From 82c368a2ab074f9b8907e46f60080fe3f83da51b Mon Sep 17 00:00:00 2001 From: Anatolii Bazko Date: Thu, 17 Feb 2022 16:11:26 +0200 Subject: [PATCH] chore: stop generating crd v1beta1 Signed-off-by: Anatolii Bazko --- .github/bin/check-resources.sh | 13 +- Makefile | 48 - README.md | 1 - api/v1/checluster_types.go | 5 +- config/crd/bases/org_v1_che_crd-v1beta1.yaml | 1183 ------------------ 5 files changed, 5 insertions(+), 1245 deletions(-) delete mode 100644 config/crd/bases/org_v1_che_crd-v1beta1.yaml diff --git a/.github/bin/check-resources.sh b/.github/bin/check-resources.sh index f120b58306..1a272e5bdc 100755 --- a/.github/bin/check-resources.sh +++ b/.github/bin/check-resources.sh @@ -57,17 +57,12 @@ checkCRDs() { local checlusterbackup_CRD_V1="config/crd/bases/org.eclipse.che_checlusterbackups_crd.yaml" local checlusterrestore_CRD_V1="config/crd/bases/org.eclipse.che_checlusterrestores_crd.yaml" - local checluster_CRD_V1BETA1="config/crd/bases/org_v1_che_crd-v1beta1.yaml" - local chebackupserverconfiguration_CRD_V1BETA1="config/crd/bases/org.eclipse.che_chebackupserverconfigurations_crd-v1beta1.yaml" - local checlusterbackup_CRD_V1BETA1="config/crd/bases/org.eclipse.che_checlusterbackups_crd-v1beta1.yaml" - local checlusterrestore_CRD_V1BETA1="config/crd/bases/org.eclipse.che_checlusterrestores_crd-v1beta1.yaml" - changedFiles=($(cd ${ROOT_PROJECT_DIR}; git diff --name-only)) # Check if there are any difference in the crds. If yes, then fail check. - if [[ " ${changedFiles[*]} " =~ $checluster_CRD_V1 ]] || [[ " ${changedFiles[*]} " =~ $checluster_CRD_V1BETA1 ]] || \ - [[ " ${changedFiles[*]} " =~ $chebackupserverconfiguration_CRD_V1 ]] || [[ " ${changedFiles[*]} " =~ $chebackupserverconfiguration_CRD_V1BETA1 ]] || \ - [[ " ${changedFiles[*]} " =~ $checlusterbackup_CRD_V1 ]] || [[ " ${changedFiles[*]} " =~ $checlusterbackup_CRD_V1BETA1 ]] || \ - [[ " ${changedFiles[*]} " =~ $checlusterrestore_CRD_V1 ]] || [[ " ${changedFiles[*]} " =~ $checlusterrestore_CRD_V1BETA1 ]] + if [[ " ${changedFiles[*]} " =~ $checluster_CRD_V1 ]] || \ + [[ " ${changedFiles[*]} " =~ $chebackupserverconfiguration_CRD_V1 ]] || \ + [[ " ${changedFiles[*]} " =~ $checlusterbackup_CRD_V1 ]] || \ + [[ " ${changedFiles[*]} " =~ $checlusterrestore_CRD_V1 ]] then echo "[ERROR] CRD file is not up to date: ${BASH_REMATCH}" echo "[ERROR] Run 'make update-resources -s' to regenerate CRD files." diff --git a/Makefile b/Makefile index b87b3d6318..d33f4e6dca 100644 --- a/Makefile +++ b/Makefile @@ -43,7 +43,6 @@ BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION) IMG ?= quay.io/eclipse/che-operator:next # Produce CRDs that work back to Kubernetes 1.11 (no version conversion) CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false" -CRD_BETA_OPTIONS ?= "crd:trivialVersions=true,crdVersions=v1beta1" OPERATOR_YAML="config/manager/manager.yaml" @@ -54,9 +53,6 @@ CRD_FOLDER="config/crd/bases" ECLIPSE_CHE_CR=config/samples/org.eclipse.che_v1_checluster.yaml -# legacy crd v1beta1 file names -ECLIPSE_CHE_CRD_V1BETA1="$(CRD_FOLDER)/org_v1_che_crd-v1beta1.yaml" - # legacy crd file names ECLIPSE_CHE_CRD_V1="$(CRD_FOLDER)/org_v1_che_crd.yaml" @@ -126,58 +122,18 @@ download-operator-sdk: chmod +x $${OP_SDK_PATH} echo "[INFO] operator-sdk is ready." -removeRequiredAttribute: SHELL := /bin/bash -removeRequiredAttribute: - REQUIRED=false - - while IFS= read -r line - do - if [[ $$REQUIRED == true ]]; then - if [[ $$line == *"- "* ]]; then - continue - else - REQUIRED=false - fi - fi - - if [[ $$line == *"required:"* ]]; then - REQUIRED=true - continue - fi - - echo "$$line" >> $$filePath.tmp - done < "$$filePath" - - mv $${filePath}.tmp $${filePath} - manifests: controller-gen add-license-download ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - # Generate CRDs v1beta1 - $(CONTROLLER_GEN) $(CRD_BETA_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases - mv "$(ECLIPSE_CHE_CRD)" "$(ECLIPSE_CHE_CRD_V1BETA1)" - # Generate CRDs v1 $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases mv "$(ECLIPSE_CHE_CRD)" "$(ECLIPSE_CHE_CRD_V1)" # remove yaml delimitier, which makes OLM catalog source image broken. - sed -i.bak '/---/d' "$(ECLIPSE_CHE_CRD_V1BETA1)" - rm -rf "$(ECLIPSE_CHE_CRD_V1BETA1).bak" sed -i.bak '/---/d' "$(ECLIPSE_CHE_CRD_V1)" rm -rf "$(ECLIPSE_CHE_CRD_V1).bak" # remove v1alphav2 version from crd files - yq -rYi "del(.spec.versions[1])" "$(ECLIPSE_CHE_CRD_V1BETA1)" yq -rYi "del(.spec.versions[1])" "$(ECLIPSE_CHE_CRD_V1)" - # remove .spec.subresources.status from crd v1beta1 files - yq -rYi ".spec.subresources.status = {}" "$(ECLIPSE_CHE_CRD_V1BETA1)" - - # remove .spec.validation.openAPIV3Schema.type field - yq -rYi "del(.spec.validation.openAPIV3Schema.type)" "$(ECLIPSE_CHE_CRD_V1BETA1)" - - # remove "required" attributes from v1beta1 crd files - $(MAKE) removeRequiredAttribute "filePath=$(ECLIPSE_CHE_CRD_V1BETA1)" - $(MAKE) add-license $$(find ./config/crd -not -path "./vendor/*" -name "*.yaml") generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. @@ -311,10 +267,6 @@ init-cr: kubectl apply -f ${ECLIPSE_CHE_CR} -n ${ECLIPSE_CHE_NAMESPACE} fi -apply-cr-crd-beta: - kubectl apply -f ${ECLIPSE_CHE_CRD_V1BETA1} - kubectl apply -f ${ECLIPSE_CHE_CR} -n ${ECLIPSE_CHE_NAMESPACE} - create-env-file: prepare-templates rm -rf "${ENV_FILE}" touch "${ENV_FILE}" diff --git a/README.md b/README.md index 847e1b5d1c..f71248a06f 100644 --- a/README.md +++ b/README.md @@ -239,7 +239,6 @@ $ make generate; make manifests This command will update CRD files: - `config/crd/bases/org_v1_che_crd.yaml` - - `config/crd/bases/org_v1_che_crd-v1beta1.yaml` CRD beta yamls should be used for back compatibility with Openshift 3. diff --git a/api/v1/checluster_types.go b/api/v1/checluster_types.go index 0eb7e78c69..747068a14c 100644 --- a/api/v1/checluster_types.go +++ b/api/v1/checluster_types.go @@ -15,10 +15,7 @@ package v1 // Important: You must regenerate some generated code after modifying this file. At the root of the project: // Run `make generate`. It will perform required changes: // - update `api/v1/zz_generatedxxx` files; -// - update `config/crd/bases/org_v1_checluster_crd.yaml` and `config/crd/bases/org_v1_che_crd-v1beta1.yaml` files; -// - In the updated `config/crd/bases/org_v1_checluster_crd.yaml`: Delete all the `required:` openAPI rules in the CRD OpenApi schema; -// - Rename the new `config/crd/bases/org_v1_checluster_crd.yaml` to `config/crd/bases/org_v1_che_crd.yaml` to override it. -// IMPORTANT These 2 last steps are important to ensure backward compatibility with already existing `CheCluster` CRs that were created when no schema was provided. +// - update `config/crd/bases/org_v1_checluster_crd.yaml` file; import ( chev1alpha1 "github.com/che-incubator/kubernetes-image-puller-operator/api/v1alpha1" diff --git a/config/crd/bases/org_v1_che_crd-v1beta1.yaml b/config/crd/bases/org_v1_che_crd-v1beta1.yaml deleted file mode 100644 index 4af545e1c7..0000000000 --- a/config/crd/bases/org_v1_che_crd-v1beta1.yaml +++ /dev/null @@ -1,1183 +0,0 @@ -# -# Copyright (c) 2019-2021 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# -# Contributors: -# Red Hat, Inc. - initial API and implementation -# - -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null - name: checlusters.org.eclipse.che -spec: - group: org.eclipse.che - names: - kind: CheCluster - listKind: CheClusterList - plural: checlusters - singular: checluster - scope: Namespaced - validation: - openAPIV3Schema: - description: The `CheCluster` custom resource allows defining and managing a - Che server installation - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired configuration of the Che installation. Based on these - settings, the Operator automatically creates and maintains several ConfigMaps - that will contain the appropriate environment variables the various components - of the Che installation. These generated ConfigMaps must NOT be updated - manually. - properties: - auth: - description: Configuration settings related to the Authentication used - by the Che installation. - properties: - debug: - description: Deprecated. The value of this flag is ignored. Debug - internal identity provider. - type: boolean - externalIdentityProvider: - description: 'Deprecated. The value of this flag is ignored. Instructs - the Operator on whether or not to deploy a dedicated Identity - Provider (Keycloak or RH SSO instance). Instructs the Operator - on whether to deploy a dedicated Identity Provider (Keycloak or - RH-SSO instance). By default, a dedicated Identity Provider server - is deployed as part of the Che installation. When `externalIdentityProvider` - is `true`, no dedicated identity provider will be deployed by - the Operator and you will need to provide details about the external - identity provider you are about to use. See also all the other - fields starting with: `identityProvider`.' - type: boolean - gatewayAuthenticationSidecarImage: - description: Gateway sidecar responsible for authentication when - NativeUserMode is enabled. See link:https://github.com/oauth2-proxy/oauth2-proxy[oauth2-proxy] - or link:https://github.com/openshift/oauth-proxy[openshift/oauth-proxy]. - type: string - gatewayAuthorizationSidecarImage: - description: Gateway sidecar responsible for authorization when - NativeUserMode is enabled. See link:https://github.com/brancz/kube-rbac-proxy[kube-rbac-proxy] - or link:https://github.com/openshift/kube-rbac-proxy[openshift/kube-rbac-proxy] - type: string - gatewayHeaderRewriteSidecarImage: - description: Deprecated. The value of this flag is ignored. Sidecar - functionality is now implemented in Traefik plugin. - type: string - identityProviderAdminUserName: - description: Deprecated. The value of this flag is ignored. Overrides - the name of the Identity Provider administrator user. Defaults - to `admin`. - type: string - identityProviderClientId: - description: Deprecated. The value of this flag is ignored. Name - of a Identity provider, Keycloak or RH-SSO, `client-id` that is - used for Che. Override this when an external Identity Provider - is in use. See the `externalIdentityProvider` field. When omitted - or left blank, it is set to the value of the `flavour` field suffixed - with `-public`. - type: string - identityProviderContainerResources: - description: Deprecated. The value of this flag is ignored. Identity - provider container custom settings. - properties: - limits: - description: Limits describes the maximum amount of compute - resources allowed. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - request: - description: Requests describes the minimum amount of compute - resources required. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - type: object - identityProviderImage: - description: Deprecated. The value of this flag is ignored. Overrides - the container image used in the Identity Provider, Keycloak or - RH-SSO, deployment. This includes the image tag. Omit it or leave - it empty to use the default container image provided by the Operator. - type: string - identityProviderImagePullPolicy: - description: Deprecated. The value of this flag is ignored. Overrides - the image pull policy used in the Identity Provider, Keycloak - or RH-SSO, deployment. Default value is `Always` for `nightly`, - `next` or `latest` images, and `IfNotPresent` in other cases. - type: string - identityProviderIngress: - description: Deprecated. The value of this flag is ignored. Ingress - custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - identityProviderPassword: - description: Deprecated. The value of this flag is ignored. Overrides - the password of Keycloak administrator user. Override this when - an external Identity Provider is in use. See the `externalIdentityProvider` - field. When omitted or left blank, it is set to an auto-generated - password. - type: string - identityProviderPostgresPassword: - description: Deprecated. The value of this flag is ignored. Password - for a Identity Provider, Keycloak or RH-SSO, to connect to the - database. Override this when an external Identity Provider is - in use. See the `externalIdentityProvider` field. When omitted - or left blank, it is set to an auto-generated password. - type: string - identityProviderPostgresSecret: - description: 'Deprecated. The value of this flag is ignored. The - secret that contains `password` for the Identity Provider, Keycloak - or RH-SSO, to connect to the database. When the secret is defined, - the `identityProviderPostgresPassword` is ignored. When the value - is omitted or left blank, the one of following scenarios applies: - 1. `identityProviderPostgresPassword` is defined, then it will - be used to connect to the database. 2. `identityProviderPostgresPassword` - is not defined, then a new secret with the name `che-identity-postgres-secret` - will be created with an auto-generated value for `password`. The - secret must have `app.kubernetes.io/part-of=che.eclipse.org` label.' - type: string - identityProviderRealm: - description: Deprecated. The value of this flag is ignored. Name - of a Identity provider, Keycloak or RH-SSO, realm that is used - for Che. Override this when an external Identity Provider is in - use. See the `externalIdentityProvider` field. When omitted or - left blank, it is set to the value of the `flavour` field. - type: string - identityProviderRoute: - description: Deprecated. The value of this flag is ignored. Route - custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - identityProviderSecret: - description: 'Deprecated. The value of this flag is ignored. The - secret that contains `user` and `password` for Identity Provider. - When the secret is defined, the `identityProviderAdminUserName` - and `identityProviderPassword` are ignored. When the value is - omitted or left blank, the one of following scenarios applies: - 1. `identityProviderAdminUserName` and `identityProviderPassword` - are defined, then they will be used. 2. `identityProviderAdminUserName` - or `identityProviderPassword` are not defined, then a new secret - with the name `che-identity-secret` will be created with default - value `admin` for `user` and with an auto-generated value for - `password`. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` - label.' - type: string - identityProviderURL: - description: Public URL of the Identity Provider server (Keycloak - / RH-SSO server). Set this ONLY when a use of an external Identity - Provider is needed. See the `externalIdentityProvider` field. - By default, this will be automatically calculated and set by the - Operator. - type: string - initialOpenShiftOAuthUser: - description: Deprecated. The value of this flag is ignored. For - operating with the OpenShift OAuth authentication, create a new - user account since the kubeadmin can not be used. If the value - is true, then a new OpenShift OAuth user will be created for the - HTPasswd identity provider. If the value is false and the user - has already been created, then it will be removed. If value is - an empty, then do nothing. The user's credentials are stored in - the `openshift-oauth-user-credentials` secret in 'openshift-config' - namespace by Operator. Note that this solution is Openshift 4 - platform-specific. - type: boolean - nativeUserMode: - description: Deprecated. The value of this flag is ignored. Enables - native user mode. Currently works only on OpenShift and DevWorkspace - engine. Native User mode uses OpenShift OAuth directly as identity - provider, without Keycloak. - type: boolean - oAuthClientName: - description: Name of the OpenShift `OAuthClient` resource used to - setup identity federation on the OpenShift side. Auto-generated - when left blank. See also the `OpenShiftoAuth` field. - type: string - oAuthSecret: - description: Name of the secret set in the OpenShift `OAuthClient` - resource used to setup identity federation on the OpenShift side. - Auto-generated when left blank. See also the `OAuthClientName` - field. - type: string - openShiftoAuth: - description: 'Deprecated. The value of this flag is ignored. Enables - the integration of the identity provider (Keycloak / RHSSO) with - OpenShift OAuth. Empty value on OpenShift by default. This will - allow users to directly login with their OpenShift user through - the OpenShift login, and have their workspaces created under personal - OpenShift namespaces. WARNING: the `kubeadmin` user is NOT supported, - and logging through it will NOT allow accessing the Che Dashboard.' - type: boolean - updateAdminPassword: - description: Deprecated. The value of this flag is ignored. Forces - the default `admin` Che user to update password on first login. - Defaults to `false`. - type: boolean - type: object - database: - description: Configuration settings related to the database used by - the Che installation. - properties: - chePostgresContainerResources: - description: PostgreSQL container custom settings - properties: - limits: - description: Limits describes the maximum amount of compute - resources allowed. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - request: - description: Requests describes the minimum amount of compute - resources required. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - type: object - chePostgresDb: - description: PostgreSQL database name that the Che server uses to - connect to the DB. Defaults to `dbche`. - type: string - chePostgresHostName: - description: PostgreSQL Database host name that the Che server uses - to connect to. Defaults is `postgres`. Override this value ONLY - when using an external database. See field `externalDb`. In the - default case it will be automatically set by the Operator. - type: string - chePostgresPassword: - description: PostgreSQL password that the Che server uses to connect - to the DB. When omitted or left blank, it will be set to an automatically - generated value. - type: string - chePostgresPort: - description: PostgreSQL Database port that the Che server uses to - connect to. Defaults to 5432. Override this value ONLY when using - an external database. See field `externalDb`. In the default case - it will be automatically set by the Operator. - type: string - chePostgresSecret: - description: 'The secret that contains PostgreSQL`user` and `password` - that the Che server uses to connect to the DB. When the secret - is defined, the `chePostgresUser` and `chePostgresPassword` are - ignored. When the value is omitted or left blank, the one of following - scenarios applies: 1. `chePostgresUser` and `chePostgresPassword` - are defined, then they will be used to connect to the DB. 2. `chePostgresUser` - or `chePostgresPassword` are not defined, then a new secret with - the name `che-postgres-secret` will be created with default value - of `pgche` for `user` and with an auto-generated value for `password`. - The secret must have `app.kubernetes.io/part-of=che.eclipse.org` - label.' - type: string - chePostgresUser: - description: PostgreSQL user that the Che server uses to connect - to the DB. Defaults to `pgche`. - type: string - externalDb: - description: 'Instructs the Operator on whether to deploy a dedicated - database. By default, a dedicated PostgreSQL database is deployed - as part of the Che installation. When `externalDb` is `true`, - no dedicated database will be deployed by the Operator and you - will need to provide connection details to the external DB you - are about to use. See also all the fields starting with: `chePostgres`.' - type: boolean - postgresImage: - description: Overrides the container image used in the PostgreSQL - database deployment. This includes the image tag. Omit it or leave - it empty to use the default container image provided by the Operator. - type: string - postgresImagePullPolicy: - description: Overrides the image pull policy used in the PostgreSQL - database deployment. Default value is `Always` for `nightly`, - `next` or `latest` images, and `IfNotPresent` in other cases. - type: string - postgresVersion: - description: 'Indicates a PostgreSQL version image to use. Allowed - values are: `9.6` and `13.3`. Migrate your PostgreSQL database - to switch from one version to another.' - type: string - pvcClaimSize: - description: Size of the persistent volume claim for database. Defaults - to `1Gi`. To update pvc storageclass that provisions it must support - resize when Eclipse Che has been already deployed. - type: string - type: object - devWorkspace: - description: DevWorkspace operator configuration - properties: - controllerImage: - description: Overrides the container image used in the DevWorkspace - controller deployment. This includes the image tag. Omit it or - leave it empty to use the default container image provided by - the Operator. - type: string - enable: - description: Deploys the DevWorkspace Operator in the cluster. Does - nothing when a matching version of the Operator is already installed. - Fails when a non-matching version of the Operator is already installed. - type: boolean - type: object - imagePuller: - description: Kubernetes Image Puller configuration - properties: - enable: - description: Install and configure the Community Supported Kubernetes - Image Puller Operator. When set to `true` and no spec is provided, - it will create a default KubernetesImagePuller object to be managed - by the Operator. When set to `false`, the KubernetesImagePuller - object will be deleted, and the Operator will be uninstalled, - regardless of whether a spec is provided. If the `spec.images` - field is empty, a set of recommended workspace-related images - will be automatically detected and pre-pulled after installation. - Note that while this Operator and its behavior is community-supported, - its payload may be commercially-supported for pulling commercially-supported - images. - type: boolean - spec: - description: A KubernetesImagePullerSpec to configure the image - puller in the CheCluster - properties: - affinity: - type: string - cachingCPULimit: - type: string - cachingCPURequest: - type: string - cachingIntervalHours: - type: string - cachingMemoryLimit: - type: string - cachingMemoryRequest: - type: string - configMapName: - type: string - daemonsetName: - type: string - deploymentName: - type: string - imagePullSecrets: - type: string - imagePullerImage: - type: string - images: - type: string - nodeSelector: - type: string - type: object - type: object - k8s: - description: Configuration settings specific to Che installations made - on upstream Kubernetes. - properties: - ingressClass: - description: 'Ingress class that will define the which controller - will manage ingresses. Defaults to `nginx`. NB: This drives the - `kubernetes.io/ingress.class` annotation on Che-related ingresses.' - type: string - ingressDomain: - description: 'Global ingress domain for a Kubernetes cluster. This - MUST be explicitly specified: there are no defaults.' - type: string - ingressStrategy: - description: 'Deprecated. The value of this flag is ignored. Strategy - for ingress creation. Options are: `multi-host` (host is explicitly - provided in ingress), `single-host` (host is provided, path-based - rules) and `default-host` (no host is provided, path-based rules). - Defaults to `multi-host` Deprecated in favor of `serverExposureStrategy` - in the `server` section, which defines this regardless of the - cluster type. When both are defined, the `serverExposureStrategy` - option takes precedence.' - type: string - securityContextFsGroup: - description: The FSGroup in which the Che Pod and workspace Pods - containers runs in. Default value is `1724`. - type: string - securityContextRunAsUser: - description: ID of the user the Che Pod and workspace Pods containers - run as. Default value is `1724`. - type: string - singleHostExposureType: - description: Deprecated. The value of this flag is ignored. When - the serverExposureStrategy is set to `single-host`, the way the - server, registries and workspaces are exposed is further configured - by this property. The possible values are `native`, which means - that the server and workspaces are exposed using ingresses on - K8s or `gateway` where the server and workspaces are exposed using - a custom gateway based on link:https://doc.traefik.io/traefik/[Traefik]. - All the endpoints whether backed by the ingress or gateway `route` - always point to the subpaths on the same domain. Defaults to `native`. - type: string - tlsSecretName: - description: Name of a secret that will be used to setup ingress - TLS termination when TLS is enabled. When the field is empty string, - the default cluster certificate will be used. See also the `tlsSupport` - field. - type: string - type: object - metrics: - description: Configuration settings related to the metrics collection - used by the Che installation. - properties: - enable: - description: Enables `metrics` the Che server endpoint. Default - to `true`. - type: boolean - type: object - server: - description: General configuration settings related to the Che server, - the plugin and devfile registries - properties: - airGapContainerRegistryHostname: - description: Optional host name, or URL, to an alternate container - registry to pull images from. This value overrides the container - registry host name defined in all the default container images - involved in a Che deployment. This is particularly useful to install - Che in a restricted environment. - type: string - airGapContainerRegistryOrganization: - description: Optional repository name of an alternate container - registry to pull images from. This value overrides the container - registry organization defined in all the default container images - involved in a Che deployment. This is particularly useful to install - Eclipse Che in a restricted environment. - type: string - allowUserDefinedWorkspaceNamespaces: - description: Deprecated. The value of this flag is ignored. Defines - that a user is allowed to specify a Kubernetes namespace, or an - OpenShift project, which differs from the default. It's NOT RECOMMENDED - to set to `true` without OpenShift OAuth configured. The OpenShift - infrastructure also uses this property. - type: boolean - cheClusterRoles: - description: A comma-separated list of ClusterRoles that will be - assigned to Che ServiceAccount. Each role must have `app.kubernetes.io/part-of=che.eclipse.org` - label. Be aware that the Che Operator has to already have all - permissions in these ClusterRoles to grant them. - type: string - cheDebug: - description: Enables the debug mode for Che server. Defaults to - `false`. - type: string - cheFlavor: - description: Deprecated. The value of this flag is ignored. Specifies - a variation of the installation. The options are `che` for upstream - Che installations, or `codeready` for link:https://developers.redhat.com/products/codeready-workspaces/overview[CodeReady - Workspaces] installation. Override the default value only on necessary - occasions. - type: string - cheHost: - description: Public host name of the installed Che server. When - value is omitted, the value it will be automatically set by the - Operator. See the `cheHostTLSSecret` field. - type: string - cheHostTLSSecret: - description: Name of a secret containing certificates to secure - ingress or route for the custom host name of the installed Che - server. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` - label. See the `cheHost` field. - type: string - cheImage: - description: Overrides the container image used in Che deployment. - This does NOT include the container image tag. Omit it or leave - it empty to use the default container image provided by the Operator. - type: string - cheImagePullPolicy: - description: Overrides the image pull policy used in Che deployment. - Default value is `Always` for `nightly`, `next` or `latest` images, - and `IfNotPresent` in other cases. - type: string - cheImageTag: - description: Overrides the tag of the container image used in Che - deployment. Omit it or leave it empty to use the default image - tag provided by the Operator. - type: string - cheLogLevel: - description: 'Log level for the Che server: `INFO` or `DEBUG`. Defaults - to `INFO`.' - type: string - cheServerIngress: - description: The Che server ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - cheServerRoute: - description: The Che server route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - cheWorkspaceClusterRole: - description: Custom cluster role bound to the user for the Che workspaces. - The role must have `app.kubernetes.io/part-of=che.eclipse.org` - label. The default roles are used when omitted or left blank. - type: string - customCheProperties: - additionalProperties: - type: string - description: Map of additional environment variables that will be - applied in the generated `che` ConfigMap to be used by the Che - server, in addition to the values already generated from other - fields of the `CheCluster` custom resource (CR). When `customCheProperties` - contains a property that would be normally generated in `che` - ConfigMap from other CR fields, the value defined in the `customCheProperties` - is used instead. - type: object - dashboardCpuLimit: - description: Overrides the CPU limit used in the dashboard deployment. - In cores. (500m = .5 cores). Default to 500m. - type: string - dashboardCpuRequest: - description: Overrides the CPU request used in the dashboard deployment. - In cores. (500m = .5 cores). Default to 100m. - type: string - dashboardImage: - description: Overrides the container image used in the dashboard - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - dashboardImagePullPolicy: - description: Overrides the image pull policy used in the dashboard - deployment. Default value is `Always` for `nightly`, `next` or - `latest` images, and `IfNotPresent` in other cases. - type: string - dashboardIngress: - description: Deprecated. The value of this flag is ignored. Dashboard - ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - dashboardMemoryLimit: - description: Overrides the memory limit used in the dashboard deployment. - Defaults to 256Mi. - type: string - dashboardMemoryRequest: - description: Overrides the memory request used in the dashboard - deployment. Defaults to 16Mi. - type: string - dashboardRoute: - description: Deprecated. The value of this flag is ignored. Dashboard - route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryCpuLimit: - description: Overrides the CPU limit used in the devfile registry - deployment. In cores. (500m = .5 cores). Default to 500m. - type: string - devfileRegistryCpuRequest: - description: Overrides the CPU request used in the devfile registry - deployment. In cores. (500m = .5 cores). Default to 100m. - type: string - devfileRegistryImage: - description: Overrides the container image used in the devfile registry - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - devfileRegistryIngress: - description: Deprecated. The value of this flag is ignored. The - devfile registry ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryMemoryLimit: - description: Overrides the memory limit used in the devfile registry - deployment. Defaults to 256Mi. - type: string - devfileRegistryMemoryRequest: - description: Overrides the memory request used in the devfile registry - deployment. Defaults to 16Mi. - type: string - devfileRegistryPullPolicy: - description: Overrides the image pull policy used in the devfile - registry deployment. Default value is `Always` for `nightly`, - `next` or `latest` images, and `IfNotPresent` in other cases. - type: string - devfileRegistryRoute: - description: Deprecated. The value of this flag is ignored. The - devfile registry route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryUrl: - description: Deprecated in favor of `externalDevfileRegistries` - fields. - type: string - disableInternalClusterSVCNames: - description: Deprecated. The value of this flag is ignored. Disable - internal cluster SVC names usage to communicate between components - to speed up the traffic and avoid proxy issues. - type: boolean - externalDevfileRegistries: - description: External devfile registries, that serves sample, ready-to-use - devfiles. Configure this in addition to a dedicated devfile registry - (when `externalDevfileRegistry` is `false`) or instead of it (when - `externalDevfileRegistry` is `true`) - items: - description: Settings for a configuration of the external devfile - registries. - properties: - url: - description: Public URL of the devfile registry. - type: string - type: object - type: array - externalDevfileRegistry: - description: Instructs the Operator on whether to deploy a dedicated - devfile registry server. By default, a dedicated devfile registry - server is started. When `externalDevfileRegistry` is `true`, no - such dedicated server will be started by the Operator and configure - at least one devfile registry with `externalDevfileRegistries` - field. - type: boolean - externalPluginRegistry: - description: Instructs the Operator on whether to deploy a dedicated - plugin registry server. By default, a dedicated plugin registry - server is started. When `externalPluginRegistry` is `true`, no - such dedicated server will be started by the Operator and you - will have to manually set the `pluginRegistryUrl` field. - type: boolean - gitSelfSignedCert: - description: When enabled, the certificate from `che-git-self-signed-cert` - ConfigMap will be propagated to the Che components and provide - particular configuration for Git. Note, the `che-git-self-signed-cert` - ConfigMap must have `app.kubernetes.io/part-of=che.eclipse.org` - label. - type: boolean - nonProxyHosts: - description: 'List of hosts that will be reached directly, bypassing - the proxy. Specify wild card domain use the following form `.` - and `|` as delimiter, for example: `localhost|.my.host.com|123.42.12.32` - Only use when configuring a proxy is required. Operator respects - OpenShift cluster wide proxy configuration and no additional configuration - is required, but defining `nonProxyHosts` in a custom resource - leads to merging non proxy hosts lists from the cluster proxy - configuration and ones defined in the custom resources. See the - doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. - See also the `proxyURL` fields.' - type: string - pluginRegistryCpuLimit: - description: Overrides the CPU limit used in the plugin registry - deployment. In cores. (500m = .5 cores). Default to 500m. - type: string - pluginRegistryCpuRequest: - description: Overrides the CPU request used in the plugin registry - deployment. In cores. (500m = .5 cores). Default to 100m. - type: string - pluginRegistryImage: - description: Overrides the container image used in the plugin registry - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - pluginRegistryIngress: - description: Deprecated. The value of this flag is ignored. Plugin - registry ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - pluginRegistryMemoryLimit: - description: Overrides the memory limit used in the plugin registry - deployment. Defaults to 256Mi. - type: string - pluginRegistryMemoryRequest: - description: Overrides the memory request used in the plugin registry - deployment. Defaults to 16Mi. - type: string - pluginRegistryPullPolicy: - description: Overrides the image pull policy used in the plugin - registry deployment. Default value is `Always` for `nightly`, - `next` or `latest` images, and `IfNotPresent` in other cases. - type: string - pluginRegistryRoute: - description: Deprecated. The value of this flag is ignored. Plugin - registry route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - pluginRegistryUrl: - description: Public URL of the plugin registry that serves sample - ready-to-use devfiles. Set this ONLY when a use of an external - devfile registry is needed. See the `externalPluginRegistry` field. - By default, this will be automatically calculated by the Operator. - type: string - proxyPassword: - description: Password of the proxy server. Only use when proxy configuration - is required. See the `proxyURL`, `proxyUser` and `proxySecret` - fields. - type: string - proxyPort: - description: Port of the proxy server. Only use when configuring - a proxy is required. See also the `proxyURL` and `nonProxyHosts` - fields. - type: string - proxySecret: - description: The secret that contains `user` and `password` for - a proxy server. When the secret is defined, the `proxyUser` and - `proxyPassword` are ignored. The secret must have `app.kubernetes.io/part-of=che.eclipse.org` - label. - type: string - proxyURL: - description: URL (protocol+host name) of the proxy server. This - drives the appropriate changes in the `JAVA_OPTS` and `https(s)_proxy` - variables in the Che server and workspaces containers. Only use - when configuring a proxy is required. Operator respects OpenShift - cluster wide proxy configuration and no additional configuration - is required, but defining `proxyUrl` in a custom resource leads - to overrides the cluster proxy configuration with fields `proxyUrl`, - `proxyPort`, `proxyUser` and `proxyPassword` from the custom resource. - See the doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. - See also the `proxyPort` and `nonProxyHosts` fields. - type: string - proxyUser: - description: User name of the proxy server. Only use when configuring - a proxy is required. See also the `proxyURL`, `proxyPassword` - and `proxySecret` fields. - type: string - selfSignedCert: - description: Deprecated. The value of this flag is ignored. The - Che Operator will automatically detect whether the router certificate - is self-signed and propagate it to other components, such as the - Che server. - type: boolean - serverCpuLimit: - description: Overrides the CPU limit used in the Che server deployment - In cores. (500m = .5 cores). Default to 1. - type: string - serverCpuRequest: - description: Overrides the CPU request used in the Che server deployment - In cores. (500m = .5 cores). Default to 100m. - type: string - serverExposureStrategy: - description: Deprecated. The value of this flag is ignored. Sets - the server and workspaces exposure type. Possible values are `multi-host`, - `single-host`, `default-host`. Defaults to `multi-host`, which - creates a separate ingress, or OpenShift routes, for every required - endpoint. `single-host` makes Che exposed on a single host name - with workspaces exposed on subpaths. Read the docs to learn about - the limitations of this approach. Also consult the `singleHostExposureType` - property to further configure how the Operator and the Che server - make that happen on Kubernetes. `default-host` exposes the Che - server on the host of the cluster. Read the docs to learn about - the limitations of this approach. - type: string - serverMemoryLimit: - description: Overrides the memory limit used in the Che server deployment. - Defaults to 1Gi. - type: string - serverMemoryRequest: - description: Overrides the memory request used in the Che server - deployment. Defaults to 512Mi. - type: string - serverTrustStoreConfigMapName: - description: Name of the ConfigMap with public certificates to add - to Java trust store of the Che server. This is often required - when adding the OpenShift OAuth provider, which has HTTPS endpoint - signed with self-signed cert. The Che server must be aware of - its CA cert to be able to request it. This is disabled by default. - The Config Map must have `app.kubernetes.io/part-of=che.eclipse.org` - label. - type: string - singleHostGatewayConfigMapLabels: - additionalProperties: - type: string - description: The labels that need to be present in the ConfigMaps - representing the gateway configuration. - type: object - singleHostGatewayConfigSidecarImage: - description: The image used for the gateway sidecar that provides - configuration to the gateway. Omit it or leave it empty to use - the default container image provided by the Operator. - type: string - singleHostGatewayImage: - description: The image used for the gateway in the single host mode. - Omit it or leave it empty to use the default container image provided - by the Operator. - type: string - tlsSupport: - description: Deprecated. Instructs the Operator to deploy Che in - TLS mode. This is enabled by default. Disabling TLS sometimes - cause malfunction of some Che components. - type: boolean - useInternalClusterSVCNames: - description: Deprecated in favor of `disableInternalClusterSVCNames`. - type: boolean - workspaceNamespaceDefault: - description: Defines Kubernetes default namespace in which user's - workspaces are created for a case when a user does not override - it. It's possible to use ``, `` and `` - placeholders, such as che-workspace-. In that case, - a new namespace will be created for each user or workspace. - type: string - workspacePodNodeSelector: - additionalProperties: - type: string - description: The node selector that limits the nodes that can run - the workspace pods. - type: object - workspacePodTolerations: - description: The pod tolerations put on the workspace pods to limit - where the workspace pods can run. - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using the - matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard for value, so that - a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do - not evict). Zero and negative values will be treated as - 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - workspacesDefaultPlugins: - description: Default plug-ins applied to Devworkspaces. - items: - properties: - editor: - description: The editor id to specify default plug-ins for. - type: string - plugins: - description: Default plug-in uris for the specified editor. - items: - type: string - type: array - type: object - type: array - type: object - storage: - description: Configuration settings related to the persistent storage - used by the Che installation. - properties: - postgresPVCStorageClassName: - description: Storage class for the Persistent Volume Claim dedicated - to the PostgreSQL database. When omitted or left blank, a default - storage class is used. - type: string - preCreateSubPaths: - description: Instructs the Che server to start a special Pod to - pre-create a sub-path in the Persistent Volumes. Defaults to `false`, - however it will need to enable it according to the configuration - of your Kubernetes cluster. - type: boolean - pvcClaimSize: - description: Size of the persistent volume claim for workspaces. - Defaults to `10Gi`. - type: string - pvcJobsImage: - description: Overrides the container image used to create sub-paths - in the Persistent Volumes. This includes the image tag. Omit it - or leave it empty to use the default container image provided - by the Operator. See also the `preCreateSubPaths` field. - type: string - pvcStrategy: - description: Persistent volume claim strategy for the Che server. - This Can be:`common` (all workspaces PVCs in one volume), `per-workspace` - (one PVC per workspace for all declared volumes) and `unique` - (one PVC per declared volume). Defaults to `common`. - type: string - workspacePVCStorageClassName: - description: Storage class for the Persistent Volume Claims dedicated - to the Che workspaces. When omitted or left blank, a default storage - class is used. - type: string - type: object - type: object - status: - description: CheClusterStatus defines the observed state of Che installation - properties: - cheClusterRunning: - description: Status of a Che installation. Can be `Available`, `Unavailable`, - or `Available, Rolling Update in Progress`. - type: string - cheURL: - description: Public URL to the Che server. - type: string - cheVersion: - description: Current installed Che version. - type: string - dbProvisioned: - description: Indicates that a PostgreSQL instance has been correctly - provisioned or not. - type: boolean - devfileRegistryURL: - description: Public URL to the devfile registry. - type: string - devworkspaceStatus: - description: The status of the Devworkspace subsystem - properties: - gatewayHost: - description: GatewayHost is the resolved host of the ingress/route. - This is equal to the Host in the spec on Kubernetes but contains - the actual host name of the route if Host is unspecified on OpenShift. - type: string - gatewayPhase: - description: GatewayPhase specifies the phase in which the gateway - deployment currently is. If the gateway is disabled, the phase - is "Inactive". - type: string - message: - description: Message contains further human-readable info for why - the Che cluster is in the phase it currently is. - type: string - phase: - description: Phase is the phase in which the Che cluster as a whole - finds itself in. - type: string - reason: - description: A brief CamelCase message indicating details about - why the Che cluster is in this state. - type: string - workspaceBaseDomain: - description: The resolved workspace base domain. This is either - the copy of the explicitly defined property of the same name in - the spec or, if it is undefined in the spec and we're running - on OpenShift, the automatically resolved basedomain for routes. - type: string - type: object - gitHubOAuthProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been configured to integrate with the GitHub OAuth. - type: boolean - helpLink: - description: A URL that points to some URL where to find help related - to the current Operator status. - type: string - keycloakProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been provisioned with realm, client and user. - type: boolean - keycloakURL: - description: Public URL to the Identity Provider server, Keycloak or - RH-SSO,. - type: string - message: - description: A human readable message indicating details about why the - Pod is in this condition. - type: string - openShiftOAuthUserCredentialsSecret: - description: OpenShift OAuth secret in `openshift-config` namespace - that contains user credentials for HTPasswd identity provider. - type: string - openShiftoAuthProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been configured to integrate with the OpenShift OAuth. - type: boolean - pluginRegistryURL: - description: Public URL to the plugin registry. - type: string - reason: - description: A brief CamelCase message indicating details about why - the Pod is in this state. - type: string - type: object - version: v1 - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: []