Skip to content

Commit

Permalink
Che operator should be able to install DevWorkspace operator (#689)
Browse files Browse the repository at this point in the history 
* Che operator should be able to install DevWorkspace operator

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fix typo

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Add missing roles

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update cluster roles

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update nightly bundle

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fixes

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Add missing files

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fixes

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fix tests

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Add tests

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update nightly bundle

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Improvements

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Add logs

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fix test

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Fix tests

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update nightly bundle

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update clusterroles

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update test

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update test

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

* Update nightly bundle

Signed-off-by: Anatolii Bazko <abazko@redhat.com>
  • Loading branch information
@tolusha
tolusha committed Mar 11, 2021
1 parent da1d77c commit 2b0b3da
Show file tree
Hide file tree
Showing 62 changed files with 16,447 additions and 403 deletions.
8 changes: 8 additions & 0 deletions .ci/oci-nightly-olm.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,14 @@ runTests() {
provisionOAuth
startNewWorkspace
waitWorkspaceStart

# Dev Workspace controller tests
deployDevWorkspaceController
waitDevWorkspaceControllerStarted

sleep 10s
createWorksaceDevWorkspaceController
waitWorkspaceStartedDevWorkspaceController
}

initDefaults
Expand Down
49 changes: 49 additions & 0 deletions .github/bin/common.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ catchFinish() {
initDefaults() {
export RAM_MEMORY=8192
export NAMESPACE="eclipse-che"
export USER_NAMEPSACE="che-che"
export ARTIFACTS_DIR="/tmp/artifacts-che"
export TEMPLATES=${OPERATOR_REPO}/tmp
export OPERATOR_IMAGE="test/che-operator:test"
Expand Down Expand Up @@ -338,3 +339,51 @@ login() {
chectl auth:login --chenamespace=${NAMESPACE}
fi
}

deployDevWorkspaceController() {
oc patch checluster eclipse-che -n ${NAMESPACE} --type=merge -p '{"spec":{"devWorkspace": {"enable": true}}}'
}

waitDevWorkspaceControllerStarted() {
n=0
while [ $n -le 24 ]
do
webhooks=$(oc get mutatingWebhookConfiguration --all-namespaces)
if [[ $webhooks =~ .*controller.devfile.io.* ]]; then
echo "[INFO] Dev Workspace controller has been deployed"
return
fi

sleep 5
n=$(( n+1 ))
done

echo "[ERROR] Failed to deploy Dev Workspace controller"
OPERATOR_POD=$(oc get pods -o json -n ${NAMESPACE} | jq -r '.items[] | select(.metadata.name | test("che-operator-")).metadata.name')
oc logs ${OPERATOR_POD} -n ${NAMESPACE}

exit 1
}

createWorksaceDevWorkspaceController () {
oc apply -f https://raw.githubusercontent.com/devfile/devworkspace-operator/main/samples/flattened_theia-next.yaml -n ${NAMESPACE}
}

waitWorkspaceStartedDevWorkspaceController() {
n=0
while [ $n -le 24 ]
do
pods=$(oc get pods -n ${NAMESPACE})
if [[ $pods =~ .*Running.* ]]; then
echo "[INFO] Wokrspace started succesfully"
return
fi

sleep 5
n=$(( n+1 ))
done

echo "Failed to start a workspace"
exit 1
}

10 changes: 10 additions & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@
# NOTE: using registry.redhat.io/rhel8/go-toolset requires login, which complicates automation
# NOTE: since updateBaseImages.sh does not support other registries than RHCC, update to RHEL8
# https://access.redhat.com/containers/?tab=tags#/registry.access.redhat.com/devtools/go-toolset-rhel7
ARG DEV_WORKSPACE_CONTROLLER_VERSION="master"

FROM registry.access.redhat.com/devtools/go-toolset-rhel7:1.13.15-4 as builder
ENV PATH=/opt/rh/go-toolset-1.13/root/usr/bin:${PATH} \
GOPATH=/go/
Expand All @@ -21,11 +23,17 @@ USER root
ADD . /che-operator
WORKDIR /che-operator

# build operator
RUN export ARCH="$(uname -m)" && if [[ ${ARCH} == "x86_64" ]]; then export ARCH="amd64"; elif [[ ${ARCH} == "aarch64" ]]; then export ARCH="arm64"; fi && \
export MOCK_API=true && \
go test -mod=vendor -v ./... && \
GOOS=linux GOARCH=${ARCH} CGO_ENABLED=0 go build -mod=vendor -o /tmp/che-operator/che-operator cmd/manager/main.go

# download devworkspace-operator templates
RUN curl -L https://api.github.com/repos/devfile/devworkspace-operator/zipball/${DEV_WORKSPACE_CONTROLLER_VERSION} > /tmp/devworkspace-operator.zip && \
unzip /tmp/devworkspace-operator.zip */deploy/deployment/* -d /tmp


# https://access.redhat.com/containers/?tab=tags#/registry.access.redhat.com/ubi8-minimal
FROM registry.access.redhat.com/ubi8-minimal:8.3-291

Expand All @@ -34,6 +42,8 @@ COPY --from=builder /che-operator/templates/keycloak-provision.sh /tmp/keycloak-
COPY --from=builder /che-operator/templates/oauth-provision.sh /tmp/oauth-provision.sh
COPY --from=builder /che-operator/templates/delete-identity-provider.sh /tmp/delete-identity-provider.sh
COPY --from=builder /che-operator/templates/create-github-identity-provider.sh /tmp/create-github-identity-provider.sh
COPY --from=builder /tmp/devfile-devworkspace-operator-*/deploy /tmp/devworkspace-operator/templates

# apply CVE fixes, if required
RUN microdnf update -y librepo libnghttp2 && microdnf install httpd-tools && microdnf clean all && rm -rf /var/cache/yum && echo "Installed Packages" && rpm -qa | sort -V && echo "End Of Installed Packages"
CMD ["che-operator"]
Expand Down
140 changes: 93 additions & 47 deletions deploy/cluster_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ rules:
- create
- get
- delete
- deletecollection
- list
- patch
- update
Expand Down Expand Up @@ -118,6 +119,9 @@ rules:
- get
- create
- delete
- list
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
Expand All @@ -127,6 +131,8 @@ rules:
- create
- update
- delete
- list
- watch
- apiGroups:
- org.eclipse.che
resources:
Expand Down Expand Up @@ -156,13 +162,24 @@ rules:
verbs:
- get
- apiGroups:
- ''
- ""
resources:
- configmaps
- persistentvolumeclaims
- pods
- secrets
- serviceaccounts
- services
verbs:
- '*'
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- create
- watch
- update
- patch
- apiGroups:
- ''
resources:
Expand All @@ -176,91 +193,120 @@ rules:
verbs:
- list
- apiGroups:
- ''
- apps
- extensions
resources:
- secrets
- deployments
- replicasets
verbs:
- '*'
- apiGroups:
- route.openshift.io
resources:
- routes
verbs:
- '*'
- apiGroups:
- route.openshift.io
resources:
- routes/custom-host
verbs:
- list
- get
- create
- delete
- apiGroups:
- ''
resources:
- persistentvolumeclaims
- events
verbs:
- create
- get
- list
- watch
- create
- patch
- apiGroups:
- ''
- monitoring.coreos.com
resources:
- pods
- servicemonitors
verbs:
- get
- list
- create
- watch
- delete
- get
- apiGroups:
- apps
- batch
resources:
- deployments
- jobs
verbs:
- create
- delete
- get
- list
- create
- patch
- update
- watch
- delete
- apiGroups:
- ''
- apps
resourceNames:
- devworkspace-controller
resources:
- services
- deployments/finalizers
verbs:
- list
- create
- delete
- update
- apiGroups:
- ''
- extensions
resources:
- configmaps
- ingresses
verbs:
- '*'
- apiGroups:
- workspace.devfile.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- controller.devfile.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- route.openshift.io
- operators.coreos.com
resources:
- routes
- subscriptions
verbs:
- get
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- list
- create
- delete
- apiGroups:
- ''
- authorization.k8s.io
resources:
- events
- subjectaccessreviews
verbs:
- watch
- create
- apiGroups:
- apps
- apiextensions.k8s.io
resources:
- replicasets
- customresourcedefinitions
verbs:
- list
- get
- patch
- delete
- create
- apiGroups:
- extensions
- ""
resources:
- ingresses
- namespaces
verbs:
- list
- create
- watch
- get
- delete
5 changes: 5 additions & 0 deletions deploy/crds/org_v1_che_cr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,3 +157,8 @@ spec:
metrics:
# Enables '/metrics' endpoint of Che server.
enable: true
devWorkspace:
# Deploys the DevWorkspace Operator in the cluster.
# Does nothing when a matching version of the Operator is already installed.
# Fails when a non-matching version of the Operator is already installed.
enable: false
9 changes: 9 additions & 0 deletions deploy/crds/org_v1_che_crd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -305,6 +305,15 @@ spec:
`latest` images, and `IfNotPresent` in other cases.
type: string
type: object
devWorkspace:
description: Dev Workspace operator configuration
properties:
enable:
description: Deploys the DevWorkspace Operator in the cluster. Does
nothing when a matching version of the Operator is already installed.
Fails when a non-matching version of the Operator is already installed.
type: boolean
type: object
imagePuller:
description: Kubernetes Image Puller configuration
properties:
Expand Down
Loading

0 comments on commit 2b0b3da

Please sign in to comment.