifactId>
    <packaging>maven-plugin</packaging>
--- a/core/che-core-api-dto/pom.xml
+++ b/core/che-core-api-dto/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-core-parent</artifactId>
        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>che-core-api-dto</artifactId>
    <packaging>jar</packaging>
--- a/core/che-core-api-model/pom.xml
+++ b/core/che-core-api-model/pom.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--

-    Copyright (c) 2012-2022 Red Hat, Inc.
+    Copyright (c) 2012-2024 Red Hat, Inc.
    This program and the accompanying materials are made
    available under the terms of the Eclipse Public License 2.0
    which is available at https://www.eclipse.org/legal/epl-2.0/
@ -17,7 +17,7 @@
    <parent>
        <artifactId>che-core-parent</artifactId>
        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
+        <version>7.86.0-SNAPSHOT</version>
    </parent>
    <artifactId>che-core-api-model</artifactId>
    <packaging>jar</packaging>
--- a/core/che-core-db-vendor-h2/pom.xml
+++ b/core/che-core-db-vendor-h2/pom.xml
@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    Copyright (c) 2012-2022 Red Hat, Inc.
-    This program and the accompanying materials are made
-    available under the terms of the Eclipse Public License 2.0
-    which is available at https://www.eclipse.org/legal/epl-2.0/
-
-    SPDX-License-Identifier: EPL-2.0
-
-    Contributors:
-      Red Hat, Inc. - initial API and implementation
-
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <artifactId>che-core-parent</artifactId>
-        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
-    </parent>
-    <artifactId>che-core-db-vendor-h2</artifactId>
-    <name>Che Core :: Commons :: DB :: Vendor H2</name>
-    <dependencies>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-db</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>org.eclipse.persistence.core</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>jakarta.persistence</artifactId>
-            <scope>provided</scope>
-        </dependency>
-    </dependencies>
-</project>
--- a/core/che-core-db-vendor-h2/src/main/java/org/eclipse/che/core/db/h2/jpa/eclipselink/H2ExceptionHandler.java
+++ b/core/che-core-db-vendor-h2/src/main/java/org/eclipse/che/core/db/h2/jpa/eclipselink/H2ExceptionHandler.java
@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.h2.jpa.eclipselink;
-
-import java.sql.SQLException;
-import org.eclipse.che.core.db.jpa.DuplicateKeyException;
-import org.eclipse.che.core.db.jpa.IntegrityConstraintViolationException;
-import org.eclipse.persistence.exceptions.DatabaseException;
-import org.eclipse.persistence.exceptions.ExceptionHandler;
-
-/**
- * Rethrows vendor specific exceptions as common exceptions. See <a
- * href="http://www.h2database.com/javadoc/org/h2/api/ErrorCode.html">H2 error codes</a>.
- *
- * @author Yevhenii Voevodin
- */
-public class H2ExceptionHandler implements ExceptionHandler {
-
-  public Object handleException(RuntimeException exception) {
-    if (exception instanceof DatabaseException && exception.getCause() instanceof SQLException) {
-      final SQLException sqlEx = (SQLException) exception.getCause();
-      switch (sqlEx.getErrorCode()) {
-        case 23505:
-          throw new DuplicateKeyException(exception.getMessage(), exception);
-        case 23506:
-          throw new IntegrityConstraintViolationException(exception.getMessage(), exception);
-      }
-    }
-    throw exception;
-  }
-}
--- a/core/che-core-db-vendor-mysql/pom.xml
+++ b/core/che-core-db-vendor-mysql/pom.xml
@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    Copyright (c) 2012-2022 Red Hat, Inc.
-    This program and the accompanying materials are made
-    available under the terms of the Eclipse Public License 2.0
-    which is available at https://www.eclipse.org/legal/epl-2.0/
-
-    SPDX-License-Identifier: EPL-2.0
-
-    Contributors:
-      Red Hat, Inc. - initial API and implementation
-
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <artifactId>che-core-parent</artifactId>
-        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
-    </parent>
-    <artifactId>che-core-db-vendor-mysql</artifactId>
-    <name>Che Core :: Commons :: DB :: Vendor MySQL</name>
-    <dependencies>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-db</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>org.eclipse.persistence.core</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>jakarta.persistence</artifactId>
-            <scope>provided</scope>
-        </dependency>
-    </dependencies>
-</project>
--- a/core/che-core-db-vendor-mysql/src/main/java/org/eclipse/che/core/db/mysql/jpa/eclipselink/MySqlExceptionHandler.java
+++ b/core/che-core-db-vendor-mysql/src/main/java/org/eclipse/che/core/db/mysql/jpa/eclipselink/MySqlExceptionHandler.java
@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.mysql.jpa.eclipselink;
-
-import java.sql.SQLException;
-import org.eclipse.che.core.db.jpa.DuplicateKeyException;
-import org.eclipse.che.core.db.jpa.IntegrityConstraintViolationException;
-import org.eclipse.persistence.exceptions.DatabaseException;
-import org.eclipse.persistence.exceptions.ExceptionHandler;
-
-/**
- * Rethrows vendor specific exceptions as common exceptions. See <a
- * href="https://dev.mysql.com/doc/refman/8.0/en/error-messages-server.html">MySQL error codes</a>.
- *
- * @author Barry Dresdner
- */
-public class MySqlExceptionHandler implements ExceptionHandler {
-  @Override
-  public Object handleException(RuntimeException exception) {
-    if (exception instanceof DatabaseException && exception.getCause() instanceof SQLException) {
-      final SQLException sqlEx = (SQLException) exception.getCause();
-      switch (sqlEx.getErrorCode()) {
-        case 1062:
-          throw new DuplicateKeyException(exception.getMessage(), exception);
-        case 1452:
-          throw new IntegrityConstraintViolationException(exception.getMessage(), exception);
-      }
-    }
-    throw exception;
-  }
-}
--- a/core/che-core-db-vendor-postgresql/pom.xml
+++ b/core/che-core-db-vendor-postgresql/pom.xml
@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    Copyright (c) 2012-2022 Red Hat, Inc.
-    This program and the accompanying materials are made
-    available under the terms of the Eclipse Public License 2.0
-    which is available at https://www.eclipse.org/legal/epl-2.0/
-
-    SPDX-License-Identifier: EPL-2.0
-
-    Contributors:
-      Red Hat, Inc. - initial API and implementation
-
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <artifactId>che-core-parent</artifactId>
-        <groupId>org.eclipse.che.core</groupId>
-        <version>7.54.0-SNAPSHOT</version>
-    </parent>
-    <artifactId>che-core-db-vendor-postgresql</artifactId>
-    <name>Che Core :: Commons :: DB :: Vendor PostgreSQL</name>
-    <dependencies>
-        <dependency>
-            <groupId>com.google.guava</groupId>
-            <artifactId>guava</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-db</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>org.eclipse.persistence.core</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.persistence</groupId>
-            <artifactId>jakarta.persistence</artifactId>
-            <scope>provided</scope>
-        </dependency>
-    </dependencies>
-</project>
--- a/core/che-core-db-vendor-postgresql/src/main/java/org/eclipse/che/core/db/postgresql/PostgreSQLJndiDataSourceFactory.java
+++ b/core/che-core-db-vendor-postgresql/src/main/java/org/eclipse/che/core/db/postgresql/PostgreSQLJndiDataSourceFactory.java
@ -1,51 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.postgresql;
-
-import static com.google.common.base.MoreObjects.firstNonNull;
-
-import org.eclipse.che.core.db.JNDIDataSourceFactory;
-
-/**
- * Environment params based JNDI data source factory for Postgres.
- *
- * @author Sergii Kabashniuk
- */
-public class PostgreSQLJndiDataSourceFactory extends JNDIDataSourceFactory {
-
-  private static final String DEFAULT_USERNAME = "pgche";
-  private static final String DEFAULT_PASSWORD = "pgchepassword";
-  private static final String DEFAULT_URL = "jdbc:postgresql://postgres:5432/dbche";
-  private static final String DEFAULT_DRIVER__CLASS__NAME = "org.postgresql.Driver";
-  private static final String DEFAULT_MAX__TOTAL = "20";
-  private static final String DEFAULT_MAX__IDLE = "2";
-  private static final String DEFAULT_MAX__WAIT__MILLIS = "-1";
-
-  public PostgreSQLJndiDataSourceFactory() throws Exception {
-    super(
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_USERNAME")), DEFAULT_USERNAME),
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_PASSWORD")), DEFAULT_PASSWORD),
-        firstNonNull(nullStringToNullReference(System.getenv("CHE_JDBC_URL")), DEFAULT_URL),
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_DRIVER__CLASS__NAME")),
-            DEFAULT_DRIVER__CLASS__NAME),
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_MAX__TOTAL")), DEFAULT_MAX__TOTAL),
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_MAX__IDLE")), DEFAULT_MAX__IDLE),
-        firstNonNull(
-            nullStringToNullReference(System.getenv("CHE_JDBC_MAX__WAIT__MILLIS")),
-            DEFAULT_MAX__WAIT__MILLIS));
-  }
-}
--- a/core/che-core-db-vendor-postgresql/src/main/java/org/eclipse/che/core/db/postgresql/jpa/eclipselink/PostgreSqlExceptionHandler.java
+++ b/core/che-core-db-vendor-postgresql/src/main/java/org/eclipse/che/core/db/postgresql/jpa/eclipselink/PostgreSqlExceptionHandler.java
@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.postgresql.jpa.eclipselink;
-
-import java.sql.SQLException;
-import org.eclipse.che.core.db.jpa.DuplicateKeyException;
-import org.eclipse.che.core.db.jpa.IntegrityConstraintViolationException;
-import org.eclipse.persistence.exceptions.DatabaseException;
-import org.eclipse.persistence.exceptions.ExceptionHandler;
-
-/**
- * Rethrows vendor specific exceptions as common exceptions. See <a
- * href="https://www.postgresql.org/docs/9.4/static/errcodes-appendix.html">PostgreSQL error
- * codes</a>.
- *
- * @author Yevhenii Voevodin
- * @author Sergii Kabashniuk
- */
-public class PostgreSqlExceptionHandler implements ExceptionHandler {
-  public Object handleException(RuntimeException exception) {
-    if (exception instanceof DatabaseException && exception.getCause() instanceof SQLException) {
-      final SQLException sqlEx = (SQLException) exception.getCause();
-      switch (sqlEx.getSQLState()) {
-        case "23505":
-          throw new DuplicateKeyException(exception.getMessage(), exception);
-        case "23503":
-          throw new IntegrityConstraintViolationException(exception.getMessage(), exception);
-      }
-    }
-    throw exception;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBErrorCode.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBErrorCode.java
@ -1,43 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-/**
- * Defines common database error codes which should be used throughout the application in preference
- * to vendor specific error codes.
- *
- * @author Yevhenii Voevodin
- */
-public enum DBErrorCode {
-
-  /** When database error can't be described with one of the other values of this enumeration. */
-  UNDEFINED(-1),
-
-  /**
-   * When any of the unique constraints is violated e.g. duplicate key or unique index violation.
-   */
-  DUPLICATE_KEY(1),
-
-  /** When entity referenced foreign key does not exist */
-  INTEGRITY_CONSTRAINT_VIOLATION(2);
-
-  private final int code;
-
-  DBErrorCode(int code) {
-    this.code = code;
-  }
-
-  /** Returns the code of this error. */
-  public int getCode() {
-    return code;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBInitializer.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBInitializer.java
@ -1,89 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-import com.google.common.collect.ImmutableMap;
-import java.util.Map;
-import javax.inject.Inject;
-import javax.inject.Singleton;
-import javax.persistence.EntityManagerFactory;
-import org.eclipse.che.core.db.jpa.JpaInitializer;
-import org.eclipse.che.core.db.jpa.eclipselink.GuiceEntityListenerInjectionManager;
-import org.eclipse.che.core.db.schema.SchemaInitializationException;
-import org.eclipse.che.core.db.schema.SchemaInitializer;
-import org.eclipse.persistence.internal.sessions.AbstractSession;
-
-/**
- * Initializes database components.
- *
- * <p>Those components which require any persistence operations on their bootstrap have to depend on
- * this component. For example:
- *
- * <pre>
- * class StackExistsChecker {
- *
- *     &#064;@Inject
- *     &#064;SuppressWarnings("unused")
- *     private DBInitializer dbInitializer;
- *
- *     &#064;PostConstruct
- *     public void check() {
- *         ....
- *     }
- * }
- * </pre>
- *
- * In this way it is guaranteed that all database related components will be appropriately
- * initialized before {@code check} method is executed.
- *
- * @author Yevhenii Voevodin
- */
-@Singleton
-public class DBInitializer {
-
-  /**
-   * when value for this key true, then its mean that db is initialized at first time, otherwise db
-   * was previously initialized
-   */
-  public static final String BARE_DB_INIT_PROPERTY_NAME = "bare_database_init";
-
-  private final Map<String, String> initProperties;
-
-  @Inject
-  public DBInitializer(SchemaInitializer schemaInitializer, JpaInitializer jpaInitializer)
-      throws SchemaInitializationException {
-    // schema must be initialized before any other component that may interact with database
-    initProperties = ImmutableMap.copyOf(schemaInitializer.init());
-
-    // jpa initialization goes next
-    jpaInitializer.init();
-  }
-
-  @Inject
-  public void setUpInjectionManager(
-      GuiceEntityListenerInjectionManager injManager, EntityManagerFactory emFactory) {
-    final AbstractSession session = emFactory.unwrap(AbstractSession.class);
-    session.setInjectionManager(injManager);
-  }
-
-  /** Returns map of properties which represents state of database while initialization process */
-  public Map<String, String> getInitProperties() {
-    return initProperties;
-  }
-
-  /**
-   * Returns true only if database was initialized at first time otherwise false would be returned
-   */
-  public boolean isBareInit() {
-    return Boolean.parseBoolean(initProperties.get(BARE_DB_INIT_PROPERTY_NAME));
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBTermination.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/DBTermination.java
@ -1,84 +0,0 @@
-/*
- * Copyright (c) 2012-2021 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-import com.google.inject.Inject;
-import com.google.inject.persist.PersistService;
-import java.lang.reflect.Field;
-import javax.inject.Singleton;
-import javax.persistence.EntityManagerFactory;
-import org.eclipse.persistence.internal.sessions.AbstractSession;
-import org.eclipse.persistence.internal.sessions.coordination.jgroups.JGroupsRemoteConnection;
-import org.eclipse.persistence.sessions.coordination.CommandManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Stops {@link PersistService} when a system is ready to shutdown.
- *
- * @author Anton Korneta
- */
-@Singleton
-public class DBTermination {
-
-  private static final Logger LOG = LoggerFactory.getLogger(DBTermination.class);
-
-  private final PersistService persistService;
-  private final EntityManagerFactory emFactory;
-
-  @Inject
-  public DBTermination(PersistService persistService, EntityManagerFactory emFactory) {
-    this.persistService = persistService;
-    this.emFactory = emFactory;
-  }
-
-  /** Stops {@link PersistService}. Any DB operations are impossible after that. */
-  public void terminate() {
-    try {
-      LOG.info("Stopping persistence service.");
-      fixJChannelClosing(emFactory);
-      persistService.stop();
-    } catch (RuntimeException ex) {
-      LOG.error("Failed to stop persistent service. Cause: " + ex.getMessage());
-    }
-  }
-
-  /**
-   * This method is hack that changes value of {@link JGroupsRemoteConnection#isLocal} to false.
-   * This is needed to close the JGroups EclipseLinkCommandChannel and as result gracefully stop of
-   * the system.<br>
-   * For more details see {@link JGroupsRemoteConnection#closeInternal()}
-   *
-   * <p>The corresponding eclipse-link extension issue
-   * https://bugs.eclipse.org/bugs/show_bug.cgi?id=534148
-   */
-  private void fixJChannelClosing(EntityManagerFactory emFactory) {
-    try {
-      final AbstractSession session = emFactory.unwrap(AbstractSession.class);
-      CommandManager commandManager = session.getCommandManager();
-      if (commandManager == null) {
-        // not cluster mode
-        return;
-      }
-      final JGroupsRemoteConnection conn =
-          (JGroupsRemoteConnection) commandManager.getTransportManager().getConnectionToLocalHost();
-      final Field isLocal = conn.getClass().getDeclaredField("isLocal");
-      isLocal.setAccessible(true);
-      isLocal.set(conn, false);
-    } catch (IllegalAccessException | NoSuchFieldException ex) {
-      LOG.error(
-          "Failed to change JGroupsRemoteConnection#isLocal. This may prevent the graceful stop of "
-              + "the system because EclipseLinkCommandChannel will not be closed. Cause: "
-              + ex.getMessage());
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/JNDIDataSourceFactory.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/JNDIDataSourceFactory.java
@ -1,79 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-import static org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.createDataSource;
-import static org.eclipse.che.core.db.TracingDataSource.wrapWithTracingIfEnabled;
-
-import java.util.Hashtable;
-import java.util.Properties;
-import javax.naming.Context;
-import javax.naming.Name;
-import javax.naming.spi.ObjectFactory;
-import javax.sql.DataSource;
-import org.apache.tomcat.dbcp.dbcp2.BasicDataSource;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Abstract JNDI factory that constructs {@link BasicDataSource} objects from the given params.
- * Should not be used directly and must be subclassed to provide instantiation params from needful
- * source.
- *
- * @author Sergii Kabashniuk
- */
-public abstract class JNDIDataSourceFactory implements ObjectFactory {
-
-  private static final Logger LOG = LoggerFactory.getLogger(JNDIDataSourceFactory.class);
-
-  private final DataSource dataSource;
-
-  public JNDIDataSourceFactory(
-      String userName,
-      String password,
-      String url,
-      String driverClassName,
-      String maxTotal,
-      String maxIdle,
-      String maxWaitMillis)
-      throws Exception {
-    Properties poolConfigurationProperties = new Properties();
-    poolConfigurationProperties.setProperty("username", userName);
-    poolConfigurationProperties.setProperty("password", password);
-    poolConfigurationProperties.setProperty("url", url);
-    poolConfigurationProperties.setProperty("driverClassName", driverClassName);
-    poolConfigurationProperties.setProperty("maxTotal", maxTotal);
-    poolConfigurationProperties.setProperty("maxIdle", maxIdle);
-    poolConfigurationProperties.setProperty("maxWaitMillis", maxWaitMillis);
-    dataSource = wrapWithTracingIfEnabled(createDataSource(poolConfigurationProperties));
-  }
-
-  @Override
-  public Object getObjectInstance(
-      Object obj, Name name, Context nameCtx, Hashtable<?, ?> environment) throws Exception {
-    LOG.info(
-        "This={} obj={} name={} Context={} environment={}", this, obj, name, nameCtx, environment);
-    return dataSource;
-  }
-
-  /**
-   * Util method to convert string {@code "NULL"} to null reference. Allows to set string {@code
-   * "NULL"} as a value of the property instead of making sure it is unset as it is done in {@link
-   * org.eclipse.che.inject.CheBootstrap}
-   *
-   * @param value value to transform if needed
-   * @return null or passed value
-   */
-  protected static String nullStringToNullReference(String value) {
-    return "NULL".equals(value) ? null : value;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/JndiDataSourceProvider.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/JndiDataSourceProvider.java
@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-import com.google.inject.Inject;
-import javax.inject.Named;
-import javax.inject.Provider;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.sql.DataSource;
-
-/**
- * Provides data source based on jndi resource name.
- *
- * @author Yevhenii Voevodin
- */
-public class JndiDataSourceProvider implements Provider<DataSource> {
-
-  @Inject
-  @Named("jndi.datasource.name")
-  private String name;
-
-  @Override
-  public DataSource get() {
-    try {
-      final InitialContext context = new InitialContext();
-      return (DataSource) context.lookup(name);
-    } catch (NamingException x) {
-      throw new IllegalStateException(x.getLocalizedMessage(), x);
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/TracingDataSource.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/TracingDataSource.java
@ -1,106 +0,0 @@
-/*
- * Copyright (c) 2012-2021 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db;
-
-import com.google.common.annotations.Beta;
-import io.opentracing.contrib.jdbc.ConnectionInfo;
-import io.opentracing.contrib.jdbc.TracingConnection;
-import io.opentracing.contrib.jdbc.parser.URLParser;
-import io.opentracing.util.GlobalTracer;
-import java.io.PrintWriter;
-import java.sql.Connection;
-import java.sql.SQLException;
-import java.sql.SQLFeatureNotSupportedException;
-import java.util.logging.Logger;
-import javax.sql.DataSource;
-import org.slf4j.LoggerFactory;
-
-/**
- * Adding tracing support for existing @{@link javax.sql.DataSource}. DbType and DbUser information
- * omitted in traces. Traced are made only if active span exists. Prerequisites of using this class
- * is that @{@link io.opentracing.Tracer} should be set in @{@link io.opentracing.util.GlobalTracer}
- *
- * @author Sergii Kabashniuk
- */
-@Beta
-public class TracingDataSource implements DataSource {
-  private static final org.slf4j.Logger LOG = LoggerFactory.getLogger(TracingDataSource.class);
-
-  private final DataSource delegate;
-  private final ConnectionInfo connectionInfo;
-
-  public TracingDataSource(DataSource delegate) {
-    this.delegate = delegate;
-    try (Connection connection = delegate.getConnection()) {
-      connectionInfo = URLParser.parser(connection.getMetaData().getURL());
-      LOG.debug(
-          "URL {} connectionInfo {}",
-          connection.getMetaData().getURL(),
-          connectionInfo.getPeerService());
-    } catch (SQLException e) {
-      throw new RuntimeException(e);
-    }
-  }
-
-  @Override
-  public Connection getConnection() throws SQLException {
-    return new TracingConnection(
-        delegate.getConnection(), connectionInfo, true, null, GlobalTracer.get());
-  }
-
-  @Override
-  public Connection getConnection(String username, String password) throws SQLException {
-    return new TracingConnection(
-        delegate.getConnection(username, password), connectionInfo, true, null, GlobalTracer.get());
-  }
-
-  @Override
-  public <T> T unwrap(Class<T> iface) throws SQLException {
-    return delegate.unwrap(iface);
-  }
-
-  @Override
-  public boolean isWrapperFor(Class<?> iface) throws SQLException {
-    return delegate.isWrapperFor(iface);
-  }
-
-  @Override
-  public PrintWriter getLogWriter() throws SQLException {
-    return delegate.getLogWriter();
-  }
-
-  @Override
-  public void setLogWriter(PrintWriter out) throws SQLException {
-    delegate.setLogWriter(out);
-  }
-
-  @Override
-  public void setLoginTimeout(int seconds) throws SQLException {
-    delegate.setLoginTimeout(seconds);
-  }
-
-  @Override
-  public int getLoginTimeout() throws SQLException {
-    return delegate.getLoginTimeout();
-  }
-
-  @Override
-  public Logger getParentLogger() throws SQLFeatureNotSupportedException {
-    return delegate.getParentLogger();
-  }
-
-  public static DataSource wrapWithTracingIfEnabled(DataSource dataSource) {
-    return Boolean.valueOf(System.getenv("CHE_DB_TRACING_ENABLED"))
-        ? new TracingDataSource(dataSource)
-        : dataSource;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/CascadeContext.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/CascadeContext.java
@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade;
-
-/**
- * Context that is used only for sharing the state of the cascading operation among subscribers.
- *
- * @author Anton Korneta
- * @author Sergii Leshchenko
- */
-public class CascadeContext {
-  private Exception cause;
-
-  /** Returns the cause which has changed the state of the context. */
-  public Exception getCause() {
-    return cause;
-  }
-
-  /** Returns the state of the context. */
-  public boolean isFailed() {
-    return cause != null;
-  }
-
-  /** Sets the context into failed state. */
-  public CascadeContext fail(Exception cause) {
-    this.cause = cause;
-    return this;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/CascadeEventSubscriber.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/CascadeEventSubscriber.java
@ -1,45 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade;
-
-import org.eclipse.che.api.core.notification.EventSubscriber;
-import org.eclipse.che.core.db.cascade.event.CascadeEvent;
-
-/**
- * Receives events and puts exceptions in the context to perform rollback operation if it is
- * necessary.
- *
- * @author Anton Korneta
- * @author Sergii Leschenko
- */
-public abstract class CascadeEventSubscriber<T extends CascadeEvent> implements EventSubscriber<T> {
-  @Override
-  public void onEvent(T event) {
-    if (!event.getContext().isFailed()) {
-      try {
-        onCascadeEvent(event);
-      } catch (Exception ex) {
-        event.getContext().fail(ex);
-      }
-    }
-  }
-
-  /**
-   * Receives notification about cascade event.
-   *
-   * <p>If the method throws an exception it will be set to context to break event publishing and
-   * rethrow exception. Event is responsible for rethrowing or wrapping original exception.
-   *
-   * @see CascadeEvent#propagateException()
-   */
-  public abstract void onCascadeEvent(T event) throws Exception;
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/CascadeEvent.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/CascadeEvent.java
@ -1,60 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade.event;
-
-import org.eclipse.che.core.db.cascade.CascadeContext;
-
-/**
- * Special event type which is needed only for notification in the process which can require cascade
- * operation.
- *
- * <p>Publisher should invoke {@link #propagateException()} to get cause of event canceling.
- *
- * <p>Rollback of operation must be performed when subscriber throws {@link Exception} during event
- * processing.
- *
- * <p>Usage example:
- *
- * <pre>
- *     EventService bus = new EventService();
- *     bus.subscribe(new CascadeEventSubscriber&lt;MyEvent&gt;() {
- *         &#64;Override
- *         public void onCascadeEvent(MyEvent event) throws Exception {
- *             if (event.getEntityName().startsWith("reserved")) {
- *                 throw new ConflictException("Entity name can't start with `reserved`.");
- *             }
- *         }
- *     });
- *     bus.publish(new MyEvent(...)).propagateException();
- * </pre>
- *
- * @author Anton Korneta
- * @author Sergii Leschenko
- */
-public abstract class CascadeEvent {
-  protected final CascadeContext context = new CascadeContext();
-
-  public CascadeContext getContext() {
-    return context;
-  }
-
-  /**
-   * Propagates exception if subscriber throws it while event processing otherwise do nothing
-   *
-   * @throws Exception when any subscriber throws {@link Exception}
-   */
-  public void propagateException() throws Exception {
-    if (context.isFailed()) {
-      throw context.getCause();
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/PersistEvent.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/PersistEvent.java
@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade.event;
-
-import org.eclipse.che.api.core.ConflictException;
-import org.eclipse.che.api.core.ServerException;
-
-/**
- * Cascade event about an entity persisting.
- *
- * <p>{@link ConflictException} or {@link ServerException} can be rethrown during exception
- * propagating.
- *
- * @author Sergii Leschenko
- */
-public abstract class PersistEvent extends CascadeEvent {
-  @Override
-  public void propagateException() throws ConflictException, ServerException {
-    if (context.isFailed()) {
-      try {
-        throw context.getCause();
-      } catch (ConflictException | ServerException e) {
-        throw e;
-      } catch (Exception e) {
-        throw new ServerException(e.getLocalizedMessage(), e);
-      }
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/RemoveEvent.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/RemoveEvent.java
@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade.event;
-
-import org.eclipse.che.api.core.ServerException;
-
-/**
- * Cascade event about an entity removing.
- *
- * <p>{@link ServerException} can be rethrown during exception propagating.
- *
- * @author Sergii Leschenko
- */
-public abstract class RemoveEvent extends CascadeEvent {
-  @Override
-  public void propagateException() throws ServerException {
-    if (context.isFailed()) {
-      try {
-        throw context.getCause();
-      } catch (ServerException e) {
-        throw e;
-      } catch (Exception e) {
-        throw new ServerException(e.getLocalizedMessage(), e);
-      }
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/UpdateEvent.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/cascade/event/UpdateEvent.java
@ -1,39 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.cascade.event;
-
-import org.eclipse.che.api.core.ConflictException;
-import org.eclipse.che.api.core.NotFoundException;
-import org.eclipse.che.api.core.ServerException;
-
-/**
- * Cascade event about an entity updating.
- *
- * <p>{@link NotFoundException}, {@link ConflictException} or {@link ServerException} can be
- * rethrown during exception propagating.
- *
- * @author Sergii Leschenko
- */
-public abstract class UpdateEvent extends CascadeEvent {
-  @Override
-  public void propagateException() throws NotFoundException, ConflictException, ServerException {
-    if (context.isFailed()) {
-      try {
-        throw context.getCause();
-      } catch (NotFoundException | ConflictException | ServerException e) {
-        throw e;
-      } catch (Exception e) {
-        throw new ServerException(e.getLocalizedMessage(), e);
-      }
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/DetailedRollbackException.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/DetailedRollbackException.java
@ -1,34 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa;
-
-import javax.persistence.RollbackException;
-import org.eclipse.che.core.db.DBErrorCode;
-
-/**
- * Extends the standard {@link RollbackException} with an error code from {@link DBErrorCode}.
- *
- * @author Yevhenii Voevodin
- */
-public class DetailedRollbackException extends RollbackException {
-
-  private DBErrorCode code;
-
-  public DetailedRollbackException(String message, Throwable cause, DBErrorCode code) {
-    super(message, cause);
-    this.code = code;
-  }
-
-  public DBErrorCode getCode() {
-    return code;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/DuplicateKeyException.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/DuplicateKeyException.java
@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa;
-
-import org.eclipse.che.core.db.DBErrorCode;
-
-/**
- * Thrown when data couldn't be updated/stored due to unique constrain violation.
- *
- * @author Yevhenii Voevodin
- * @see DBErrorCode#DUPLICATE_KEY
- */
-public class DuplicateKeyException extends DetailedRollbackException {
-
-  public DuplicateKeyException(String message, Throwable cause) {
-    super(message, cause, DBErrorCode.DUPLICATE_KEY);
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/IntegrityConstraintViolationException.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/IntegrityConstraintViolationException.java
@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa;
-
-import org.eclipse.che.core.db.DBErrorCode;
-
-/**
- * Throws during inserts/updates entity that restricted by referential integrity and given
- * insert/update refers to non-existing entity.
- *
- * @author Anton Korneta
- * @see DBErrorCode#INTEGRITY_CONSTRAINT_VIOLATION
- */
-public class IntegrityConstraintViolationException extends DetailedRollbackException {
-
-  public IntegrityConstraintViolationException(String message, Throwable cause) {
-    super(message, cause, DBErrorCode.INTEGRITY_CONSTRAINT_VIOLATION);
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/JpaInitializer.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/JpaInitializer.java
@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa;
-
-import com.google.inject.ImplementedBy;
-import org.eclipse.che.core.db.jpa.guice.GuiceJpaInitializer;
-
-/**
- * Initializes jpa components.
- *
- * @author Yevhenii Voevodin
- */
-@ImplementedBy(GuiceJpaInitializer.class)
-public interface JpaInitializer {
-
-  /** Initialized jpa components. */
-  void init();
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/eclipselink/GuiceEntityListenerInjectionManager.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/eclipselink/GuiceEntityListenerInjectionManager.java
@ -1,69 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa.eclipselink;
-
-import com.google.inject.Inject;
-import com.google.inject.Injector;
-import javax.naming.NamingException;
-import org.eclipse.persistence.internal.sessions.AbstractSession;
-import org.eclipse.persistence.internal.sessions.cdi.InjectionManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Allows to use dependency injection in entity listeners.
- *
- * <p>Example:
- *
- * <pre>
- * class WorkspaceEntityListener {
- *
- *      &#064;Inject EventBus bus; <- EventBus will be injected by Guice
- *
- *      &#064;PreRemove
- *      public void preRemove(Workspace workspace) {
- *          bus.post(new BeforeWorkspaceRemovedEvent(workspace));
- *      }
- * }
- *
- * &#064;Entity
- * &#064;EntityListeners(WorkspaceEntityListener.class)
- * class Workspace {
- *      // ...
- * }
- * </pre>
- *
- * @author Yevhenii Voevodin
- */
-public class GuiceEntityListenerInjectionManager implements InjectionManager {
-
-  private static final Logger LOG =
-      LoggerFactory.getLogger(GuiceEntityListenerInjectionManager.class);
-
-  @Inject private Injector injector;
-
-  @Override
-  public Object createManagedBeanAndInjectDependencies(Class entityListenerClass)
-      throws NamingException {
-    try {
-      return injector.getInstance(entityListenerClass);
-    } catch (RuntimeException x) {
-      LOG.error(x.getLocalizedMessage(), x);
-      throw new NamingException(x.getLocalizedMessage());
-    }
-  }
-
-  @Override
-  public void cleanUp(AbstractSession session) {
-    // EntityListener objects are managed by Guice, nothing to cleanup
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/guice/GuiceJpaInitializer.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/jpa/guice/GuiceJpaInitializer.java
@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.jpa.guice;
-
-import com.google.inject.persist.PersistService;
-import javax.inject.Inject;
-import org.eclipse.che.core.db.jpa.JpaInitializer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Should be bound as eager singleton. See <a
- * href="https://github.com/google/guice/wiki/JPA">doc</a>
- *
- * @author Yevhenii Voevodin
- * @author Anton Korneta
- */
-public class GuiceJpaInitializer implements JpaInitializer {
-
-  private static final Logger LOG = LoggerFactory.getLogger(GuiceJpaInitializer.class);
-
-  @Inject private PersistService persistService;
-
-  public void init() {
-    try {
-      persistService.start();
-    } catch (Exception x) {
-      LOG.error(x.getLocalizedMessage(), x);
-    }
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/SchemaInitializationException.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/SchemaInitializationException.java
@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema;
-
-/**
- * Thrown when any schema initialization/migration problem occurs.
- *
- * @author Yevhenii Voevodin
- */
-public class SchemaInitializationException extends Exception {
-
-  public SchemaInitializationException(String message, Throwable cause) {
-    super(message, cause);
-  }
-
-  public SchemaInitializationException(String message) {
-    super(message);
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/SchemaInitializer.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/SchemaInitializer.java
@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema;
-
-import java.util.Map;
-
-/**
- * Initializes database schema or migrates an old version of it to a new one.
- *
- * @author Yevhenii Voevodin
- */
-public interface SchemaInitializer {
-
-  /**
-   * Initializes database schema or migrates an old schema to a new one.
-   *
-   * @return initialization properties
-   * @throws SchemaInitializationException thrown when any error occurs during schema
-   *     initialization/migration
-   */
-  Map<String, String> init() throws SchemaInitializationException;
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/CustomSqlMigrationResolver.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/CustomSqlMigrationResolver.java
@ -1,210 +0,0 @@
-/*
- * Copyright (c) 2012-2021 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import static java.lang.String.format;
-import static java.util.stream.Collectors.toList;
-
-import com.google.common.hash.Hashing;
-import com.google.common.io.ByteSource;
-import java.io.IOException;
-import java.sql.SQLException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import org.flywaydb.core.api.FlywayException;
-import org.flywaydb.core.api.MigrationType;
-import org.flywaydb.core.api.MigrationVersion;
-import org.flywaydb.core.api.resolver.BaseMigrationResolver;
-import org.flywaydb.core.api.resolver.ResolvedMigration;
-import org.flywaydb.core.internal.dbsupport.DbSupport;
-import org.flywaydb.core.internal.resolver.ResolvedMigrationImpl;
-import org.flywaydb.core.internal.resolver.sql.SqlMigrationExecutor;
-import org.flywaydb.core.internal.util.Location;
-import org.flywaydb.core.internal.util.PlaceholderReplacer;
-import org.flywaydb.core.internal.util.scanner.Resource;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Resolves SQL migrations from the configured locations, allows overriding of default scripts with
- * vendor specific ones.
- *
- * <ul>
- *   Migration scripts must follow the next rules:
- *   <li>It must be placed in the project dir directory e.g. <i>5.0.1</i>
- *   <li>Project dir directory must be placed in dedicated directory e.g. <i>resources/sql</i>
- *   <li>Migration/Initialization script name must start with a number e.g <i>1.init.sql</i>, this
- *       number indicates the subversion of the database migration, e.g. for dir <i>5.0.0</i> and
- *       migration script <i>1.init.sql</i> database migration dir will be <i>5.0.0.1</i>
- *   <li>If a file is not a part of migration it shouldn't end with migration prefix e.g.
- *       <i>.sql</i> then resolver will ignore it
- * </ul>
- *
- * <p>For the structure:
- *
- * <pre>
- *   resources/
- *      sql/
- *        5.0.0/
- *          1.init.sql
- *        5.0.0-M1/
- *          1.rename_fields.sql
- *          2.add_workspace_constraint.sql
- *          postgresql/
- *            2.add_workspace_constraint.sql
- *        5.0.1/
- *          1.stacks_migration.sql
- * </pre>
- *
- * And configuration:
- *
- * <pre>
- *     prefix - ""
- *     suffix - ".sql"
- *     separator - "."
- *     locations - "classpath:sql"
- * </pre>
- *
- * <ul>
- *   4 database migrations will be resolved
- *   <li>5.0.0.1 - initialization script based on file <i>sql/5.0.0/1.init.sql</i>
- *   <li>5.0.0.1.1 - modification script based on file <i>sql/5.0.0-M1/1.rename_fields.sql</i>
- *   <li>5.0.0.1.2 - modification script(if postgresql is current provider) based on file
- *       <i>sql/5.0.0-M1/postgresql/2.add_workspace_constraint.sql</i>
- *   <li>5.0.1.1 - modification script based on file <i>sql/5.0.1/1.stacks_migrations.sql</i>
- * </ul>
- *
- * <p>It is also possible to configure several locations then all of those locations will be
- * analyzed for migration scripts existence. For example:
- *
- * <p>For the structure:
- *
- * <pre>
- *  che/
- *    resources/
- *       che-schema/
- *         5.0.0/
- *          1.init.sql
- *  another-project/
- *    resources/
- *      custom-schema/
- *        5.0.0/
- *          2.init_additional_tables.sql
- * </pre>
- *
- * And configuration:
- *
- * <pre>
- *     prefix - ""
- *     suffix - ".sql"
- *     separator - "."
- *     locations - "classpath:che-schema, classpath:custom-schema"
- * </pre>
- *
- * <ul>
- *   2 database migrations will be resolved
- *   <li>5.0.0.1 - initialization script based on file <i>che-schema/5.0.0/1.init.sql</i>
- *   <li>5.0.0.2 - modification script based on file
- *       <i>custom-schema/5.0.0/2.init_additional_tables.sql</i>
- * </ul>
- *
- * @author Yevhenii Voevodin
- */
-public class CustomSqlMigrationResolver extends BaseMigrationResolver {
-
-  private static final Logger LOG = LoggerFactory.getLogger(CustomSqlMigrationResolver.class);
-
-  private final String vendorName;
-  private final ResourcesFinder finder;
-  private final VersionResolver versionResolver;
-  private final SqlScriptCreator scriptsCreator;
-  private final DbSupport dbSupport;
-  private final PlaceholderReplacer placeholderReplacer;
-
-  public CustomSqlMigrationResolver(
-      String dbProviderName, DbSupport dbSupport, PlaceholderReplacer placeholderReplacer) {
-    this.vendorName = dbProviderName;
-    this.dbSupport = dbSupport;
-    this.placeholderReplacer = placeholderReplacer;
-    this.finder = new ResourcesFinder();
-    this.versionResolver = new VersionResolver();
-    this.scriptsCreator = new SqlScriptCreator();
-  }
-
-  @Override
-  public Collection<ResolvedMigration> resolveMigrations() {
-    try {
-      return resolveSqlMigrations();
-    } catch (IOException | SQLException x) {
-      throw new RuntimeException(x.getLocalizedMessage(), x);
-    }
-  }
-
-  private List<ResolvedMigration> resolveSqlMigrations() throws IOException, SQLException {
-    LOG.info(
-        "Searching for SQL scripts in locations {}",
-        Arrays.toString(flywayConfiguration.getLocations()));
-    final Map<Location, List<Resource>> allResources = finder.findResources(flywayConfiguration);
-    LOG.debug("Found scripts: {}", allResources);
-
-    final Map<String, Map<String, SqlScript>> scriptsInDir = new HashMap<>();
-    for (Location location : allResources.keySet()) {
-      final List<Resource> resources = allResources.get(location);
-      for (Resource resource : resources) {
-        final SqlScript newScript = scriptsCreator.createScript(location, resource);
-        if (!scriptsInDir.containsKey(newScript.dir)) {
-          scriptsInDir.put(newScript.dir, new HashMap<>(4));
-        }
-        final Map<String, SqlScript> existingScripts = scriptsInDir.get(newScript.dir);
-        final SqlScript existingScript = existingScripts.get(newScript.name);
-        if (existingScript == null) {
-          existingScripts.put(newScript.name, newScript);
-        } else if (Objects.equals(existingScript.vendor, newScript.vendor)) {
-          throw new FlywayException(
-              format(
-                  "More than one script with name '%s' is registered for "
-                      + "database vendor '%s', script '%s' conflicts with '%s'",
-                  newScript.name, existingScript.vendor, newScript, existingScript));
-        } else if (vendorName.equals(newScript.vendor)) {
-          existingScripts.put(newScript.name, newScript);
-        }
-      }
-    }
-
-    final Map<MigrationVersion, ResolvedMigration> migrations = new HashMap<>();
-    for (SqlScript script :
-        scriptsInDir.values().stream()
-            .flatMap(scripts -> scripts.values().stream())
-            .collect(toList())) {
-      final ResolvedMigrationImpl migration = new ResolvedMigrationImpl();
-      migration.setVersion(versionResolver.resolve(script, flywayConfiguration));
-      migration.setScript(script.resource.getLocation());
-      migration.setPhysicalLocation(script.resource.getLocationOnDisk());
-      migration.setType(MigrationType.SQL);
-      migration.setDescription(script.name);
-      migration.setChecksum(
-          ByteSource.wrap(script.resource.loadAsBytes()).hash(Hashing.crc32()).asInt());
-      migration.setExecutor(
-          new SqlMigrationExecutor(
-              dbSupport, script.resource, placeholderReplacer, flywayConfiguration));
-      if (migrations.put(migration.getVersion(), migration) != null) {
-        throw new FlywayException("Two migrations with the same version detected");
-      }
-    }
-    return new ArrayList<>(migrations.values());
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/FlywaySchemaInitializer.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/FlywaySchemaInitializer.java
@ -1,122 +0,0 @@
-/*
- * Copyright (c) 2012-2021 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import static org.eclipse.che.core.db.DBInitializer.BARE_DB_INIT_PROPERTY_NAME;
-
-import java.sql.Connection;
-import java.sql.SQLException;
-import java.util.HashMap;
-import java.util.Map;
-import javax.inject.Inject;
-import javax.inject.Named;
-import javax.sql.DataSource;
-import org.eclipse.che.core.db.schema.SchemaInitializationException;
-import org.eclipse.che.core.db.schema.SchemaInitializer;
-import org.flywaydb.core.Flyway;
-import org.flywaydb.core.internal.dbsupport.DbSupport;
-import org.flywaydb.core.internal.dbsupport.DbSupportFactory;
-import org.flywaydb.core.internal.metadatatable.MetaDataTable;
-import org.flywaydb.core.internal.metadatatable.MetaDataTableImpl;
-import org.flywaydb.core.internal.util.PlaceholderReplacer;
-
-/**
- * <a href="https://flywaydb.org/">Flyway</a> based schema initializer.
- *
- * @author Yevhenii Voevodin
- */
-public class FlywaySchemaInitializer implements SchemaInitializer {
-
-  private final DataSource dataSource;
-  private final String[] locations;
-  private final String scriptsPrefix;
-  private final String scriptsSuffix;
-  private final String versionSeparator;
-  private final boolean baselineOnMigrate;
-  private final String baselineVersion;
-  private final PlaceholderReplacer placeholderReplacer;
-
-  /**
-   * Creates a new instance of flyway schema initializer.
-   *
-   * @param scriptsLocations the locations where to search migration scripts, if locations is not
-   *     prefixed or prefixed with <i>classpath:</i> then initializer will try to find scripts in
-   *     classpath using {@code Thread.currentThread().}{@link Thread#getContextClassLoader()
-   *     getContextClassLoader()}
-   * @param scriptsPrefix prefix of migration scripts e.g. 'v' or empty string
-   * @param scriptsSuffix suffix of migration scripts e.g. '.sql'
-   * @param versionSeparator separate version from the other part of script name e.g. '.' or '__'
-   * @param baselineOnMigrate whether to ignore scripts up to the version configured by {@code
-   *     baselineVersion}
-   * @param baselineVersion up to this version all the scripts ignored, unless schema is initialized
-   *     first time, note that scripts with version equal to baseline version are also ignored
-   * @param dataSource data source used for migrations
-   * @param placeholderReplacer used to replace variables in script with configured values
-   */
-  @Inject
-  public FlywaySchemaInitializer(
-      @Named("db.schema.flyway.scripts.locations") String[] scriptsLocations,
-      @Named("db.schema.flyway.scripts.prefix") String scriptsPrefix,
-      @Named("db.schema.flyway.scripts.suffix") String scriptsSuffix,
-      @Named("db.schema.flyway.scripts.version_separator") String versionSeparator,
-      @Named("db.schema.flyway.baseline.enabled") boolean baselineOnMigrate,
-      @Named("db.schema.flyway.baseline.version") String baselineVersion,
-      DataSource dataSource,
-      PlaceholderReplacer placeholderReplacer) {
-    this.dataSource = dataSource;
-    this.locations = scriptsLocations;
-    this.scriptsPrefix = scriptsPrefix;
-    this.scriptsSuffix = scriptsSuffix;
-    this.versionSeparator = versionSeparator;
-    this.baselineOnMigrate = baselineOnMigrate;
-    this.baselineVersion = baselineVersion;
-    this.placeholderReplacer = placeholderReplacer;
-  }
-
-  /** Creates a new flyway based initializer with default values. */
-  public FlywaySchemaInitializer(DataSource dataSource, String... locations) {
-    this(locations, "", ".sql", "__", false, "", dataSource, PlaceholderReplacer.NO_PLACEHOLDERS);
-  }
-
-  @Override
-  public Map<String, String> init() throws SchemaInitializationException {
-    final Map<String, String> initResult = new HashMap<>();
-    try (final Connection conn = dataSource.getConnection()) {
-      final Flyway flyway = new Flyway();
-      flyway.setDataSource(dataSource);
-      flyway.setLocations(locations);
-      flyway.setClassLoader(Thread.currentThread().getContextClassLoader());
-      final DbSupport dbSupport = DbSupportFactory.createDbSupport(conn, true);
-      final MetaDataTable mt =
-          new MetaDataTableImpl(
-              dbSupport,
-              dbSupport.getOriginalSchema().getTable(flyway.getTable()),
-              flyway.getInstalledBy());
-      initResult.put(BARE_DB_INIT_PROPERTY_NAME, String.valueOf(!mt.hasAppliedMigrations()));
-      final String productName = conn.getMetaData().getDatabaseProductName().toLowerCase();
-      flyway.setResolvers(
-          new CustomSqlMigrationResolver(productName, dbSupport, placeholderReplacer));
-      flyway.setSkipDefaultResolvers(true);
-      flyway.setBaselineOnMigrate(baselineOnMigrate);
-      if (baselineOnMigrate) {
-        flyway.setBaselineVersionAsString(baselineVersion);
-      }
-      flyway.setSqlMigrationSeparator(versionSeparator);
-      flyway.setSqlMigrationSuffix(scriptsSuffix);
-      flyway.setSqlMigrationPrefix(scriptsPrefix);
-      flyway.migrate();
-    } catch (SQLException | RuntimeException x) {
-      throw new SchemaInitializationException(x.getLocalizedMessage(), x);
-    }
-    return initResult;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/PlaceholderReplacerProvider.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/PlaceholderReplacerProvider.java
@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import javax.inject.Inject;
-import javax.inject.Provider;
-import org.eclipse.che.inject.ConfigurationProperties;
-import org.flywaydb.core.internal.util.PlaceholderReplacer;
-
-/**
- * Placeholder replacer that uses configuration properties.
- *
- * @author Yevhenii Voevodin
- */
-public class PlaceholderReplacerProvider implements Provider<PlaceholderReplacer> {
-
-  private final PlaceholderReplacer replacer;
-
-  @Inject
-  public PlaceholderReplacerProvider(ConfigurationProperties properties) {
-    replacer = new PlaceholderReplacer(properties.getProperties(".*"), "${", "}");
-  }
-
-  @Override
-  public PlaceholderReplacer get() {
-    return replacer;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/ResourcesFinder.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/ResourcesFinder.java
@ -1,57 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import static com.google.common.collect.Lists.newArrayList;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import org.flywaydb.core.api.configuration.FlywayConfiguration;
-import org.flywaydb.core.internal.util.Location;
-import org.flywaydb.core.internal.util.scanner.Resource;
-import org.flywaydb.core.internal.util.scanner.classpath.ClassPathScanner;
-import org.flywaydb.core.internal.util.scanner.filesystem.FileSystemScanner;
-
-/**
- * Searches for sql scripts in given places.
- *
- * @author Yevhenii Voevodin
- */
-class ResourcesFinder {
-
-  /**
-   * Finds script resources in configured {@link FlywayConfiguration#getLocations()}.
-   *
-   * @param configuration flyway configuration to find scripts
-   * @return found scripts or an empty list if nothing found
-   * @throws IOException when any io error occurs during scripts look up
-   */
-  Map<Location, List<Resource>> findResources(FlywayConfiguration configuration)
-      throws IOException {
-    final String prefix = configuration.getSqlMigrationPrefix();
-    final String suffix = configuration.getSqlMigrationSuffix();
-    final ClassPathScanner cpScanner = new ClassPathScanner(configuration.getClassLoader());
-    final FileSystemScanner fsScanner = new FileSystemScanner();
-    final Map<Location, List<Resource>> resources = new HashMap<>();
-    for (String rawLocation : configuration.getLocations()) {
-      final Location location = new Location(rawLocation);
-      if (location.isClassPath()) {
-        resources.put(location, newArrayList(cpScanner.scanForResources(location, prefix, suffix)));
-      } else {
-        resources.put(location, newArrayList(fsScanner.scanForResources(location, prefix, suffix)));
-      }
-    }
-    return resources;
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/SqlScript.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/SqlScript.java
@ -1,84 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import java.util.Objects;
-import org.flywaydb.core.internal.util.Location;
-import org.flywaydb.core.internal.util.scanner.Resource;
-
-/**
- * Data object for holding information about sql script.
- *
- * @author Yevhenii Voevodin
- */
-class SqlScript {
-
-  final Resource resource;
-  final Location location;
-  final String dir;
-  final String vendor;
-  final String name;
-
-  SqlScript(Resource resource, Location location, String dir, String vendor, String name) {
-    this.resource = resource;
-    this.location = location;
-    this.name = name;
-    this.vendor = vendor;
-    this.dir = dir;
-  }
-
-  @Override
-  public boolean equals(Object obj) {
-    if (this == obj) {
-      return true;
-    }
-    if (!(obj instanceof SqlScript)) {
-      return false;
-    }
-    final SqlScript that = (SqlScript) obj;
-    return Objects.equals(resource, that.resource)
-        && Objects.equals(location, that.location)
-        && Objects.equals(dir, that.dir)
-        && Objects.equals(vendor, that.vendor)
-        && Objects.equals(name, that.name);
-  }
-
-  @Override
-  public int hashCode() {
-    int hash = 7;
-    hash = 31 * hash + Objects.hashCode(resource);
-    hash = 31 * hash + Objects.hashCode(location);
-    hash = 31 * hash + Objects.hashCode(dir);
-    hash = 31 * hash + Objects.hashCode(vendor);
-    hash = 31 * hash + Objects.hashCode(name);
-    return hash;
-  }
-
-  @Override
-  public String toString() {
-    return "SqlScript{"
-        + "resource="
-        + resource
-        + ", location="
-        + location
-        + ", dir='"
-        + dir
-        + '\''
-        + ", vendor='"
-        + vendor
-        + '\''
-        + ", name='"
-        + name
-        + '\''
-        + '}';
-  }
-}
--- a/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/SqlScriptCreator.java
+++ b/core/che-core-db/src/main/java/org/eclipse/che/core/db/schema/impl/flyway/SqlScriptCreator.java
@ -1,55 +0,0 @@
-/*
- * Copyright (c) 2012-2018 Red Hat, Inc.
- * This program and the accompanying materials are made
- * available under the terms of the Eclipse Public License 2.0
- * which is available at https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Red Hat, Inc. - initial API and implementation
- */
-package org.eclipse.che.core.db.schema.impl.flyway;
-
-import static java.lang.String.format;
-
-import java.io.File;
-import org.flywaydb.core.api.FlywayException;
-import org.flywaydb.core.internal.util.Location;
-import org.flywaydb.core.internal.util.scanner.Resource;
-
-/**
- * Creates new {@link SqlScript} instance from given resource.
- *
- * @author Yevhenii Voevodin
- */
-class SqlScriptCreator {
-
-  /**
-   * Create a new instance of script based on location and resource.
-   *
-   * @param location root location of the given resource
-   * @param resource script resource
-   * @return a new instance of sql script based on location and resource
-   * @throws FlywayException when script can't be created from the resource
-   */
-  SqlScript createScript(Location location, Resource resource) {
-    final String separator = location.isClassPath() ? "/" : File.separator;
-    // '/root-location/5.0.0-M7/v1__init.sql' -> '5.0.0-M7/v1__init.sql'
-    final String relLocation = resource.getLocation().substring(location.getPath().length() + 1);
-    final String[] paths = relLocation.split(separator);
-    // 5.0.0-M1/v1__init.sql
-    if (paths.length == 2) {
-      return new SqlScript(resource, location, paths[0], null, paths[1]);
-    }
-    // 5.0.0-M1/postgresql/v1__init.sql
-    if (paths.length == 3) {
-      return new SqlScript(resource, location, paths[0], paths[1], paths[2]);
-    }
-    throw new FlywayException(
-        format(
-            "Sql script location must be either in 'location-root/version-dir' "
-                + "or in 'location-root/version-dir/provider-name', but script '%s' is not in root '%s'",
-            resource.getLocation(), location.getPath()));
-  }
-}
--- a/Show More
+++ b/Show More