feat: helmcharts to deploy Eclipse Che (#1184)

* feat: helmcharts to deploy Eclipse Che

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

.github/bin/check-resources.sh

@@ -16,6 +16,7 @@
 # - next olm bundle
 # - Dockerfile & operator.yaml
 # - DW resources
+# - Helm charts
 
 set -e
 
@@ -136,6 +137,19 @@ checkRoles() {
   fi
 }
 
+checkHelmCharts() {
+  changedFiles=(
+    $(git diff --name-only)
+  )
+  if [[ " ${changedFiles[*]} " =~ helmcharts ]]; then
+    echo "[ERROR] Helm Charts are not up to date"
+    echo "[ERROR] Run 'make update-resources -s' to update them."
+    exit 1
+  else
+    echo "[INFO] Helm Charts are up to date."
+  fi
+}
+
 installOperatorSDK
 
 pushd "${ROOT_PROJECT_DIR}" || true
@@ -146,6 +160,7 @@ checkRoles
 checkNextOlmBundle
 checkDockerfile
 checkOperatorYaml
+checkHelmCharts
 
 popd || true
 

Makefile

@@ -779,7 +779,7 @@ get-next-version-increment:
 	echo "$${incrementPart}"
 
 update-resources: SHELL := /bin/bash
-update-resources: check-requirements update-resource-images update-roles
+update-resources: check-requirements update-resource-images update-roles update-helmcharts
 	for platform in 'openshift' 'kubernetes'
 	do
 		for channel in 'next-all-namespaces' 'next'
@@ -792,6 +792,34 @@ update-resources: check-requirements update-resource-images update-roles
 		done
 	done
 
+update-helmcharts: add-license-download check-requirements update-resource-images update-roles
+	HELMCHARTS_TEMPLATES="helmcharts/templates"
+	HELMCHARTS_CRDS="helmcharts/crds"
+
+	cp config/manager/manager.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/rbac/cluster_role.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/rbac/cluster_rolebinding.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/rbac/service_account.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/rbac/role.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/rbac/role_binding.yaml $${HELMCHARTS_TEMPLATES}
+	cp config/samples/org.eclipse.che_v1_checluster.yaml $${HELMCHARTS_TEMPLATES}
+
+	cp config/crd/bases/org_v1_che_crd.yaml $${HELMCHARTS_CRDS}
+	cp config/crd/bases/org.eclipse.che_chebackupserverconfigurations_crd.yaml $${HELMCHARTS_CRDS}
+	cp config/crd/bases/org.eclipse.che_checlusterbackups_crd.yaml $${HELMCHARTS_CRDS}
+	cp config/crd/bases/org.eclipse.che_checlusterrestores_crd.yaml $${HELMCHARTS_CRDS}
+
+	## Set references to values
+	yq -riY ".spec.k8s.ingressDomain  |= \"{{ .Values.k8s.ingressDomain }}\"" $${HELMCHARTS_TEMPLATES}/org.eclipse.che_v1_checluster.yaml
+
+	yq -riY '.metadata.namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/manager.yaml
+	yq -riY '.metadata.namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/service_account.yaml
+	yq -riY '.metadata.namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/role.yaml
+	yq -riY '.metadata.namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/role_binding.yaml
+	yq -riY '.metadata.namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/org.eclipse.che_v1_checluster.yaml
+	yq -riY '.subjects[0].namespace = "{{ .Release.Namespace }}"' $${HELMCHARTS_TEMPLATES}/cluster_rolebinding.yaml
+
+	$(MAKE) add-license $$(find ./helmcharts -name "*.yaml")
 check-requirements:
 	. olm/check-yq.sh
 

bundle/next-all-namespaces/eclipse-che-preview-openshift/manifests/che-operator.clusterserviceversion.yaml

@@ -126,7 +126,7 @@ metadata:
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/eclipse-che/che-operator
     support: Eclipse Foundation
-  name: eclipse-che-preview-openshift.v7.40.0-377.next-all-namespaces
+  name: eclipse-che-preview-openshift.v7.40.0-378.next-all-namespaces
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1439,4 +1439,4 @@ spec:
   maturity: stable
   provider:
     name: Eclipse Foundation
-  version: 7.40.0-377.next-all-namespaces
+  version: 7.40.0-378.next-all-namespaces

bundle/next/eclipse-che-preview-kubernetes/manifests/che-operator.clusterserviceversion.yaml

@@ -133,7 +133,7 @@ metadata:
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/eclipse-che/che-operator
     support: Eclipse Foundation
-  name: eclipse-che-preview-kubernetes.v7.40.0-377.next
+  name: eclipse-che-preview-kubernetes.v7.40.0-378.next
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1406,4 +1406,4 @@ spec:
   maturity: stable
   provider:
     name: Eclipse Foundation
-  version: 7.40.0-377.next
+  version: 7.40.0-378.next

bundle/next/eclipse-che-preview-openshift/manifests/che-operator.clusterserviceversion.yaml

@@ -126,7 +126,7 @@ metadata:
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/eclipse-che/che-operator
     support: Eclipse Foundation
-  name: eclipse-che-preview-openshift.v7.40.0-377.next
+  name: eclipse-che-preview-openshift.v7.40.0-378.next
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1439,4 +1439,4 @@ spec:
   maturity: stable
   provider:
     name: Eclipse Foundation
-  version: 7.40.0-377.next
+  version: 7.40.0-378.next

bundle/tech-preview-stable-all-namespaces/eclipse-che-preview-openshift/manifests/org.eclipse.che_checlusterrestores_crd.yaml

@@ -3,7 +3,6 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.4.1
-  creationTimestamp: null
   name: checlusterrestores.org.eclipse.che
 spec:
   group: org.eclipse.che

config/manager/manager.yaml

@@ -14,7 +14,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: che-operator
-  namespace: system
+  namespace: eclipse-che
   labels:
     app: che-operator
     app.kubernetes.io/name: che

config/rbac/cluster_rolebinding.yaml

@@ -22,7 +22,7 @@ metadata:
 subjects:
   - kind: ServiceAccount
     name: che-operator
-    # namespace: eclipse-che
+    namespace: eclipse-che
 roleRef:
   kind: ClusterRole
   name: che-operator

config/rbac/role.yaml

@@ -13,7 +13,6 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  creationTimestamp: null
   labels:
     app.kubernetes.io/component: che-operator
     app.kubernetes.io/instance: che

helmcharts/Chart.yaml

@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2019-2021 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+apiVersion: v1
+description: A Helm chart for deploying Eclipse Che on a Kubernetes
+name: che
+version: 1.0.0

helmcharts/README.md

@@ -0,0 +1,29 @@
+# Eclipse Che Helm Charts
+
+- [Charts](#charts)
+  - [Prerequisites](#prerequisites)
+  - [Installation](#installation)
+
+
+## Charts
+
+Helm charts to deploy [Eclipse Che](https://www.eclipse.org/che/)
+
+### Prerequisites
+
+* Minimal Kubernetes version is 1.19
+* Minimal Helm version is 3.2.2
+
+### Installation
+
+Create a Namespace and install the Helm Charts for Eclipse Che Operator.
+
+```
+NAMESPACE=eclipse-che
+DOMAIN=<KUBERNETES_CLUSTER_DOMAIN>
+
+kubectl create namespace $NAMESPACE
+
+# Install charts
+helm install che --set k8s.ingressDomain=$DOMAIN --namespace $NAMESPACE .
+```

helmcharts/crds/org.eclipse.che_chebackupserverconfigurations_crd.yaml

@@ -0,0 +1,162 @@
+#
+# Copyright (c) 2019-2021 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: chebackupserverconfigurations.org.eclipse.che
+spec:
+  group: org.eclipse.che
+  names:
+    kind: CheBackupServerConfiguration
+    listKind: CheBackupServerConfigurationList
+    plural: chebackupserverconfigurations
+    singular: chebackupserverconfiguration
+  scope: Namespaced
+  versions:
+    - name: v1
+      schema:
+        openAPIV3Schema:
+          description: The `CheBackupServerConfiguration` custom resource allows defining
+            and managing Eclipse Che Backup Server Configurations
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: CheBackupServerConfigurationSpec defines the desired state
+                of CheBackupServerConfiguration Only one type of backup server is
+                allowed to be configured per CR.
+              properties:
+                awss3:
+                  description: Amazon S3 or compatible alternatives.
+                  properties:
+                    awsAccessKeySecretRef:
+                      description: Reference to secret that contains awsAccessKeyId
+                        and awsSecretAccessKey keys.
+                      type: string
+                    hostname:
+                      description: Server hostname, defaults to 's3.amazonaws.com'.
+                        Might be customized in case of alternative server.
+                      type: string
+                    port:
+                      description: Backup server port. Usually default value is used.
+                        Might be customized in case of alternative server.
+                      type: integer
+                    protocol:
+                      description: Protocol to use when connection to the server.
+                        Might be customized in case of alternative server.
+                      type: string
+                    repositoryPasswordSecretRef:
+                      description: Holds reference to a secret with restic repository
+                        password under 'repo-password' field to encrypt / decrypt
+                        its content.
+                      type: string
+                    repositoryPath:
+                      description: Bucket name and repository, e.g. bucket/repo
+                      type: string
+                  required:
+                    - awsAccessKeySecretRef
+                    - repositoryPasswordSecretRef
+                    - repositoryPath
+                  type: object
+                rest:
+                  description: Rest backup server configuration.
+                  properties:
+                    credentialsSecretRef:
+                      description: Secret that contains username and password fields
+                        to login into restic server. Note, each repository is encrypted
+                        with own password. See ResticRepoPasswordSecretRef field.
+                      type: string
+                    hostname:
+                      description: Backup server host
+                      type: string
+                    port:
+                      description: Backup server port
+                      type: integer
+                    protocol:
+                      description: Protocol to use when connection to the server Defaults
+                        to https.
+                      type: string
+                    repositoryPasswordSecretRef:
+                      description: Holds reference to a secret with restic repository
+                        password under 'repo-password' field to encrypt / decrypt
+                        its content.
+                      type: string
+                    repositoryPath:
+                      description: Restic repository path
+                      type: string
+                  required:
+                    - hostname
+                    - repositoryPasswordSecretRef
+                  type: object
+                sftp:
+                  description: Sftp backup server configuration.
+                  properties:
+                    hostname:
+                      description: Backup server host
+                      type: string
+                    port:
+                      description: Backup server port
+                      type: integer
+                    repositoryPasswordSecretRef:
+                      description: Holds reference to a secret with restic repository
+                        password under 'repo-password' field to encrypt / decrypt
+                        its content.
+                      type: string
+                    repositoryPath:
+                      description: Restic repository path, relative or absolute, e.g.
+                        /srv/repo
+                      type: string
+                    sshKeySecretRef:
+                      description: Private ssh key under 'ssh-privatekey' field for
+                        passwordless login
+                      type: string
+                    username:
+                      description: User login on the remote server
+                      type: string
+                  required:
+                    - hostname
+                    - repositoryPasswordSecretRef
+                    - repositoryPath
+                    - sshKeySecretRef
+                    - username
+                  type: object
+              type: object
+            status:
+              description: CheBackupServerConfigurationStatus defines the observed
+                state of CheBackupServerConfiguration
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []