diff --git a/pkg/controller/che/che_controller.go b/pkg/controller/che/che_controller.go index 4ade34db67..81cbc9c5c0 100644 --- a/pkg/controller/che/che_controller.go +++ b/pkg/controller/che/che_controller.go @@ -236,7 +236,6 @@ const ( // and what is in the CheCluster.Spec. The Controller will requeue the Request to be processed again if the returned error is non-nil or // Result.Requeue is true, otherwise upon completion it will remove the work from the queue. func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, error) { - deployContext := deploy.Context{} clusterAPI := deploy.ClusterAPI{ Client: r.client, Scheme: r.scheme, @@ -255,6 +254,11 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e return reconcile.Result{}, err } + deployContext := &deploy.DeployContext{ + ClusterAPI: clusterAPI, + CheCluster: instance, + } + isOpenShift, isOpenShift4, err := util.DetectOpenShift() if err != nil { logrus.Errorf("An error occurred when detecting current infra: %s", err) @@ -270,7 +274,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e if !util.IsTestMode() { if isOpenShift && deployContext.DefaultCheHost == "" { - host, err := getDefaultCheHost(instance, clusterAPI) + host, err := getDefaultCheHost(deployContext) if host == "" { return reconcile.Result{RequeueAfter: 1 * time.Second}, err } else { @@ -331,9 +335,11 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e logrus.Errorf("Error on reading proxy configuration: %v", err) return reconcile.Result{}, err } + // Assign Proxy to the deploy context + deployContext.Proxy = proxy if proxy.TrustedCAMapName != "" { - provisioned, err := r.putOpenShiftCertsIntoConfigMap(instance, proxy, clusterAPI) + provisioned, err := r.putOpenShiftCertsIntoConfigMap(deployContext) if !provisioned { configMapName := instance.Spec.Server.ServerTrustStoreConfigMapName if err != nil { @@ -350,14 +356,14 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e if !isOpenShift && instance.Spec.Server.TlsSupport { // Ensure TLS configuration is correct - if err := deploy.CheckAndUpdateK8sTLSConfiguration(instance, clusterAPI); err != nil { + if err := deploy.CheckAndUpdateK8sTLSConfiguration(deployContext); err != nil { instance, _ = r.GetCR(request) return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err } } // Detect whether self-signed certificate is used - selfSignedCertUsed, err := deploy.IsSelfSignedCertificateUsed(instance, proxy, clusterAPI) + selfSignedCertUsed, err := deploy.IsSelfSignedCertificateUsed(deployContext) if err != nil { logrus.Errorf("Failed to detect if self-signed certificate used. Cause: %v", err) return reconcile.Result{}, err @@ -370,7 +376,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // and NOT from the Openshift API Master URL (as in v3) // So we also need the self-signed certificate to access them (same as the Che server) (isOpenShift4 && instance.Spec.Auth.OpenShiftoAuth && !instance.Spec.Server.TlsSupport) { - if err := deploy.CreateTLSSecretFromRoute(instance, "", deploy.CheTLSSelfSignedCertificateSecretName, proxy, clusterAPI); err != nil { + if err := deploy.CreateTLSSecretFromRoute(deployContext, "", deploy.CheTLSSelfSignedCertificateSecretName); err != nil { return reconcile.Result{}, err } } @@ -391,7 +397,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e if err != nil { logrus.Errorf("Failed to get OpenShift cluster public hostname. A secret with API crt will not be created and consumed by RH-SSO/Keycloak") } else { - if err := deploy.CreateTLSSecretFromRoute(instance, baseURL, "openshift-api-crt", proxy, clusterAPI); err != nil { + if err := deploy.CreateTLSSecretFromRoute(deployContext, baseURL, "openshift-api-crt"); err != nil { return reconcile.Result{}, err } } @@ -399,7 +405,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } else { // Handle Che TLS certificates on Kubernetes infrastructure if instance.Spec.Server.TlsSupport { - result, err := deploy.K8sHandleCheTLSSecrets(instance, clusterAPI) + result, err := deploy.K8sHandleCheTLSSecrets(deployContext) if result.Requeue || result.RequeueAfter > 0 { if err != nil { logrus.Error(err) @@ -477,7 +483,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // create service accounts: // che is the one which token is used to create workspace objects // che-workspace is SA used by plugins like exec and terminal with limited privileges - cheSA, err := deploy.SyncServiceAccountToCluster(instance, "che", clusterAPI) + cheSA, err := deploy.SyncServiceAccountToCluster(deployContext, "che") if cheSA == nil { logrus.Info("Waiting on service account 'che' to be created") if err != nil { @@ -488,7 +494,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - cheWorkspaceSA, err := deploy.SyncServiceAccountToCluster(instance, "che-workspace", clusterAPI) + cheWorkspaceSA, err := deploy.SyncServiceAccountToCluster(deployContext, "che-workspace") if cheWorkspaceSA == nil { logrus.Info("Waiting on service account 'che-workspace' to be created") if err != nil { @@ -500,7 +506,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } // create exec and view roles for CheCluster server and workspaces - role, err := deploy.SyncRoleToCluster(instance, "exec", []string{"pods/exec"}, []string{"*"}, clusterAPI) + role, err := deploy.SyncRoleToCluster(deployContext, "exec", []string{"pods/exec"}, []string{"*"}) if role == nil { logrus.Info("Waiting on role 'exec' to be created") if err != nil { @@ -511,7 +517,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - viewRole, err := deploy.SyncRoleToCluster(instance, "view", []string{"pods"}, []string{"list"}, clusterAPI) + viewRole, err := deploy.SyncRoleToCluster(deployContext, "view", []string{"pods"}, []string{"list"}) if viewRole == nil { logrus.Info("Waiting on role 'view' to be created") if err != nil { @@ -522,7 +528,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - cheRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che", "che", "edit", "ClusterRole", clusterAPI) + cheRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che", "che", "edit", "ClusterRole") if cheRoleBinding == nil { logrus.Info("Waiting on role binding 'che' to be created") if err != nil { @@ -533,7 +539,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - cheWSExecRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-exec", "che-workspace", "exec", "Role", clusterAPI) + cheWSExecRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-exec", "che-workspace", "exec", "Role") if cheWSExecRoleBinding == nil { logrus.Info("Waiting on role binding 'che-workspace-exec' to be created") if err != nil { @@ -544,7 +550,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - cheWSViewRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-view", "che-workspace", "view", "Role", clusterAPI) + cheWSViewRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-view", "che-workspace", "view", "Role") if cheWSViewRoleBinding == nil { logrus.Info("Waiting on role binding 'che-workspace-view' to be created") if err != nil { @@ -559,7 +565,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // Use a role binding instead of a cluster role binding to keep the additional access scoped to the workspace's namespace workspaceClusterRole := instance.Spec.Server.CheWorkspaceClusterRole if workspaceClusterRole != "" { - cheWSCustomRoleBinding, err := deploy.SyncRoleBindingToCluster(instance, "che-workspace-custom", "view", workspaceClusterRole, "ClusterRole", clusterAPI) + cheWSCustomRoleBinding, err := deploy.SyncRoleBindingToCluster(deployContext, "che-workspace-custom", "view", workspaceClusterRole, "ClusterRole") if cheWSCustomRoleBinding == nil { logrus.Info("Waiting on role binding 'che-workspace-custom' to be created") if err != nil { @@ -571,7 +577,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - if err := r.GenerateAndSaveFields(instance, request, clusterAPI); err != nil { + if err := r.GenerateAndSaveFields(deployContext, request); err != nil { instance, _ = r.GetCR(request) return reconcile.Result{Requeue: true, RequeueAfter: time.Second * 1}, err } @@ -579,7 +585,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e if cheMultiUser == "false" { labels := deploy.GetLabels(instance, cheFlavor) - pvcStatus := deploy.SyncPVCToCluster(instance, deploy.DefaultCheVolumeClaimName, "1Gi", labels, clusterAPI) + pvcStatus := deploy.SyncPVCToCluster(deployContext, deploy.DefaultCheVolumeClaimName, "1Gi", labels) if !tests { if !pvcStatus.Continue { logrus.Infof("Waiting on pvc '%s' to be bound. Sometimes PVC can be bound only when the first consumer is created.", deploy.DefaultCheVolumeClaimName) @@ -612,7 +618,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e postgresLabels := deploy.GetLabels(instance, deploy.PostgresDeploymentName) // Create a new postgres service - serviceStatus := deploy.SyncServiceToCluster(instance, "postgres", []string{"postgres"}, []int32{5432}, postgresLabels, clusterAPI) + serviceStatus := deploy.SyncServiceToCluster(deployContext, "postgres", []string{"postgres"}, []int32{5432}, postgresLabels) if !tests { if !serviceStatus.Continue { logrus.Info("Waiting on service 'postgres' to be ready") @@ -625,7 +631,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } // Create a new Postgres PVC object - pvcStatus := deploy.SyncPVCToCluster(instance, deploy.DefaultPostgresVolumeClaimName, "1Gi", postgresLabels, clusterAPI) + pvcStatus := deploy.SyncPVCToCluster(deployContext, deploy.DefaultPostgresVolumeClaimName, "1Gi", postgresLabels) if !tests { if !pvcStatus.Continue { logrus.Infof("Waiting on pvc '%s' to be bound. Sometimes PVC can be bound only when the first consumer is created.", deploy.DefaultPostgresVolumeClaimName) @@ -638,7 +644,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } // Create a new Postgres deployment - deploymentStatus := deploy.SyncPostgresDeploymentToCluster(instance, clusterAPI) + deploymentStatus := deploy.SyncPostgresDeploymentToCluster(deployContext) if !tests { if !deploymentStatus.Continue { logrus.Infof("Waiting on deployment '%s' to be ready", deploy.PostgresDeploymentName) @@ -697,7 +703,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } // create Che service and route - serviceStatus := deploy.SyncCheServiceToCluster(instance, clusterAPI) + serviceStatus := deploy.SyncCheServiceToCluster(deployContext) if !tests { if !serviceStatus.Continue { logrus.Infof("Waiting on service '%s' to be ready", deploy.CheServiceHame) @@ -711,7 +717,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e cheHost := "" if !isOpenShift { - ingress, err := deploy.SyncIngressToCluster(instance, cheFlavor, instance.Spec.Server.CheHost, deploy.CheServiceHame, 8080, clusterAPI) + ingress, err := deploy.SyncIngressToCluster(deployContext, cheFlavor, instance.Spec.Server.CheHost, deploy.CheServiceHame, 8080) if !tests { if ingress == nil { logrus.Infof("Waiting on ingress '%s' to be ready", cheFlavor) @@ -730,7 +736,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e customHost = "" } - route, err := deploy.SyncRouteToCluster(instance, cheFlavor, customHost, deploy.CheServiceHame, 8080, clusterAPI) + route, err := deploy.SyncRouteToCluster(deployContext, cheFlavor, customHost, deploy.CheServiceHame, 8080) if !tests { if route == nil { logrus.Infof("Waiting on route '%s' to be ready", cheFlavor) @@ -765,7 +771,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } else { keycloakLabels := deploy.GetLabels(instance, "keycloak") - serviceStatus := deploy.SyncServiceToCluster(instance, "keycloak", []string{"http"}, []int32{8080}, keycloakLabels, clusterAPI) + serviceStatus := deploy.SyncServiceToCluster(deployContext, "keycloak", []string{"http"}, []int32{8080}, keycloakLabels) if !tests { if !serviceStatus.Continue { logrus.Info("Waiting on service 'keycloak' to be ready") @@ -779,7 +785,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // create Keycloak ingresses when on k8s if !isOpenShift { - ingress, err := deploy.SyncIngressToCluster(instance, "keycloak", "", "keycloak", 8080, clusterAPI) + ingress, err := deploy.SyncIngressToCluster(deployContext, "keycloak", "", "keycloak", 8080) if !tests { if ingress == nil { logrus.Info("Waiting on ingress 'keycloak' to be ready") @@ -804,7 +810,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } else { // create Keycloak route - route, err := deploy.SyncRouteToCluster(instance, "keycloak", "", "keycloak", 8080, clusterAPI) + route, err := deploy.SyncRouteToCluster(deployContext, "keycloak", "", "keycloak", 8080) if !tests { if route == nil { logrus.Info("Waiting on route 'keycloak' to be ready") @@ -831,7 +837,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - deploymentStatus := deploy.SyncKeycloakDeploymentToCluster(instance, proxy, clusterAPI) + deploymentStatus := deploy.SyncKeycloakDeploymentToCluster(deployContext) if !tests { if !deploymentStatus.Continue { logrus.Info("Waiting on deployment 'keycloak' to be ready") @@ -845,7 +851,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e if !tests { if !instance.Status.KeycloakProvisoned { - if err := deploy.ProvisionKeycloakResources(instance, clusterAPI); err != nil { + if err := deploy.ProvisionKeycloakResources(deployContext); err != nil { logrus.Error(err) return reconcile.Result{RequeueAfter: time.Second}, err } @@ -876,7 +882,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - provisioned, err := deploy.SyncDevfileRegistryToCluster(instance, clusterAPI) + provisioned, err := deploy.SyncDevfileRegistryToCluster(deployContext) if !tests { if !provisioned { if err != nil { @@ -886,7 +892,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } } - provisioned, err = deploy.SyncPluginRegistryToCluster(instance, clusterAPI) + provisioned, err = deploy.SyncPluginRegistryToCluster(deployContext) if !tests { if !provisioned { if err != nil { @@ -905,7 +911,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e // create Che ConfigMap which is synced with CR and is not supposed to be manually edited // controller will reconcile this CM with CR spec - cheConfigMap, err := deploy.SyncCheConfigMapToCluster(instance, proxy, clusterAPI) + cheConfigMap, err := deploy.SyncCheConfigMapToCluster(deployContext) if !tests { if cheConfigMap == nil { logrus.Infof("Waiting on config map '%s' to be created", deploy.CheConfigMapName) @@ -926,7 +932,7 @@ func (r *ReconcileChe) Reconcile(request reconcile.Request) (reconcile.Result, e } // Create a new che deployment - deploymentStatus := deploy.SyncCheDeploymentToCluster(instance, cmResourceVersion, proxy, clusterAPI) + deploymentStatus := deploy.SyncCheDeploymentToCluster(deployContext, cmResourceVersion) if !tests { if !deploymentStatus.Continue { logrus.Infof("Waiting on deployment '%s' to be ready", cheFlavor) @@ -1085,9 +1091,9 @@ func EvaluateCheServerVersion(cr *orgv1.CheCluster) string { return util.GetValue(cr.Spec.Server.CheImageTag, deploy.DefaultCheVersion()) } -func getDefaultCheHost(checluster *orgv1.CheCluster, clusterAPI deploy.ClusterAPI) (string, error) { - routeName := deploy.DefaultCheFlavor(checluster) - route, err := deploy.SyncRouteToCluster(checluster, routeName, "", deploy.CheServiceHame, 8080, clusterAPI) +func getDefaultCheHost(deployContext *deploy.DeployContext) (string, error) { + routeName := deploy.DefaultCheFlavor(deployContext.CheCluster) + route, err := deploy.SyncRouteToCluster(deployContext, routeName, "", deploy.CheServiceHame, 8080) if route == nil { logrus.Infof("Waiting on route '%s' to be ready", routeName) if err != nil { diff --git a/pkg/controller/che/create.go b/pkg/controller/che/create.go index b8b487faf4..efc1ce0fa9 100644 --- a/pkg/controller/che/create.go +++ b/pkg/controller/che/create.go @@ -98,153 +98,153 @@ func (r *ReconcileChe) CreateIdentityProviderItems(instance *orgv1.CheCluster, r return nil } -func (r *ReconcileChe) GenerateAndSaveFields(instance *orgv1.CheCluster, request reconcile.Request, clusterAPI deploy.ClusterAPI) (err error) { - cheFlavor := deploy.DefaultCheFlavor(instance) - if len(instance.Spec.Server.CheFlavor) < 1 { - instance.Spec.Server.CheFlavor = cheFlavor - if err := r.UpdateCheCRSpec(instance, "installation flavor", cheFlavor); err != nil { +func (r *ReconcileChe) GenerateAndSaveFields(deployContext *deploy.DeployContext, request reconcile.Request) (err error) { + cheFlavor := deploy.DefaultCheFlavor(deployContext.CheCluster) + if len(deployContext.CheCluster.Spec.Server.CheFlavor) < 1 { + deployContext.CheCluster.Spec.Server.CheFlavor = cheFlavor + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "installation flavor", cheFlavor); err != nil { return err } } - cheMultiUser := deploy.GetCheMultiUser(instance) + cheMultiUser := deploy.GetCheMultiUser(deployContext.CheCluster) if cheMultiUser == "true" { - if len(instance.Spec.Database.ChePostgresSecret) < 1 { - if len(instance.Spec.Database.ChePostgresUser) < 1 || len(instance.Spec.Database.ChePostgresPassword) < 1 { + if len(deployContext.CheCluster.Spec.Database.ChePostgresSecret) < 1 { + if len(deployContext.CheCluster.Spec.Database.ChePostgresUser) < 1 || len(deployContext.CheCluster.Spec.Database.ChePostgresPassword) < 1 { chePostgresSecret := deploy.DefaultChePostgresSecret() - deploy.SyncSecretToCluster(instance, chePostgresSecret, map[string][]byte{"user": []byte(deploy.DefaultChePostgresUser), "password": []byte(util.GeneratePasswd(12))}, clusterAPI) - instance.Spec.Database.ChePostgresSecret = chePostgresSecret - if err := r.UpdateCheCRSpec(instance, "Postgres Secret", chePostgresSecret); err != nil { + deploy.SyncSecretToCluster(deployContext, chePostgresSecret, map[string][]byte{"user": []byte(deploy.DefaultChePostgresUser), "password": []byte(util.GeneratePasswd(12))}) + deployContext.CheCluster.Spec.Database.ChePostgresSecret = chePostgresSecret + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres Secret", chePostgresSecret); err != nil { return err } } else { - if len(instance.Spec.Database.ChePostgresUser) < 1 { - instance.Spec.Database.ChePostgresUser = deploy.DefaultChePostgresUser - if err := r.UpdateCheCRSpec(instance, "Postgres User", instance.Spec.Database.ChePostgresUser); err != nil { + if len(deployContext.CheCluster.Spec.Database.ChePostgresUser) < 1 { + deployContext.CheCluster.Spec.Database.ChePostgresUser = deploy.DefaultChePostgresUser + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres User", deployContext.CheCluster.Spec.Database.ChePostgresUser); err != nil { return err } } - if len(instance.Spec.Database.ChePostgresPassword) < 1 { - instance.Spec.Database.ChePostgresPassword = util.GeneratePasswd(12) - if err := r.UpdateCheCRSpec(instance, "auto-generated CheCluster DB password", "password-hidden"); err != nil { + if len(deployContext.CheCluster.Spec.Database.ChePostgresPassword) < 1 { + deployContext.CheCluster.Spec.Database.ChePostgresPassword = util.GeneratePasswd(12) + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "auto-generated CheCluster DB password", "password-hidden"); err != nil { return err } } } } - if len(instance.Spec.Auth.IdentityProviderPostgresSecret) < 1 { + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret) < 1 { keycloakPostgresPassword := util.GeneratePasswd(12) - keycloakDeployment, err := r.GetEffectiveDeployment(instance, "keycloak") + keycloakDeployment, err := r.GetEffectiveDeployment(deployContext.CheCluster, "keycloak") if err == nil { keycloakPostgresPassword = util.GetDeploymentEnv(keycloakDeployment, "DB_PASSWORD") } - if len(instance.Spec.Auth.IdentityProviderPostgresPassword) < 1 { + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword) < 1 { identityPostgresSecret := deploy.DefaultCheIdentityPostgresSecret() - deploy.SyncSecretToCluster(instance, identityPostgresSecret, map[string][]byte{"password": []byte(keycloakPostgresPassword)}, clusterAPI) - instance.Spec.Auth.IdentityProviderPostgresSecret = identityPostgresSecret - if err := r.UpdateCheCRSpec(instance, "Identity Provider Postgres Secret", identityPostgresSecret); err != nil { + deploy.SyncSecretToCluster(deployContext, identityPostgresSecret, map[string][]byte{"password": []byte(keycloakPostgresPassword)}) + deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret = identityPostgresSecret + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Identity Provider Postgres Secret", identityPostgresSecret); err != nil { return err } } } - if len(instance.Spec.Auth.IdentityProviderSecret) < 1 { - keycloakAdminUserName := util.GetValue(instance.Spec.Auth.IdentityProviderAdminUserName, "admin") - keycloakAdminPassword := util.GetValue(instance.Spec.Auth.IdentityProviderPassword, util.GeneratePasswd(12)) + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderSecret) < 1 { + keycloakAdminUserName := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName, "admin") + keycloakAdminPassword := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword, util.GeneratePasswd(12)) - keycloakDeployment, err := r.GetEffectiveDeployment(instance, "keycloak") + keycloakDeployment, err := r.GetEffectiveDeployment(deployContext.CheCluster, "keycloak") if err == nil { keycloakAdminUserName = util.GetDeploymentEnv(keycloakDeployment, "SSO_ADMIN_USERNAME") keycloakAdminPassword = util.GetDeploymentEnv(keycloakDeployment, "SSO_ADMIN_PASSWORD") } - if len(instance.Spec.Auth.IdentityProviderAdminUserName) < 1 || len(instance.Spec.Auth.IdentityProviderPassword) < 1 { + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName) < 1 || len(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword) < 1 { identityProviderSecret := deploy.DefaultCheIdentitySecret() - deploy.SyncSecretToCluster(instance, identityProviderSecret, map[string][]byte{"user": []byte(keycloakAdminUserName), "password": []byte(keycloakAdminPassword)}, clusterAPI) - instance.Spec.Auth.IdentityProviderSecret = identityProviderSecret - if err := r.UpdateCheCRSpec(instance, "Identity Provider Secret", identityProviderSecret); err != nil { + deploy.SyncSecretToCluster(deployContext, identityProviderSecret, map[string][]byte{"user": []byte(keycloakAdminUserName), "password": []byte(keycloakAdminPassword)}) + deployContext.CheCluster.Spec.Auth.IdentityProviderSecret = identityProviderSecret + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Identity Provider Secret", identityProviderSecret); err != nil { return err } } else { - if len(instance.Spec.Auth.IdentityProviderPassword) < 1 { - instance.Spec.Auth.IdentityProviderPassword = keycloakAdminPassword - if err := r.UpdateCheCRSpec(instance, "Keycloak admin password", "password hidden"); err != nil { + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderPassword) < 1 { + deployContext.CheCluster.Spec.Auth.IdentityProviderPassword = keycloakAdminPassword + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak admin password", "password hidden"); err != nil { return err } } - if len(instance.Spec.Auth.IdentityProviderAdminUserName) < 1 { - instance.Spec.Auth.IdentityProviderAdminUserName = keycloakAdminUserName - if err := r.UpdateCheCRSpec(instance, "Keycloak admin username", keycloakAdminUserName); err != nil { + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName) < 1 { + deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName = keycloakAdminUserName + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak admin username", keycloakAdminUserName); err != nil { return err } } } } - chePostgresDb := util.GetValue(instance.Spec.Database.ChePostgresDb, "dbche") - if len(instance.Spec.Database.ChePostgresDb) < 1 { - instance.Spec.Database.ChePostgresDb = chePostgresDb - if err := r.UpdateCheCRSpec(instance, "Postgres DB", chePostgresDb); err != nil { + chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, "dbche") + if len(deployContext.CheCluster.Spec.Database.ChePostgresDb) < 1 { + deployContext.CheCluster.Spec.Database.ChePostgresDb = chePostgresDb + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres DB", chePostgresDb); err != nil { return err } } - chePostgresHostName := util.GetValue(instance.Spec.Database.ChePostgresHostName, deploy.DefaultChePostgresHostName) - if len(instance.Spec.Database.ChePostgresHostName) < 1 { - instance.Spec.Database.ChePostgresHostName = chePostgresHostName - if err := r.UpdateCheCRSpec(instance, "Postgres hostname", chePostgresHostName); err != nil { + chePostgresHostName := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, deploy.DefaultChePostgresHostName) + if len(deployContext.CheCluster.Spec.Database.ChePostgresHostName) < 1 { + deployContext.CheCluster.Spec.Database.ChePostgresHostName = chePostgresHostName + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres hostname", chePostgresHostName); err != nil { return err } } - chePostgresPort := util.GetValue(instance.Spec.Database.ChePostgresPort, deploy.DefaultChePostgresPort) - if len(instance.Spec.Database.ChePostgresPort) < 1 { - instance.Spec.Database.ChePostgresPort = chePostgresPort - if err := r.UpdateCheCRSpec(instance, "Postgres port", chePostgresPort); err != nil { + chePostgresPort := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, deploy.DefaultChePostgresPort) + if len(deployContext.CheCluster.Spec.Database.ChePostgresPort) < 1 { + deployContext.CheCluster.Spec.Database.ChePostgresPort = chePostgresPort + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Postgres port", chePostgresPort); err != nil { return err } } - keycloakRealm := util.GetValue(instance.Spec.Auth.IdentityProviderRealm, cheFlavor) - if len(instance.Spec.Auth.IdentityProviderRealm) < 1 { - instance.Spec.Auth.IdentityProviderRealm = keycloakRealm - if err := r.UpdateCheCRSpec(instance, "Keycloak realm", keycloakRealm); err != nil { + keycloakRealm := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm, cheFlavor) + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm) < 1 { + deployContext.CheCluster.Spec.Auth.IdentityProviderRealm = keycloakRealm + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak realm", keycloakRealm); err != nil { return err } } - keycloakClientId := util.GetValue(instance.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public") - if len(instance.Spec.Auth.IdentityProviderClientId) < 1 { - instance.Spec.Auth.IdentityProviderClientId = keycloakClientId + keycloakClientId := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public") + if len(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId) < 1 { + deployContext.CheCluster.Spec.Auth.IdentityProviderClientId = keycloakClientId - if err := r.UpdateCheCRSpec(instance, "Keycloak client ID", keycloakClientId); err != nil { + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "Keycloak client ID", keycloakClientId); err != nil { return err } } } - cheLogLevel := util.GetValue(instance.Spec.Server.CheLogLevel, deploy.DefaultCheLogLevel) - if len(instance.Spec.Server.CheLogLevel) < 1 { - instance.Spec.Server.CheLogLevel = cheLogLevel - if err := r.UpdateCheCRSpec(instance, "log level", cheLogLevel); err != nil { + cheLogLevel := util.GetValue(deployContext.CheCluster.Spec.Server.CheLogLevel, deploy.DefaultCheLogLevel) + if len(deployContext.CheCluster.Spec.Server.CheLogLevel) < 1 { + deployContext.CheCluster.Spec.Server.CheLogLevel = cheLogLevel + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "log level", cheLogLevel); err != nil { return err } } - cheDebug := util.GetValue(instance.Spec.Server.CheDebug, deploy.DefaultCheDebug) - if len(instance.Spec.Server.CheDebug) < 1 { - instance.Spec.Server.CheDebug = cheDebug - if err := r.UpdateCheCRSpec(instance, "debug", cheDebug); err != nil { + cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, deploy.DefaultCheDebug) + if len(deployContext.CheCluster.Spec.Server.CheDebug) < 1 { + deployContext.CheCluster.Spec.Server.CheDebug = cheDebug + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "debug", cheDebug); err != nil { return err } } - pvcStrategy := util.GetValue(instance.Spec.Storage.PvcStrategy, deploy.DefaultPvcStrategy) - if len(instance.Spec.Storage.PvcStrategy) < 1 { - instance.Spec.Storage.PvcStrategy = pvcStrategy - if err := r.UpdateCheCRSpec(instance, "pvc strategy", pvcStrategy); err != nil { + pvcStrategy := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcStrategy, deploy.DefaultPvcStrategy) + if len(deployContext.CheCluster.Spec.Storage.PvcStrategy) < 1 { + deployContext.CheCluster.Spec.Storage.PvcStrategy = pvcStrategy + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc strategy", pvcStrategy); err != nil { return err } } - pvcClaimSize := util.GetValue(instance.Spec.Storage.PvcClaimSize, deploy.DefaultPvcClaimSize) - if len(instance.Spec.Storage.PvcClaimSize) < 1 { - instance.Spec.Storage.PvcClaimSize = pvcClaimSize - if err := r.UpdateCheCRSpec(instance, "pvc claim size", pvcClaimSize); err != nil { + pvcClaimSize := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcClaimSize, deploy.DefaultPvcClaimSize) + if len(deployContext.CheCluster.Spec.Storage.PvcClaimSize) < 1 { + deployContext.CheCluster.Spec.Storage.PvcClaimSize = pvcClaimSize + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc claim size", pvcClaimSize); err != nil { return err } } @@ -254,51 +254,51 @@ func (r *ReconcileChe) GenerateAndSaveFields(instance *orgv1.CheCluster, request // version that should fixed bug https://github.com/eclipse/che/issues/13714 // Or for the transition from CRW 1.2 to 2.0 - if instance.Spec.Storage.PvcJobsImage == deploy.OldDefaultPvcJobsUpstreamImageToDetect || - (deploy.MigratingToCRW2_0(instance) && instance.Spec.Storage.PvcJobsImage != "") { - instance.Spec.Storage.PvcJobsImage = "" - if err := r.UpdateCheCRSpec(instance, "pvc jobs image", instance.Spec.Storage.PvcJobsImage); err != nil { + if deployContext.CheCluster.Spec.Storage.PvcJobsImage == deploy.OldDefaultPvcJobsUpstreamImageToDetect || + (deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Storage.PvcJobsImage != "") { + deployContext.CheCluster.Spec.Storage.PvcJobsImage = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "pvc jobs image", deployContext.CheCluster.Spec.Storage.PvcJobsImage); err != nil { return err } } - if instance.Spec.Database.PostgresImage == deploy.OldDefaultPostgresUpstreamImageToDetect || - (deploy.MigratingToCRW2_0(instance) && instance.Spec.Database.PostgresImage != "") { - instance.Spec.Database.PostgresImage = "" - if err := r.UpdateCheCRSpec(instance, "postgres image", instance.Spec.Database.PostgresImage); err != nil { + if deployContext.CheCluster.Spec.Database.PostgresImage == deploy.OldDefaultPostgresUpstreamImageToDetect || + (deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Database.PostgresImage != "") { + deployContext.CheCluster.Spec.Database.PostgresImage = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "postgres image", deployContext.CheCluster.Spec.Database.PostgresImage); err != nil { return err } } - if instance.Spec.Auth.IdentityProviderImage == deploy.OldDefaultKeycloakUpstreamImageToDetect || - (deploy.MigratingToCRW2_0(instance) && instance.Spec.Auth.IdentityProviderImage != "") { - instance.Spec.Auth.IdentityProviderImage = "" - if err := r.UpdateCheCRSpec(instance, "keycloak image", instance.Spec.Auth.IdentityProviderImage); err != nil { + if deployContext.CheCluster.Spec.Auth.IdentityProviderImage == deploy.OldDefaultKeycloakUpstreamImageToDetect || + (deploy.MigratingToCRW2_0(deployContext.CheCluster) && deployContext.CheCluster.Spec.Auth.IdentityProviderImage != "") { + deployContext.CheCluster.Spec.Auth.IdentityProviderImage = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "keycloak image", deployContext.CheCluster.Spec.Auth.IdentityProviderImage); err != nil { return err } } - if deploy.MigratingToCRW2_0(instance) && - !instance.Spec.Server.ExternalPluginRegistry && - instance.Spec.Server.PluginRegistryUrl == deploy.OldCrwPluginRegistryUrl { - instance.Spec.Server.PluginRegistryUrl = "" - if err := r.UpdateCheCRSpec(instance, "plugin registry url", instance.Spec.Server.PluginRegistryUrl); err != nil { + if deploy.MigratingToCRW2_0(deployContext.CheCluster) && + !deployContext.CheCluster.Spec.Server.ExternalPluginRegistry && + deployContext.CheCluster.Spec.Server.PluginRegistryUrl == deploy.OldCrwPluginRegistryUrl { + deployContext.CheCluster.Spec.Server.PluginRegistryUrl = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "plugin registry url", deployContext.CheCluster.Spec.Server.PluginRegistryUrl); err != nil { return err } } - if deploy.MigratingToCRW2_0(instance) && - instance.Spec.Server.CheImage == deploy.OldDefaultCodeReadyServerImageRepo { - instance.Spec.Server.CheImage = "" - if err := r.UpdateCheCRSpec(instance, "che image repo", instance.Spec.Server.CheImage); err != nil { + if deploy.MigratingToCRW2_0(deployContext.CheCluster) && + deployContext.CheCluster.Spec.Server.CheImage == deploy.OldDefaultCodeReadyServerImageRepo { + deployContext.CheCluster.Spec.Server.CheImage = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "che image repo", deployContext.CheCluster.Spec.Server.CheImage); err != nil { return err } } - if deploy.MigratingToCRW2_0(instance) && - instance.Spec.Server.CheImageTag == deploy.OldDefaultCodeReadyServerImageTag { - instance.Spec.Server.CheImageTag = "" - if err := r.UpdateCheCRSpec(instance, "che image tag", instance.Spec.Server.CheImageTag); err != nil { + if deploy.MigratingToCRW2_0(deployContext.CheCluster) && + deployContext.CheCluster.Spec.Server.CheImageTag == deploy.OldDefaultCodeReadyServerImageTag { + deployContext.CheCluster.Spec.Server.CheImageTag = "" + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "che image tag", deployContext.CheCluster.Spec.Server.CheImageTag); err != nil { return err } } diff --git a/pkg/controller/che/proxy.go b/pkg/controller/che/proxy.go index 14a6c20788..42aede2bf2 100644 --- a/pkg/controller/che/proxy.go +++ b/pkg/controller/che/proxy.go @@ -47,14 +47,14 @@ func (r *ReconcileChe) getProxyConfiguration(checluster *orgv1.CheCluster) (*dep return proxy, nil } -func (r *ReconcileChe) putOpenShiftCertsIntoConfigMap(checluster *orgv1.CheCluster, proxy *deploy.Proxy, clusterAPI deploy.ClusterAPI) (bool, error) { - if checluster.Spec.Server.ServerTrustStoreConfigMapName == "" { - checluster.Spec.Server.ServerTrustStoreConfigMapName = deploy.DefaultServerTrustStoreConfigMapName() - if err := r.UpdateCheCRSpec(checluster, "truststore configmap", deploy.DefaultServerTrustStoreConfigMapName()); err != nil { +func (r *ReconcileChe) putOpenShiftCertsIntoConfigMap(deployContext *deploy.DeployContext) (bool, error) { + if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName == "" { + deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName = deploy.DefaultServerTrustStoreConfigMapName() + if err := r.UpdateCheCRSpec(deployContext.CheCluster, "truststore configmap", deploy.DefaultServerTrustStoreConfigMapName()); err != nil { return false, err } } - certConfigMap, err := deploy.SyncTrustStoreConfigMapToCluster(checluster, clusterAPI) + certConfigMap, err := deploy.SyncTrustStoreConfigMapToCluster(deployContext) return certConfigMap != nil, err } diff --git a/pkg/deploy/che_configmap.go b/pkg/deploy/che_configmap.go index cd21c56e8f..f1c8e47e77 100644 --- a/pkg/deploy/che_configmap.go +++ b/pkg/deploy/che_configmap.go @@ -17,7 +17,6 @@ import ( "os" "strconv" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" @@ -77,34 +76,34 @@ type CheConfigMap struct { CheTrustedCABundlesConfigMap string `json:"CHE_TRUSTED__CA__BUNDLES__CONFIGMAP,omitempty"` } -func SyncCheConfigMapToCluster(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) { - data := GetCheConfigMapData(checluster, proxy) - specConfigMap, err := GetSpecConfigMap(checluster, CheConfigMapName, data, clusterAPI) +func SyncCheConfigMapToCluster(deployContext *DeployContext) (*corev1.ConfigMap, error) { + data := GetCheConfigMapData(deployContext) + specConfigMap, err := GetSpecConfigMap(deployContext, CheConfigMapName, data) if err != nil { return nil, err } - return SyncConfigMapToCluster(checluster, specConfigMap, clusterAPI) + return SyncConfigMapToCluster(deployContext, specConfigMap) } // GetConfigMapData gets env values from CR spec and returns a map with key:value // which is used in CheCluster ConfigMap to configure CheCluster master behavior -func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string]string) { - cheHost := cr.Spec.Server.CheHost - keycloakURL := cr.Spec.Auth.IdentityProviderURL +func GetCheConfigMapData(deployContext *DeployContext) (cheEnv map[string]string) { + cheHost := deployContext.CheCluster.Spec.Server.CheHost + keycloakURL := deployContext.CheCluster.Spec.Auth.IdentityProviderURL isOpenShift, isOpenshift4, err := util.DetectOpenShift() if err != nil { logrus.Errorf("Failed to get current infra: %s", err) } - cheFlavor := DefaultCheFlavor(cr) + cheFlavor := DefaultCheFlavor(deployContext.CheCluster) infra := "kubernetes" if isOpenShift { infra = "openshift" } tls := "false" openShiftIdentityProviderId := "NULL" - openshiftOAuth := cr.Spec.Auth.OpenShiftoAuth - defaultTargetNamespaceDefault := cr.Namespace // By default Che SA has right in the namespace where Che in installed ... + openshiftOAuth := deployContext.CheCluster.Spec.Auth.OpenShiftoAuth + defaultTargetNamespaceDefault := deployContext.CheCluster.Namespace // By default Che SA has right in the namespace where Che in installed ... if openshiftOAuth && isOpenShift { // ... But if the workspace is created under the openshift identity of the end-user, // Then we'll have rights to create any new namespace @@ -114,9 +113,9 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string] openShiftIdentityProviderId = "openshift-v4" } } - defaultTargetNamespace := util.GetValue(cr.Spec.Server.WorkspaceNamespaceDefault, defaultTargetNamespaceDefault) - namespaceAllowUserDefined := strconv.FormatBool(cr.Spec.Server.AllowUserDefinedWorkspaceNamespaces) - tlsSupport := cr.Spec.Server.TlsSupport + defaultTargetNamespace := util.GetValue(deployContext.CheCluster.Spec.Server.WorkspaceNamespaceDefault, defaultTargetNamespaceDefault) + namespaceAllowUserDefined := strconv.FormatBool(deployContext.CheCluster.Spec.Server.AllowUserDefinedWorkspaceNamespaces) + tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport protocol := "http" wsprotocol := "ws" if tlsSupport { @@ -126,50 +125,50 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string] } proxyJavaOpts := "" - cheWorkspaceNoProxy := proxy.NoProxy - if proxy.HttpProxy != "" { - if proxy.NoProxy == "" { + cheWorkspaceNoProxy := deployContext.Proxy.NoProxy + if deployContext.Proxy.HttpProxy != "" { + if deployContext.Proxy.NoProxy == "" { cheWorkspaceNoProxy = os.Getenv("KUBERNETES_SERVICE_HOST") } else { cheWorkspaceNoProxy = cheWorkspaceNoProxy + "," + os.Getenv("KUBERNETES_SERVICE_HOST") } - proxyJavaOpts, err = GenerateProxyJavaOpts(proxy, cheWorkspaceNoProxy) + proxyJavaOpts, err = GenerateProxyJavaOpts(deployContext.Proxy, cheWorkspaceNoProxy) if err != nil { logrus.Errorf("Failed to generate java proxy options: %v", err) } } - ingressDomain := cr.Spec.K8s.IngressDomain - tlsSecretName := cr.Spec.K8s.TlsSecretName + ingressDomain := deployContext.CheCluster.Spec.K8s.IngressDomain + tlsSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName if tlsSupport && tlsSecretName == "" { tlsSecretName = "che-tls" } - securityContextFsGroup := util.GetValue(cr.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup) - securityContextRunAsUser := util.GetValue(cr.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser) - pvcStrategy := util.GetValue(cr.Spec.Storage.PvcStrategy, DefaultPvcStrategy) - pvcClaimSize := util.GetValue(cr.Spec.Storage.PvcClaimSize, DefaultPvcClaimSize) - workspacePvcStorageClassName := cr.Spec.Storage.WorkspacePVCStorageClassName - - defaultPVCJobsImage := DefaultPvcJobsImage(cr) - pvcJobsImage := util.GetValue(cr.Spec.Storage.PvcJobsImage, defaultPVCJobsImage) + securityContextFsGroup := util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup) + securityContextRunAsUser := util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser) + pvcStrategy := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcStrategy, DefaultPvcStrategy) + pvcClaimSize := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcClaimSize, DefaultPvcClaimSize) + workspacePvcStorageClassName := deployContext.CheCluster.Spec.Storage.WorkspacePVCStorageClassName + + defaultPVCJobsImage := DefaultPvcJobsImage(deployContext.CheCluster) + pvcJobsImage := util.GetValue(deployContext.CheCluster.Spec.Storage.PvcJobsImage, defaultPVCJobsImage) preCreateSubPaths := "true" - if !cr.Spec.Storage.PreCreateSubPaths { + if !deployContext.CheCluster.Spec.Storage.PreCreateSubPaths { preCreateSubPaths = "false" } - chePostgresHostName := util.GetValue(cr.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName) - chePostgresPort := util.GetValue(cr.Spec.Database.ChePostgresPort, DefaultChePostgresPort) - chePostgresDb := util.GetValue(cr.Spec.Database.ChePostgresDb, DefaultChePostgresDb) - keycloakRealm := util.GetValue(cr.Spec.Auth.IdentityProviderRealm, cheFlavor) - keycloakClientId := util.GetValue(cr.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public") - ingressStrategy := util.GetValue(cr.Spec.K8s.IngressStrategy, DefaultIngressStrategy) - ingressClass := util.GetValue(cr.Spec.K8s.IngressClass, DefaultIngressClass) - devfileRegistryUrl := cr.Status.DevfileRegistryURL - pluginRegistryUrl := cr.Status.PluginRegistryURL - cheLogLevel := util.GetValue(cr.Spec.Server.CheLogLevel, DefaultCheLogLevel) - cheDebug := util.GetValue(cr.Spec.Server.CheDebug, DefaultCheDebug) - cheMetrics := strconv.FormatBool(cr.Spec.Metrics.Enable) - cheLabels := util.MapToKeyValuePairs(GetLabels(cr, DefaultCheFlavor(cr))) - cheMultiUser := GetCheMultiUser(cr) + chePostgresHostName := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName) + chePostgresPort := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort) + chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, DefaultChePostgresDb) + keycloakRealm := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderRealm, cheFlavor) + keycloakClientId := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderClientId, cheFlavor+"-public") + ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) + ingressClass := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressClass, DefaultIngressClass) + devfileRegistryUrl := deployContext.CheCluster.Status.DevfileRegistryURL + pluginRegistryUrl := deployContext.CheCluster.Status.PluginRegistryURL + cheLogLevel := util.GetValue(deployContext.CheCluster.Spec.Server.CheLogLevel, DefaultCheLogLevel) + cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, DefaultCheDebug) + cheMetrics := strconv.FormatBool(deployContext.CheCluster.Spec.Metrics.Enable) + cheLabels := util.MapToKeyValuePairs(GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster))) + cheMultiUser := GetCheMultiUser(deployContext.CheCluster) data := &CheConfigMap{ CheMultiUser: cheMultiUser, @@ -196,17 +195,17 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string] WorkspaceJavaOpts: DefaultWorkspaceJavaOpts + " " + proxyJavaOpts, WorkspaceMavenOpts: DefaultWorkspaceJavaOpts + " " + proxyJavaOpts, WorkspaceProxyJavaOpts: proxyJavaOpts, - WorkspaceHttpProxy: proxy.HttpProxy, - WorkspaceHttpsProxy: proxy.HttpsProxy, + WorkspaceHttpProxy: deployContext.Proxy.HttpProxy, + WorkspaceHttpsProxy: deployContext.Proxy.HttpsProxy, WorkspaceNoProxy: cheWorkspaceNoProxy, PluginRegistryUrl: pluginRegistryUrl, DevfileRegistryUrl: devfileRegistryUrl, - CheWorkspacePluginBrokerMetadataImage: DefaultCheWorkspacePluginBrokerMetadataImage(cr), - CheWorkspacePluginBrokerArtifactsImage: DefaultCheWorkspacePluginBrokerArtifactsImage(cr), - CheServerSecureExposerJwtProxyImage: DefaultCheServerSecureExposerJwtProxyImage(cr), + CheWorkspacePluginBrokerMetadataImage: DefaultCheWorkspacePluginBrokerMetadataImage(deployContext.CheCluster), + CheWorkspacePluginBrokerArtifactsImage: DefaultCheWorkspacePluginBrokerArtifactsImage(deployContext.CheCluster), + CheServerSecureExposerJwtProxyImage: DefaultCheServerSecureExposerJwtProxyImage(deployContext.CheCluster), CheJGroupsKubernetesLabels: cheLabels, CheMetricsEnabled: cheMetrics, - CheTrustedCABundlesConfigMap: cr.Spec.Server.ServerTrustStoreConfigMapName, + CheTrustedCABundlesConfigMap: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName, } if cheMultiUser == "true" { @@ -214,9 +213,9 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string] data.KeycloakRealm = keycloakRealm data.KeycloakClientId = keycloakClientId data.DatabaseURL = "jdbc:postgresql://" + chePostgresHostName + ":" + chePostgresPort + "/" + chePostgresDb - if len(cr.Spec.Database.ChePostgresSecret) < 1 { - data.DbUserName = cr.Spec.Database.ChePostgresUser - data.DbPassword = cr.Spec.Database.ChePostgresPassword + if len(deployContext.CheCluster.Spec.Database.ChePostgresSecret) < 1 { + data.DbUserName = deployContext.CheCluster.Spec.Database.ChePostgresUser + data.DbPassword = deployContext.CheCluster.Spec.Database.ChePostgresPassword } } @@ -241,6 +240,6 @@ func GetCheConfigMapData(cr *orgv1.CheCluster, proxy *Proxy) (cheEnv map[string] addMap(cheEnv, k8sCheEnv) } - addMap(cheEnv, cr.Spec.Server.CustomCheProperties) + addMap(cheEnv, deployContext.CheCluster.Spec.Server.CustomCheProperties) return cheEnv } diff --git a/pkg/deploy/che_configmap_test.go b/pkg/deploy/che_configmap_test.go index b4dce3d4c9..cab6399a5b 100644 --- a/pkg/deploy/che_configmap_test.go +++ b/pkg/deploy/che_configmap_test.go @@ -28,8 +28,13 @@ func TestNewCheConfigMap(t *testing.T) { cr.Spec.Server.CheHost = "myhostname.com" cr.Spec.Server.TlsSupport = true cr.Spec.Auth.OpenShiftoAuth = true - cheEnv := GetCheConfigMapData(cr, &Proxy{}) - testCm, _ := GetSpecConfigMap(cr, CheConfigMapName, cheEnv, ClusterAPI{}) + deployContext := &DeployContext{ + CheCluster: cr, + Proxy: &Proxy{}, + ClusterAPI: ClusterAPI{}, + } + cheEnv := GetCheConfigMapData(deployContext) + testCm, _ := GetSpecConfigMap(deployContext, CheConfigMapName, cheEnv) identityProvider := testCm.Data["CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER"] _, isOpenshiftv4, _ := util.DetectOpenShift() protocol := strings.Split(testCm.Data["CHE_API"], "://")[0] @@ -53,8 +58,13 @@ func TestConfigMapOverride(t *testing.T) { "CHE_WORKSPACE_NO_PROXY": "myproxy.myhostname.com", } cr.Spec.Auth.OpenShiftoAuth = true - cheEnv := GetCheConfigMapData(cr, &Proxy{}) - testCm, _ := GetSpecConfigMap(cr, CheConfigMapName, cheEnv, ClusterAPI{}) + deployContext := &DeployContext{ + CheCluster: cr, + Proxy: &Proxy{}, + ClusterAPI: ClusterAPI{}, + } + cheEnv := GetCheConfigMapData(deployContext) + testCm, _ := GetSpecConfigMap(deployContext, CheConfigMapName, cheEnv) if testCm.Data["CHE_WORKSPACE_NO_PROXY"] != "myproxy.myhostname.com" { t.Errorf("Test failed. Expected myproxy.myhostname.com but was %s", testCm.Data["CHE_WORKSPACE_NO_PROXY"]) } diff --git a/pkg/deploy/che_service_test.go b/pkg/deploy/che_service_test.go index 5c83ede39b..03e13c7c35 100644 --- a/pkg/deploy/che_service_test.go +++ b/pkg/deploy/che_service_test.go @@ -39,8 +39,11 @@ func TestCreateCheDefaultService(t *testing.T) { Server: orgv1.CheClusterSpecServer{}, }, } - - service, err := GetSpecCheService(cheCluster, ClusterAPI{}) + deployContext := &DeployContext{ + CheCluster: cheCluster, + ClusterAPI: ClusterAPI{}, + } + service, err := GetSpecCheService(deployContext) if service == nil || err != nil { t.Error("service should be created witn no error") @@ -60,8 +63,12 @@ func TestCreateCheServerDebug(t *testing.T) { }, }, } + deployContext := &DeployContext{ + CheCluster: cheCluster, + ClusterAPI: ClusterAPI{}, + } - service, err := GetSpecCheService(cheCluster, ClusterAPI{}) + service, err := GetSpecCheService(deployContext) if service == nil || err != nil { t.Error("service should be created without error") @@ -83,7 +90,12 @@ func TestCreateCheServiceEnableMetrics(t *testing.T) { }, } - service, err := GetSpecCheService(cheCluster, ClusterAPI{}) + deployContext := &DeployContext{ + CheCluster: cheCluster, + ClusterAPI: ClusterAPI{}, + } + + service, err := GetSpecCheService(deployContext) if service == nil || err != nil { t.Error("service should be created witn no error") @@ -104,7 +116,12 @@ func TestCreateCheServiceDisableMetrics(t *testing.T) { }, } - service, err := GetSpecCheService(cheCluster, ClusterAPI{}) + deployContext := &DeployContext{ + CheCluster: cheCluster, + ClusterAPI: ClusterAPI{}, + } + + service, err := GetSpecCheService(deployContext) if service == nil || err != nil { t.Error("service should be created witn no error") diff --git a/pkg/deploy/configmap.go b/pkg/deploy/configmap.go index fca4bc174d..b2324de2c0 100644 --- a/pkg/deploy/configmap.go +++ b/pkg/deploy/configmap.go @@ -15,7 +15,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" "github.com/google/go-cmp/cmp" "github.com/sirupsen/logrus" @@ -27,15 +26,15 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1.ConfigMap, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) { - clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, clusterAPI.Client) +func SyncConfigMapToCluster(deployContext *DeployContext, specConfigMap *corev1.ConfigMap) (*corev1.ConfigMap, error) { + clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterConfigMap == nil { logrus.Infof("Creating a new object: %s, name %s", specConfigMap.Kind, specConfigMap.Name) - err := clusterAPI.Client.Create(context.TODO(), specConfigMap) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specConfigMap) return nil, err } @@ -44,7 +43,7 @@ func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1. logrus.Infof("Updating existed object: %s, name: %s", specConfigMap.Kind, specConfigMap.Name) fmt.Printf("Difference:\n%s", diff) clusterConfigMap.Data = specConfigMap.Data - err := clusterAPI.Client.Update(context.TODO(), clusterConfigMap) + err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterConfigMap) return nil, err } @@ -52,12 +51,11 @@ func SyncConfigMapToCluster(checluster *orgv1.CheCluster, specConfigMap *corev1. } func GetSpecConfigMap( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, - data map[string]string, - clusterAPI ClusterAPI) (*corev1.ConfigMap, error) { + data map[string]string) (*corev1.ConfigMap, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) configMap := &corev1.ConfigMap{ TypeMeta: metav1.TypeMeta{ Kind: "ConfigMap", @@ -65,14 +63,14 @@ func GetSpecConfigMap( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Data: data, } if !util.IsTestMode() { - err := controllerutil.SetControllerReference(checluster, configMap, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, configMap, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/configmap_cert.go b/pkg/deploy/configmap_cert.go index 12d7cd57a4..61fc173fea 100644 --- a/pkg/deploy/configmap_cert.go +++ b/pkg/deploy/configmap_cert.go @@ -14,7 +14,6 @@ package deploy import ( "context" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" ) @@ -23,9 +22,9 @@ const ( injector = "config.openshift.io/inject-trusted-cabundle" ) -func SyncTrustStoreConfigMapToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (*corev1.ConfigMap, error) { - name := checluster.Spec.Server.ServerTrustStoreConfigMapName - specConfigMap, err := GetSpecConfigMap(checluster, name, map[string]string{}, clusterAPI) +func SyncTrustStoreConfigMapToCluster(deployContext *DeployContext) (*corev1.ConfigMap, error) { + name := deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName + specConfigMap, err := GetSpecConfigMap(deployContext, name, map[string]string{}) if err != nil { return nil, err } @@ -33,21 +32,21 @@ func SyncTrustStoreConfigMapToCluster(checluster *orgv1.CheCluster, clusterAPI C // OpenShift will automatically injects all certs into the configmap specConfigMap.ObjectMeta.Labels[injector] = "true" - clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, clusterAPI.Client) + clusterConfigMap, err := getClusterConfigMap(specConfigMap.Name, specConfigMap.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterConfigMap == nil { logrus.Infof("Creating a new object: %s, name %s", specConfigMap.Kind, specConfigMap.Name) - err := clusterAPI.Client.Create(context.TODO(), specConfigMap) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specConfigMap) return nil, err } if clusterConfigMap.ObjectMeta.Labels[injector] != "true" { clusterConfigMap.ObjectMeta.Labels[injector] = "true" logrus.Infof("Updating existed object: %s, name: %s", specConfigMap.Kind, specConfigMap.Name) - err := clusterAPI.Client.Update(context.TODO(), clusterConfigMap) + err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterConfigMap) return nil, err } diff --git a/pkg/deploy/data_types.go b/pkg/deploy/data_types.go index 4c7e98badb..1a04762ef4 100644 --- a/pkg/deploy/data_types.go +++ b/pkg/deploy/data_types.go @@ -13,6 +13,7 @@ package deploy import ( + orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -23,7 +24,10 @@ type ProvisioningStatus struct { Err error } -type Context struct { +type DeployContext struct { + CheCluster *orgv1.CheCluster + ClusterAPI ClusterAPI + Proxy *Proxy DefaultCheHost string } diff --git a/pkg/deploy/deployment.go b/pkg/deploy/deployment.go index 09c7881f51..f987942eed 100644 --- a/pkg/deploy/deployment.go +++ b/pkg/deploy/deployment.go @@ -15,7 +15,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" "github.com/sirupsen/logrus" @@ -46,14 +45,13 @@ type DeploymentProvisioningStatus struct { } func SyncDeploymentToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, specDeployment *appsv1.Deployment, clusterDeployment *appsv1.Deployment, additionalDeploymentDiffOpts cmp.Options, - additionalDeploymentMerge func(*appsv1.Deployment, *appsv1.Deployment) *appsv1.Deployment, - clusterAPI ClusterAPI) DeploymentProvisioningStatus { + additionalDeploymentMerge func(*appsv1.Deployment, *appsv1.Deployment) *appsv1.Deployment) DeploymentProvisioningStatus { - clusterDeployment, err := getClusterDeployment(specDeployment.Name, specDeployment.Namespace, clusterAPI.Client) + clusterDeployment, err := getClusterDeployment(specDeployment.Name, specDeployment.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, @@ -62,7 +60,7 @@ func SyncDeploymentToCluster( if clusterDeployment == nil { logrus.Infof("Creating a new object: %s, name %s", specDeployment.Kind, specDeployment.Name) - err := clusterAPI.Client.Create(context.TODO(), specDeployment) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specDeployment) return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -77,7 +75,7 @@ func SyncDeploymentToCluster( logrus.Infof("Updating existed object: %s, name: %s", specDeployment.Kind, specDeployment.Name) fmt.Printf("Difference:\n%s", diff) clusterDeployment = additionalDeploymentMerge(specDeployment, clusterDeployment) - err := clusterAPI.Client.Update(context.TODO(), clusterDeployment) + err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterDeployment) return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -89,7 +87,7 @@ func SyncDeploymentToCluster( logrus.Infof("Updating existed object: %s, name: %s", specDeployment.Kind, specDeployment.Name) fmt.Printf("Difference:\n%s", diff) clusterDeployment.Spec = specDeployment.Spec - err := clusterAPI.Client.Update(context.TODO(), clusterDeployment) + err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterDeployment) return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } diff --git a/pkg/deploy/deployment_che.go b/pkg/deploy/deployment_che.go index a2900adae8..f31cb1b450 100644 --- a/pkg/deploy/deployment_che.go +++ b/pkg/deploy/deployment_che.go @@ -25,50 +25,50 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -func SyncCheDeploymentToCluster(checluster *orgv1.CheCluster, cmResourceVersion string, proxy *Proxy, clusterAPI ClusterAPI) DeploymentProvisioningStatus { - clusterDeployment, err := getClusterDeployment(DefaultCheFlavor(checluster), checluster.Namespace, clusterAPI.Client) +func SyncCheDeploymentToCluster(deployContext *DeployContext, cmResourceVersion string) DeploymentProvisioningStatus { + clusterDeployment, err := getClusterDeployment(DefaultCheFlavor(deployContext.CheCluster), deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - specDeployment, err := getSpecCheDeployment(checluster, cmResourceVersion, proxy, clusterAPI) + specDeployment, err := getSpecCheDeployment(deployContext, cmResourceVersion) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI) + return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil) } -func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string, proxy *Proxy, clusterAPI ClusterAPI) (*appsv1.Deployment, error) { +func getSpecCheDeployment(deployContext *DeployContext, cmResourceVersion string) (*appsv1.Deployment, error) { isOpenShift, _, err := util.DetectOpenShift() if err != nil { return nil, err } - selfSignedCertUsed, err := IsSelfSignedCertificateUsed(checluster, proxy, clusterAPI) + selfSignedCertUsed, err := IsSelfSignedCertificateUsed(deployContext) if err != nil { return nil, err } terminationGracePeriodSeconds := int64(30) - cheFlavor := DefaultCheFlavor(checluster) - labels := GetLabels(checluster, cheFlavor) + cheFlavor := DefaultCheFlavor(deployContext.CheCluster) + labels := GetLabels(deployContext.CheCluster, cheFlavor) optionalEnv := true - memRequest := util.GetValue(checluster.Spec.Server.ServerMemoryRequest, DefaultServerMemoryRequest) + memRequest := util.GetValue(deployContext.CheCluster.Spec.Server.ServerMemoryRequest, DefaultServerMemoryRequest) selfSignedCertEnv := corev1.EnvVar{ Name: "CHE_SELF__SIGNED__CERT", Value: "", } customPublicCertsVolumeSource := corev1.VolumeSource{} - if checluster.Spec.Server.ServerTrustStoreConfigMapName != "" { + if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName != "" { customPublicCertsVolumeSource = corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: checluster.Spec.Server.ServerTrustStoreConfigMapName, + Name: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName, }, }, } @@ -103,7 +103,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string }, } } - if checluster.Spec.Server.GitSelfSignedCert { + if deployContext.CheCluster.Spec.Server.GitSelfSignedCert { gitSelfSignedCertEnv = corev1.EnvVar{ Name: "CHE_GIT_SELF__SIGNED__CERT", ValueFrom: &corev1.EnvVarSource{ @@ -130,9 +130,9 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string } } - memLimit := util.GetValue(checluster.Spec.Server.ServerMemoryLimit, DefaultServerMemoryLimit) - cheImageAndTag := GetFullCheServerImageLink(checluster) - pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.CheImagePullPolicy), DefaultPullPolicyFromDockerImage(cheImageAndTag))) + memLimit := util.GetValue(deployContext.CheCluster.Spec.Server.ServerMemoryLimit, DefaultServerMemoryLimit) + cheImageAndTag := GetFullCheServerImageLink(deployContext.CheCluster) + pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.CheImagePullPolicy), DefaultPullPolicyFromDockerImage(cheImageAndTag))) deployment := &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ @@ -141,7 +141,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string }, ObjectMeta: metav1.ObjectMeta{ Name: cheFlavor, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: appsv1.DeploymentSpec{ @@ -223,9 +223,9 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string }, } - cheMultiUser := GetCheMultiUser(checluster) + cheMultiUser := GetCheMultiUser(deployContext.CheCluster) if cheMultiUser == "true" { - chePostgresSecret := checluster.Spec.Database.ChePostgresSecret + chePostgresSecret := deployContext.CheCluster.Spec.Database.ChePostgresSecret if len(chePostgresSecret) > 0 { deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{ @@ -268,7 +268,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string } // configure probes if debug isn't set - cheDebug := util.GetValue(checluster.Spec.Server.CheDebug, DefaultCheDebug) + cheDebug := util.GetValue(deployContext.CheCluster.Spec.Server.CheDebug, DefaultCheDebug) if cheDebug != "true" { deployment.Spec.Template.Spec.Containers[0].ReadinessProbe = &corev1.Probe{ Handler: corev1.Handler{ @@ -310,11 +310,11 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string } if !isOpenShift { - runAsUser, err := strconv.ParseInt(util.GetValue(checluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser), 10, 64) + runAsUser, err := strconv.ParseInt(util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextRunAsUser, DefaultSecurityContextRunAsUser), 10, 64) if err != nil { return nil, err } - fsGroup, err := strconv.ParseInt(util.GetValue(checluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup), 10, 64) + fsGroup, err := strconv.ParseInt(util.GetValue(deployContext.CheCluster.Spec.K8s.SecurityContextFsGroup, DefaultSecurityContextFsGroup), 10, 64) if err != nil { return nil, err } @@ -325,7 +325,7 @@ func getSpecCheDeployment(checluster *orgv1.CheCluster, cmResourceVersion string } if !util.IsTestMode() { - err = controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme) + err = controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/deployment_keycloak.go b/pkg/deploy/deployment_keycloak.go index 1ab1adf113..4ba3c24fb2 100644 --- a/pkg/deploy/deployment_keycloak.go +++ b/pkg/deploy/deployment_keycloak.go @@ -56,34 +56,32 @@ var ( } ) -func SyncKeycloakDeploymentToCluster(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) DeploymentProvisioningStatus { - clusterDeployment, err := getClusterDeployment(KeycloakDeploymentName, checluster.Namespace, clusterAPI.Client) +func SyncKeycloakDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus { + clusterDeployment, err := getClusterDeployment(KeycloakDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - specDeployment, err := getSpecKeycloakDeployment(checluster, clusterDeployment, proxy, clusterAPI) + specDeployment, err := getSpecKeycloakDeployment(deployContext, clusterDeployment) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, keycloakCustomDiffOpts, keycloakAdditionalDeploymentMerge, clusterAPI) + return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, keycloakCustomDiffOpts, keycloakAdditionalDeploymentMerge) } func getSpecKeycloakDeployment( - checluster *orgv1.CheCluster, - clusterDeployment *appsv1.Deployment, - proxy *Proxy, - clusterAPI ClusterAPI) (*appsv1.Deployment, error) { + deployContext *DeployContext, + clusterDeployment *appsv1.Deployment) (*appsv1.Deployment, error) { optionalEnv := true - labels := GetLabels(checluster, KeycloakDeploymentName) - cheFlavor := DefaultCheFlavor(checluster) - keycloakImage := util.GetValue(checluster.Spec.Auth.IdentityProviderImage, DefaultKeycloakImage(checluster)) - pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Auth.IdentityProviderImagePullPolicy), DefaultPullPolicyFromDockerImage(keycloakImage))) + labels := GetLabels(deployContext.CheCluster, KeycloakDeploymentName) + cheFlavor := DefaultCheFlavor(deployContext.CheCluster) + keycloakImage := util.GetValue(deployContext.CheCluster.Spec.Auth.IdentityProviderImage, DefaultKeycloakImage(deployContext.CheCluster)) + pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Auth.IdentityProviderImagePullPolicy), DefaultPullPolicyFromDockerImage(keycloakImage))) jbossDir := "/opt/eap" if cheFlavor == "che" { // writable dir in the upstream Keycloak image @@ -102,8 +100,8 @@ func getSpecKeycloakDeployment( } terminationGracePeriodSeconds := int64(30) - cheCertSecretVersion := getSecretResourceVersion("self-signed-certificate", checluster.Namespace, clusterAPI) - openshiftApiCertSecretVersion := getSecretResourceVersion("openshift-api-crt", checluster.Namespace, clusterAPI) + cheCertSecretVersion := getSecretResourceVersion("self-signed-certificate", deployContext.CheCluster.Namespace, deployContext.ClusterAPI) + openshiftApiCertSecretVersion := getSecretResourceVersion("openshift-api-crt", deployContext.CheCluster.Namespace, deployContext.ClusterAPI) // add various certificates to Java trust store so that Keycloak can connect to OpenShift API // certificate that OpenShift router uses (for 4.0 only) @@ -130,11 +128,11 @@ func getSpecKeycloakDeployment( customPublicCertsDir := "/public-certs" customPublicCertsVolumeSource := corev1.VolumeSource{} - if checluster.Spec.Server.ServerTrustStoreConfigMapName != "" { + if deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName != "" { customPublicCertsVolumeSource = corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: checluster.Spec.Server.ServerTrustStoreConfigMapName, + Name: deployContext.CheCluster.Spec.Server.ServerTrustStoreConfigMapName, }, }, } @@ -167,24 +165,24 @@ func getSpecKeycloakDeployment( applyProxyCliCommand := "" proxyEnvVars := []corev1.EnvVar{} - if proxy.HttpProxy != "" { + if deployContext.Proxy.HttpProxy != "" { proxyEnvVars = []corev1.EnvVar{ corev1.EnvVar{ Name: "HTTP_PROXY", - Value: proxy.HttpProxy, + Value: deployContext.Proxy.HttpProxy, }, corev1.EnvVar{ Name: "HTTPS_PROXY", - Value: proxy.HttpsProxy, + Value: deployContext.Proxy.HttpsProxy, }, corev1.EnvVar{ Name: "NO_PROXY", - Value: proxy.NoProxy, + Value: deployContext.Proxy.NoProxy, }, } quotedNoProxy := "" - for _, noProxyHost := range strings.Split(proxy.NoProxy, ",") { + for _, noProxyHost := range strings.Split(deployContext.Proxy.NoProxy, ",") { if len(quotedNoProxy) != 0 { quotedNoProxy += "," } @@ -199,7 +197,7 @@ func getSpecKeycloakDeployment( } addProxyCliCommand = " && echo Configuring Proxy && " + "echo -e 'embed-server --server-config=" + serverConfig + " --std-out=echo \n" + - "/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[" + quotedNoProxy + ",\".*;" + proxy.HttpProxy + "\"]) \n" + + "/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[" + quotedNoProxy + ",\".*;" + deployContext.Proxy.HttpProxy + "\"]) \n" + "stop-embedded-server' > " + jbossDir + "/setup-http-proxy.cli" applyProxyCliCommand = " && " + jbossCli + " --file=" + jbossDir + "/setup-http-proxy.cli" @@ -221,19 +219,19 @@ func getSpecKeycloakDeployment( }, { Name: "POSTGRES_PORT_5432_TCP_ADDR", - Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), }, { Name: "POSTGRES_PORT_5432_TCP_PORT", - Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), }, { Name: "POSTGRES_PORT", - Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), }, { Name: "POSTGRES_ADDR", - Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), }, { Name: "POSTGRES_DATABASE", @@ -281,7 +279,7 @@ func getSpecKeycloakDeployment( }, } - identityProviderPostgresSecret := checluster.Spec.Auth.IdentityProviderPostgresSecret + identityProviderPostgresSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret if len(identityProviderPostgresSecret) > 0 { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "POSTGRES_PASSWORD", @@ -297,11 +295,11 @@ func getSpecKeycloakDeployment( } else { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "POSTGRES_PASSWORD", - Value: checluster.Spec.Auth.IdentityProviderPostgresPassword, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword, }) } - identityProviderSecret := checluster.Spec.Auth.IdentityProviderSecret + identityProviderSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderSecret if len(identityProviderSecret) > 0 { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "KEYCLOAK_PASSWORD", @@ -328,11 +326,11 @@ func getSpecKeycloakDeployment( } else { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "KEYCLOAK_PASSWORD", - Value: checluster.Spec.Auth.IdentityProviderPassword, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPassword, }, corev1.EnvVar{ Name: "KEYCLOAK_USER", - Value: checluster.Spec.Auth.IdentityProviderAdminUserName, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName, }) } @@ -348,11 +346,11 @@ func getSpecKeycloakDeployment( }, { Name: "KEYCLOAK_POSTGRESQL_SERVICE_HOST", - Value: util.GetValue(checluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresHostName, DefaultChePostgresHostName), }, { Name: "KEYCLOAK_POSTGRESQL_SERVICE_PORT", - Value: util.GetValue(checluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), + Value: util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresPort, DefaultChePostgresPort), }, { Name: "DB_DATABASE", @@ -404,7 +402,7 @@ func getSpecKeycloakDeployment( }, } - identityProviderPostgresSecret := checluster.Spec.Auth.IdentityProviderPostgresSecret + identityProviderPostgresSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresSecret if len(identityProviderPostgresSecret) > 0 { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "DB_PASSWORD", @@ -420,11 +418,11 @@ func getSpecKeycloakDeployment( } else { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "DB_PASSWORD", - Value: checluster.Spec.Auth.IdentityProviderPostgresPassword, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPostgresPassword, }) } - identityProviderSecret := checluster.Spec.Auth.IdentityProviderSecret + identityProviderSecret := deployContext.CheCluster.Spec.Auth.IdentityProviderSecret if len(identityProviderSecret) > 0 { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "SSO_ADMIN_PASSWORD", @@ -451,11 +449,11 @@ func getSpecKeycloakDeployment( } else { keycloakEnv = append(keycloakEnv, corev1.EnvVar{ Name: "SSO_ADMIN_PASSWORD", - Value: checluster.Spec.Auth.IdentityProviderPassword, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderPassword, }, corev1.EnvVar{ Name: "SSO_ADMIN_USERNAME", - Value: checluster.Spec.Auth.IdentityProviderAdminUserName, + Value: deployContext.CheCluster.Spec.Auth.IdentityProviderAdminUserName, }) } } @@ -473,7 +471,7 @@ func getSpecKeycloakDeployment( " && sed -i 's/WILDCARD/ANY/g' /opt/eap/bin/launch/keycloak-spi.sh && /opt/eap/bin/openshift-launch.sh -b 0.0.0.0" } - sslRequiredUpdatedForMasterRealm := isSslRequiredUpdatedForMasterRealm(checluster, clusterAPI) + sslRequiredUpdatedForMasterRealm := isSslRequiredUpdatedForMasterRealm(deployContext) if sslRequiredUpdatedForMasterRealm { // update command to restart pod command = "echo \"ssl_required WAS UPDATED for master realm.\" && " + command @@ -488,7 +486,7 @@ func getSpecKeycloakDeployment( }, ObjectMeta: metav1.ObjectMeta{ Name: KeycloakDeploymentName, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, Annotations: map[string]string{ "che.self-signed-certificate.version": cheCertSecretVersion, @@ -564,7 +562,7 @@ func getSpecKeycloakDeployment( } if !util.IsTestMode() { - err := controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } @@ -585,8 +583,8 @@ func getSecretResourceVersion(name string, namespace string, clusterAPI ClusterA return secret.ResourceVersion } -func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) bool { - if checluster.Spec.Database.ExternalDb { +func isSslRequiredUpdatedForMasterRealm(deployContext *DeployContext) bool { + if deployContext.CheCluster.Spec.Database.ExternalDb { return false } @@ -594,7 +592,7 @@ func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI return false } - clusterDeployment, _ := getClusterDeployment(KeycloakDeploymentName, checluster.Namespace, clusterAPI.Client) + clusterDeployment, _ := getClusterDeployment(KeycloakDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if clusterDeployment == nil { return false } @@ -604,7 +602,7 @@ func isSslRequiredUpdatedForMasterRealm(checluster *orgv1.CheCluster, clusterAPI return true } - dbValue, _ := getSslRequiredForMasterRealm(checluster) + dbValue, _ := getSslRequiredForMasterRealm(deployContext.CheCluster) return dbValue == "NONE" } @@ -628,27 +626,27 @@ func updateSslRequiredForMasterRealm(checluster *orgv1.CheCluster) error { return err } -func ProvisionKeycloakResources(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) error { - if !checluster.Spec.Database.ExternalDb { - value, err := getSslRequiredForMasterRealm(checluster) +func ProvisionKeycloakResources(deployContext *DeployContext) error { + if !deployContext.CheCluster.Spec.Database.ExternalDb { + value, err := getSslRequiredForMasterRealm(deployContext.CheCluster) if err != nil { return err } if value != "NONE" { - err := updateSslRequiredForMasterRealm(checluster) + err := updateSslRequiredForMasterRealm(deployContext.CheCluster) if err != nil { return err } } } - keycloakProvisionCommand := GetKeycloakProvisionCommand(checluster) - podToExec, err := util.K8sclient.GetDeploymentPod(KeycloakDeploymentName, checluster.Namespace) + keycloakProvisionCommand := GetKeycloakProvisionCommand(deployContext.CheCluster) + podToExec, err := util.K8sclient.GetDeploymentPod(KeycloakDeploymentName, deployContext.CheCluster.Namespace) if err != nil { logrus.Errorf("Failed to retrieve pod name. Further exec will fail") } - _, err = util.K8sclient.ExecIntoPod(podToExec, keycloakProvisionCommand, "create realm, client and user", checluster.Namespace) + _, err = util.K8sclient.ExecIntoPod(podToExec, keycloakProvisionCommand, "create realm, client and user", deployContext.CheCluster.Namespace) return err } diff --git a/pkg/deploy/deployment_postgres.go b/pkg/deploy/deployment_postgres.go index 2ea1215348..aa2d7bc4df 100644 --- a/pkg/deploy/deployment_postgres.go +++ b/pkg/deploy/deployment_postgres.go @@ -12,13 +12,11 @@ package deploy import ( - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) @@ -30,35 +28,35 @@ var ( postgresAdminPassword = util.GeneratePasswd(12) ) -func SyncPostgresDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus { - clusterDeployment, err := getClusterDeployment(PostgresDeploymentName, checluster.Namespace, clusterAPI.Client) +func SyncPostgresDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus { + clusterDeployment, err := getClusterDeployment(PostgresDeploymentName, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - specDeployment, err := getSpecPostgresDeployment(checluster, clusterDeployment, clusterAPI.Scheme) + specDeployment, err := getSpecPostgresDeployment(deployContext, clusterDeployment) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI) + return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil) } -func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment *appsv1.Deployment, scheme *runtime.Scheme) (*appsv1.Deployment, error) { +func getSpecPostgresDeployment(deployContext *DeployContext, clusterDeployment *appsv1.Deployment) (*appsv1.Deployment, error) { isOpenShift, _, err := util.DetectOpenShift() if err != nil { return nil, err } terminationGracePeriodSeconds := int64(30) - labels := GetLabels(checluster, PostgresDeploymentName) - chePostgresDb := util.GetValue(checluster.Spec.Database.ChePostgresDb, "dbche") - postgresImage := util.GetValue(checluster.Spec.Database.PostgresImage, DefaultPostgresImage(checluster)) - pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Database.PostgresImagePullPolicy), DefaultPullPolicyFromDockerImage(postgresImage))) + labels := GetLabels(deployContext.CheCluster, PostgresDeploymentName) + chePostgresDb := util.GetValue(deployContext.CheCluster.Spec.Database.ChePostgresDb, "dbche") + postgresImage := util.GetValue(deployContext.CheCluster.Spec.Database.PostgresImage, DefaultPostgresImage(deployContext.CheCluster)) + pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Database.PostgresImagePullPolicy), DefaultPullPolicyFromDockerImage(postgresImage))) if clusterDeployment != nil { env := clusterDeployment.Spec.Template.Spec.Containers[0].Env @@ -77,7 +75,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment * }, ObjectMeta: metav1.ObjectMeta{ Name: "postgres", - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: appsv1.DeploymentSpec{ @@ -161,7 +159,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment * }, } - chePostgresSecret := checluster.Spec.Database.ChePostgresSecret + chePostgresSecret := deployContext.CheCluster.Spec.Database.ChePostgresSecret if len(chePostgresSecret) > 0 { deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{ @@ -189,10 +187,10 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment * deployment.Spec.Template.Spec.Containers[0].Env = append(deployment.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{ Name: "POSTGRESQL_USER", - Value: checluster.Spec.Database.ChePostgresUser, + Value: deployContext.CheCluster.Spec.Database.ChePostgresUser, }, corev1.EnvVar{ Name: "POSTGRESQL_PASSWORD", - Value: checluster.Spec.Database.ChePostgresPassword, + Value: deployContext.CheCluster.Spec.Database.ChePostgresPassword, }) } @@ -204,7 +202,7 @@ func getSpecPostgresDeployment(checluster *orgv1.CheCluster, clusterDeployment * } } if !util.IsTestMode() { - err = controllerutil.SetControllerReference(checluster, deployment, scheme) + err = controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/deployment_registry.go b/pkg/deploy/deployment_registry.go index 34ffcf6172..c81af2bfe7 100644 --- a/pkg/deploy/deployment_registry.go +++ b/pkg/deploy/deployment_registry.go @@ -12,7 +12,6 @@ package deploy import ( - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -22,16 +21,16 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus { +func SyncPluginRegistryDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus { registryType := "plugin" - registryImage := util.GetValue(checluster.Spec.Server.PluginRegistryImage, DefaultPluginRegistryImage(checluster)) - registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage))) - registryMemoryLimit := util.GetValue(string(checluster.Spec.Server.PluginRegistryMemoryLimit), DefaultPluginRegistryMemoryLimit) - registryMemoryRequest := util.GetValue(string(checluster.Spec.Server.PluginRegistryMemoryRequest), DefaultPluginRegistryMemoryRequest) + registryImage := util.GetValue(deployContext.CheCluster.Spec.Server.PluginRegistryImage, DefaultPluginRegistryImage(deployContext.CheCluster)) + registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage))) + registryMemoryLimit := util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryMemoryLimit), DefaultPluginRegistryMemoryLimit) + registryMemoryRequest := util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryMemoryRequest), DefaultPluginRegistryMemoryRequest) probePath := "/v3/plugins/" pluginImagesEnv := util.GetEnvByRegExp("^.*plugin_registry_image.*$") - clusterDeployment, err := getClusterDeployment(PluginRegistry, checluster.Namespace, clusterAPI.Client) + clusterDeployment, err := getClusterDeployment(PluginRegistry, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, @@ -39,15 +38,14 @@ func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluster } specDeployment, err := getSpecRegistryDeployment( - checluster, + deployContext, registryType, registryImage, pluginImagesEnv, registryImagePullPolicy, registryMemoryLimit, registryMemoryRequest, - probePath, - clusterAPI) + probePath) if err != nil { return DeploymentProvisioningStatus{ @@ -55,19 +53,19 @@ func SyncPluginRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluster } } - return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI) + return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil) } -func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) DeploymentProvisioningStatus { +func SyncDevfileRegistryDeploymentToCluster(deployContext *DeployContext) DeploymentProvisioningStatus { registryType := "devfile" - registryImage := util.GetValue(checluster.Spec.Server.DevfileRegistryImage, DefaultDevfileRegistryImage(checluster)) - registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage))) - registryMemoryLimit := util.GetValue(string(checluster.Spec.Server.DevfileRegistryMemoryLimit), DefaultDevfileRegistryMemoryLimit) - registryMemoryRequest := util.GetValue(string(checluster.Spec.Server.DevfileRegistryMemoryRequest), DefaultDevfileRegistryMemoryRequest) + registryImage := util.GetValue(deployContext.CheCluster.Spec.Server.DevfileRegistryImage, DefaultDevfileRegistryImage(deployContext.CheCluster)) + registryImagePullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.PluginRegistryPullPolicy), DefaultPullPolicyFromDockerImage(registryImage))) + registryMemoryLimit := util.GetValue(string(deployContext.CheCluster.Spec.Server.DevfileRegistryMemoryLimit), DefaultDevfileRegistryMemoryLimit) + registryMemoryRequest := util.GetValue(string(deployContext.CheCluster.Spec.Server.DevfileRegistryMemoryRequest), DefaultDevfileRegistryMemoryRequest) probePath := "/devfiles/" devfileImagesEnv := util.GetEnvByRegExp("^.*devfile_registry_image.*$") - clusterDeployment, err := getClusterDeployment(DevfileRegistry, checluster.Namespace, clusterAPI.Client) + clusterDeployment, err := getClusterDeployment(DevfileRegistry, deployContext.CheCluster.Namespace, deployContext.ClusterAPI.Client) if err != nil { return DeploymentProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, @@ -75,15 +73,14 @@ func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluste } specDeployment, err := getSpecRegistryDeployment( - checluster, + deployContext, registryType, registryImage, devfileImagesEnv, registryImagePullPolicy, registryMemoryLimit, registryMemoryRequest, - probePath, - clusterAPI) + probePath) if err != nil { return DeploymentProvisioningStatus{ @@ -91,23 +88,22 @@ func SyncDevfileRegistryDeploymentToCluster(checluster *orgv1.CheCluster, cluste } } - return SyncDeploymentToCluster(checluster, specDeployment, clusterDeployment, nil, nil, clusterAPI) + return SyncDeploymentToCluster(deployContext, specDeployment, clusterDeployment, nil, nil) } func getSpecRegistryDeployment( - checluster *orgv1.CheCluster, + deployContext *DeployContext, registryType string, registryImage string, env []corev1.EnvVar, registryImagePullPolicy corev1.PullPolicy, registryMemoryLimit string, registryMemoryRequest string, - probePath string, - clusterAPI ClusterAPI) (*appsv1.Deployment, error) { + probePath string) (*appsv1.Deployment, error) { terminationGracePeriodSeconds := int64(30) name := registryType + "-registry" - labels := GetLabels(checluster, name) + labels := GetLabels(deployContext.CheCluster, name) _25Percent := intstr.FromString("25%") _1 := int32(1) _2 := int32(2) @@ -119,7 +115,7 @@ func getSpecRegistryDeployment( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: appsv1.DeploymentSpec{ @@ -213,7 +209,7 @@ func getSpecRegistryDeployment( } if !util.IsTestMode() { - err := controllerutil.SetControllerReference(checluster, deployment, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, deployment, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/devfile_registry.go b/pkg/deploy/devfile_registry.go index 6e607a69c7..615630c433 100644 --- a/pkg/deploy/devfile_registry.go +++ b/pkg/deploy/devfile_registry.go @@ -33,12 +33,12 @@ const ( /** * Create devfile registry resources unless an external registry is used. */ -func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (bool, error) { - devfileRegistryURL := checluster.Spec.Server.DevfileRegistryUrl - if !checluster.Spec.Server.ExternalDevfileRegistry { +func SyncDevfileRegistryToCluster(deployContext *DeployContext) (bool, error) { + devfileRegistryURL := deployContext.CheCluster.Spec.Server.DevfileRegistryUrl + if !deployContext.CheCluster.Spec.Server.ExternalDevfileRegistry { var host string if !util.IsOpenShift { - ingress, err := SyncIngressToCluster(checluster, DevfileRegistry, "", DevfileRegistry, 8080, clusterAPI) + ingress, err := SyncIngressToCluster(deployContext, DevfileRegistry, "", DevfileRegistry, 8080) if !util.IsTestMode() { if ingress == nil { logrus.Infof("Waiting on ingress '%s' to be ready", DevfileRegistry) @@ -49,14 +49,14 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust } } - ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) + ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) if ingressStrategy == "multi-host" { - host = DevfileRegistry + "-" + checluster.Namespace + "." + checluster.Spec.K8s.IngressDomain + host = DevfileRegistry + "-" + deployContext.CheCluster.Namespace + "." + deployContext.CheCluster.Spec.K8s.IngressDomain } else { - host = checluster.Spec.K8s.IngressDomain + "/" + DevfileRegistry + host = deployContext.CheCluster.Spec.K8s.IngressDomain + "/" + DevfileRegistry } } else { - route, err := SyncRouteToCluster(checluster, DevfileRegistry, "", DevfileRegistry, 8080, clusterAPI) + route, err := SyncRouteToCluster(deployContext, DevfileRegistry, "", DevfileRegistry, 8080) if !util.IsTestMode() { if route == nil { logrus.Infof("Waiting on route '%s' to be ready", DevfileRegistry) @@ -74,27 +74,27 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust } if devfileRegistryURL == "" { - if checluster.Spec.Server.TlsSupport { + if deployContext.CheCluster.Spec.Server.TlsSupport { devfileRegistryURL = "https://" + host } else { devfileRegistryURL = "http://" + host } } - configMapData := getDevfileRegistryConfigMapData(checluster, devfileRegistryURL) - configMapSpec, err := GetSpecConfigMap(checluster, DevfileRegistry, configMapData, clusterAPI) + configMapData := getDevfileRegistryConfigMapData(deployContext.CheCluster, devfileRegistryURL) + configMapSpec, err := GetSpecConfigMap(deployContext, DevfileRegistry, configMapData) if err != nil { return false, err } - configMap, err := SyncConfigMapToCluster(checluster, configMapSpec, clusterAPI) + configMap, err := SyncConfigMapToCluster(deployContext, configMapSpec) if configMap == nil { return false, err } // Create a new registry service - registryLabels := GetLabels(checluster, DevfileRegistry) - serviceStatus := SyncServiceToCluster(checluster, DevfileRegistry, []string{"http"}, []int32{8080}, registryLabels, clusterAPI) + registryLabels := GetLabels(deployContext.CheCluster, DevfileRegistry) + serviceStatus := SyncServiceToCluster(deployContext, DevfileRegistry, []string{"http"}, []int32{8080}, registryLabels) if !util.IsTestMode() { if !serviceStatus.Continue { logrus.Info("Waiting on service '" + DevfileRegistry + "' to be ready") @@ -107,7 +107,7 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust } // Deploy devfile registry - deploymentStatus := SyncDevfileRegistryDeploymentToCluster(checluster, clusterAPI) + deploymentStatus := SyncDevfileRegistryDeploymentToCluster(deployContext) if !util.IsTestMode() { if !deploymentStatus.Continue { logrus.Info("Waiting on deployment '" + DevfileRegistry + "' to be ready") @@ -120,9 +120,9 @@ func SyncDevfileRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Clust } } - if devfileRegistryURL != checluster.Status.DevfileRegistryURL { - checluster.Status.DevfileRegistryURL = devfileRegistryURL - if err := UpdateCheCRStatus(checluster, "status: Devfile Registry URL", devfileRegistryURL, clusterAPI); err != nil { + if devfileRegistryURL != deployContext.CheCluster.Status.DevfileRegistryURL { + deployContext.CheCluster.Status.DevfileRegistryURL = devfileRegistryURL + if err := UpdateCheCRStatus(deployContext, "status: Devfile Registry URL", devfileRegistryURL); err != nil { return false, err } } diff --git a/pkg/deploy/ingress.go b/pkg/deploy/ingress.go index 3460555e0a..3df2f30a46 100644 --- a/pkg/deploy/ingress.go +++ b/pkg/deploy/ingress.go @@ -15,7 +15,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" @@ -34,26 +33,25 @@ var ingressDiffOpts = cmp.Options{ } func SyncIngressToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, host string, serviceName string, - servicePort int, - clusterAPI ClusterAPI) (*v1beta1.Ingress, error) { + servicePort int) (*v1beta1.Ingress, error) { - specIngress, err := getSpecIngress(checluster, name, host, serviceName, servicePort, clusterAPI) + specIngress, err := getSpecIngress(deployContext, name, host, serviceName, servicePort) if err != nil { return nil, err } - clusterIngress, err := getClusterIngress(specIngress.Name, specIngress.Namespace, clusterAPI.Client) + clusterIngress, err := getClusterIngress(specIngress.Name, specIngress.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterIngress == nil { logrus.Infof("Creating a new object: %s, name %s", specIngress.Kind, specIngress.Name) - err := clusterAPI.Client.Create(context.TODO(), specIngress) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specIngress) return nil, err } @@ -62,12 +60,12 @@ func SyncIngressToCluster( logrus.Infof("Updating existed object: %s, name: %s", clusterIngress.Kind, clusterIngress.Name) fmt.Printf("Difference:\n%s", diff) - err := clusterAPI.Client.Delete(context.TODO(), clusterIngress) + err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterIngress) if err != nil { return nil, err } - err = clusterAPI.Client.Create(context.TODO(), specIngress) + err = deployContext.ClusterAPI.Client.Create(context.TODO(), specIngress) return nil, err } @@ -91,33 +89,32 @@ func getClusterIngress(name string, namespace string, client runtimeClient.Clien } func getSpecIngress( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, host string, serviceName string, - servicePort int, - clusterAPI ClusterAPI) (*v1beta1.Ingress, error) { + servicePort int) (*v1beta1.Ingress, error) { - tlsSupport := checluster.Spec.Server.TlsSupport - ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) - ingressDomain := checluster.Spec.K8s.IngressDomain - ingressClass := util.GetValue(checluster.Spec.K8s.IngressClass, DefaultIngressClass) - labels := GetLabels(checluster, name) + tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport + ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) + ingressDomain := deployContext.CheCluster.Spec.K8s.IngressDomain + ingressClass := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressClass, DefaultIngressClass) + labels := GetLabels(deployContext.CheCluster, name) if host == "" { if ingressStrategy == "multi-host" { - host = name + "-" + checluster.Namespace + "." + ingressDomain + host = name + "-" + deployContext.CheCluster.Namespace + "." + ingressDomain } else if ingressStrategy == "single-host" { host = ingressDomain } } tls := "false" - tlsSecretName := util.GetValue(checluster.Spec.K8s.TlsSecretName, "che-tls") + tlsSecretName := util.GetValue(deployContext.CheCluster.Spec.K8s.TlsSecretName, "che-tls") if tlsSupport { tls = "true" - if name == DefaultCheFlavor(checluster) && checluster.Spec.Server.CheHostTLSSecret != "" { - tlsSecretName = checluster.Spec.Server.CheHostTLSSecret + if name == DefaultCheFlavor(deployContext.CheCluster) && deployContext.CheCluster.Spec.Server.CheHostTLSSecret != "" { + tlsSecretName = deployContext.CheCluster.Spec.Server.CheHostTLSSecret } } @@ -150,7 +147,7 @@ func getSpecIngress( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, Annotations: annotations, }, @@ -188,7 +185,7 @@ func getSpecIngress( } } - err := controllerutil.SetControllerReference(checluster, ingress, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, ingress, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/job.go b/pkg/deploy/job.go index bdbf3fcd3f..3d68dbeba4 100644 --- a/pkg/deploy/job.go +++ b/pkg/deploy/job.go @@ -16,7 +16,6 @@ import ( "fmt" "reflect" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" @@ -52,27 +51,26 @@ var ( ) func SyncJobToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, component string, image string, serviceAccountName string, - env map[string]string, - clusterAPI ClusterAPI) (*batchv1.Job, error) { + env map[string]string) (*batchv1.Job, error) { - specJob, err := getSpecJob(checluster, name, component, image, serviceAccountName, env, clusterAPI) + specJob, err := getSpecJob(deployContext, name, component, image, serviceAccountName, env) if err != nil { return nil, err } - clusterJob, err := getClusterJob(specJob.Name, specJob.Namespace, clusterAPI) + clusterJob, err := getClusterJob(specJob.Name, specJob.Namespace, deployContext.ClusterAPI) if err != nil { return nil, err } if clusterJob == nil { logrus.Infof("Creating a new object: %s, name %s", specJob.Kind, specJob.Name) - err := clusterAPI.Client.Create(context.TODO(), specJob) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specJob) return nil, err } @@ -81,11 +79,11 @@ func SyncJobToCluster( logrus.Infof("Updating existed object: %s, name: %s", clusterJob.Kind, clusterJob.Name) fmt.Printf("Difference:\n%s", diff) - if err := clusterAPI.Client.Delete(context.TODO(), clusterJob); err != nil { + if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterJob); err != nil { return nil, err } - err := clusterAPI.Client.Create(context.TODO(), specJob) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specJob) return nil, err } @@ -94,14 +92,13 @@ func SyncJobToCluster( // GetSpecJob creates new job configuration by given parameters. func getSpecJob( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, component string, image string, serviceAccountName string, - env map[string]string, - clusterAPI ClusterAPI) (*batchv1.Job, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) + env map[string]string) (*batchv1.Job, error) { + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) labels["component"] = component backoffLimit := int32(3) @@ -109,7 +106,7 @@ func getSpecJob( comletions := int32(1) terminationGracePeriodSeconds := int64(30) ttlSecondsAfterFinished := int32(30) - pullPolicy := corev1.PullPolicy(util.GetValue(string(checluster.Spec.Server.CheImagePullPolicy), "IfNotPresent")) + pullPolicy := corev1.PullPolicy(util.GetValue(string(deployContext.CheCluster.Spec.Server.CheImagePullPolicy), "IfNotPresent")) var jobEnvVars []corev1.EnvVar for envVarName, envVarValue := range env { @@ -123,7 +120,7 @@ func getSpecJob( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: batchv1.JobSpec{ @@ -153,7 +150,7 @@ func getSpecJob( }, } - if err := controllerutil.SetControllerReference(checluster, job, clusterAPI.Scheme); err != nil { + if err := controllerutil.SetControllerReference(deployContext.CheCluster, job, deployContext.ClusterAPI.Scheme); err != nil { return nil, err } diff --git a/pkg/deploy/plugin_registry.go b/pkg/deploy/plugin_registry.go index 1a44f2d48b..7895c93816 100644 --- a/pkg/deploy/plugin_registry.go +++ b/pkg/deploy/plugin_registry.go @@ -33,12 +33,12 @@ const ( /** * Create plugin registry resources unless an external registry is used. */ -func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (bool, error) { - pluginRegistryURL := checluster.Spec.Server.PluginRegistryUrl - if !checluster.Spec.Server.ExternalPluginRegistry { +func SyncPluginRegistryToCluster(deployContext *DeployContext) (bool, error) { + pluginRegistryURL := deployContext.CheCluster.Spec.Server.PluginRegistryUrl + if !deployContext.CheCluster.Spec.Server.ExternalPluginRegistry { var host string if !util.IsOpenShift { - ingress, err := SyncIngressToCluster(checluster, PluginRegistry, "", PluginRegistry, 8080, clusterAPI) + ingress, err := SyncIngressToCluster(deployContext, PluginRegistry, "", PluginRegistry, 8080) if !util.IsTestMode() { if ingress == nil { logrus.Infof("Waiting on ingress '%s' to be ready", PluginRegistry) @@ -49,14 +49,14 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste } } - ingressStrategy := util.GetValue(checluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) + ingressStrategy := util.GetValue(deployContext.CheCluster.Spec.K8s.IngressStrategy, DefaultIngressStrategy) if ingressStrategy == "multi-host" { - host = PluginRegistry + "-" + checluster.Namespace + "." + checluster.Spec.K8s.IngressDomain + host = PluginRegistry + "-" + deployContext.CheCluster.Namespace + "." + deployContext.CheCluster.Spec.K8s.IngressDomain } else { - host = checluster.Spec.K8s.IngressDomain + "/" + PluginRegistry + host = deployContext.CheCluster.Spec.K8s.IngressDomain + "/" + PluginRegistry } } else { - route, err := SyncRouteToCluster(checluster, PluginRegistry, "", PluginRegistry, 8080, clusterAPI) + route, err := SyncRouteToCluster(deployContext, PluginRegistry, "", PluginRegistry, 8080) if !util.IsTestMode() { if route == nil { logrus.Infof("Waiting on route '%s' to be ready", PluginRegistry) @@ -74,29 +74,29 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste } if pluginRegistryURL == "" { - if checluster.Spec.Server.TlsSupport { + if deployContext.CheCluster.Spec.Server.TlsSupport { pluginRegistryURL = "https://" + host + "/v3" } else { pluginRegistryURL = "http://" + host + "/v3" } } - if checluster.IsAirGapMode() { - configMapData := getPluginRegistryConfigMapData(checluster) - configMapSpec, err := GetSpecConfigMap(checluster, PluginRegistry, configMapData, clusterAPI) + if deployContext.CheCluster.IsAirGapMode() { + configMapData := getPluginRegistryConfigMapData(deployContext.CheCluster) + configMapSpec, err := GetSpecConfigMap(deployContext, PluginRegistry, configMapData) if err != nil { return false, err } - configMap, err := SyncConfigMapToCluster(checluster, configMapSpec, clusterAPI) + configMap, err := SyncConfigMapToCluster(deployContext, configMapSpec) if configMap == nil { return false, err } } // Create a new registry service - registryLabels := GetLabels(checluster, PluginRegistry) - serviceStatus := SyncServiceToCluster(checluster, PluginRegistry, []string{"http"}, []int32{8080}, registryLabels, clusterAPI) + registryLabels := GetLabels(deployContext.CheCluster, PluginRegistry) + serviceStatus := SyncServiceToCluster(deployContext, PluginRegistry, []string{"http"}, []int32{8080}, registryLabels) if !util.IsTestMode() { if !serviceStatus.Continue { logrus.Info("Waiting on service '" + PluginRegistry + "' to be ready") @@ -109,7 +109,7 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste } // Deploy plugin registry - deploymentStatus := SyncPluginRegistryDeploymentToCluster(checluster, clusterAPI) + deploymentStatus := SyncPluginRegistryDeploymentToCluster(deployContext) if !util.IsTestMode() { if !deploymentStatus.Continue { logrus.Info("Waiting on deployment '" + PluginRegistry + "' to be ready") @@ -122,9 +122,9 @@ func SyncPluginRegistryToCluster(checluster *orgv1.CheCluster, clusterAPI Cluste } } - if pluginRegistryURL != checluster.Status.PluginRegistryURL { - checluster.Status.PluginRegistryURL = pluginRegistryURL - if err := UpdateCheCRStatus(checluster, "status: Plugin Registry URL", pluginRegistryURL, clusterAPI); err != nil { + if pluginRegistryURL != deployContext.CheCluster.Status.PluginRegistryURL { + deployContext.CheCluster.Status.PluginRegistryURL = pluginRegistryURL + if err := UpdateCheCRStatus(deployContext, "status: Plugin Registry URL", pluginRegistryURL); err != nil { return false, err } } diff --git a/pkg/deploy/proxy.go b/pkg/deploy/proxy.go index 779a6df0a3..37784d6375 100644 --- a/pkg/deploy/proxy.go +++ b/pkg/deploy/proxy.go @@ -150,11 +150,11 @@ func removeProtocolPrefix(url string) string { return url } -func ConfigureProxy(instance *orgv1.CheCluster, transport *http.Transport, proxy *Proxy) { +func ConfigureProxy(deployContext *DeployContext, transport *http.Transport) { config := httpproxy.Config{ - HTTPProxy: proxy.HttpProxy, - HTTPSProxy: proxy.HttpsProxy, - NoProxy: proxy.NoProxy, + HTTPProxy: deployContext.Proxy.HttpProxy, + HTTPSProxy: deployContext.Proxy.HttpsProxy, + NoProxy: deployContext.Proxy.NoProxy, } proxyFunc := config.ProxyFunc() transport.Proxy = func(r *http.Request) (*url.URL, error) { diff --git a/pkg/deploy/pvc.go b/pkg/deploy/pvc.go index c91ef35999..a752079bd4 100644 --- a/pkg/deploy/pvc.go +++ b/pkg/deploy/pvc.go @@ -16,7 +16,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" "github.com/sirupsen/logrus" @@ -24,7 +23,6 @@ import ( "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" @@ -43,20 +41,19 @@ var pvcDiffOpts = cmp.Options{ } func SyncPVCToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, claimSize string, - labels map[string]string, - clusterAPI ClusterAPI) PVCProvisioningStatus { + labels map[string]string) PVCProvisioningStatus { - specPVC, err := getSpecPVC(checluster, name, claimSize, labels, clusterAPI.Scheme) + specPVC, err := getSpecPVC(deployContext, name, claimSize, labels) if err != nil { return PVCProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - clusterPVC, err := getClusterPVC(specPVC.Name, specPVC.Namespace, clusterAPI.Client) + clusterPVC, err := getClusterPVC(specPVC.Name, specPVC.Namespace, deployContext.ClusterAPI.Client) if err != nil { return PVCProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, @@ -65,7 +62,7 @@ func SyncPVCToCluster( if clusterPVC == nil { logrus.Infof("Creating a new object: %s, name %s", specPVC.Kind, specPVC.Name) - err := clusterAPI.Client.Create(context.TODO(), specPVC) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specPVC) return PVCProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -76,7 +73,7 @@ func SyncPVCToCluster( logrus.Infof("Updating existed object: %s, name: %s", clusterPVC.Kind, clusterPVC.Name) fmt.Printf("Difference:\n%s", diff) clusterPVC.Spec = specPVC.Spec - err := clusterAPI.Client.Update(context.TODO(), clusterPVC) + err := deployContext.ClusterAPI.Client.Update(context.TODO(), clusterPVC) return PVCProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -91,11 +88,10 @@ func SyncPVCToCluster( } func getSpecPVC( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, claimSize string, - labels map[string]string, - scheme *runtime.Scheme) (*corev1.PersistentVolumeClaim, error) { + labels map[string]string) (*corev1.PersistentVolumeClaim, error) { accessModes := []corev1.PersistentVolumeAccessMode{ corev1.ReadWriteOnce, @@ -108,10 +104,10 @@ func getSpecPVC( AccessModes: accessModes, Resources: resources, } - if len(checluster.Spec.Storage.PostgresPVCStorageClassName) > 1 { + if len(deployContext.CheCluster.Spec.Storage.PostgresPVCStorageClassName) > 1 { pvcSpec = corev1.PersistentVolumeClaimSpec{ AccessModes: accessModes, - StorageClassName: &checluster.Spec.Storage.PostgresPVCStorageClassName, + StorageClassName: &deployContext.CheCluster.Spec.Storage.PostgresPVCStorageClassName, Resources: resources, } } @@ -123,13 +119,13 @@ func getSpecPVC( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: pvcSpec, } - err := controllerutil.SetControllerReference(checluster, pvc, scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, pvc, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/role.go b/pkg/deploy/role.go index c98786dbaf..574b71ab1b 100644 --- a/pkg/deploy/role.go +++ b/pkg/deploy/role.go @@ -14,7 +14,6 @@ package deploy import ( "context" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/sirupsen/logrus" rbac "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" @@ -25,25 +24,24 @@ import ( ) func SyncRoleToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, resources []string, - verbs []string, - clusterAPI ClusterAPI) (*rbac.Role, error) { + verbs []string) (*rbac.Role, error) { - specRole, err := getSpecRole(checluster, name, resources, verbs, clusterAPI) + specRole, err := getSpecRole(deployContext, name, resources, verbs) if err != nil { return nil, err } - clusterRole, err := getClusterRole(specRole.Name, specRole.Namespace, clusterAPI.Client) + clusterRole, err := getClusterRole(specRole.Name, specRole.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterRole == nil { logrus.Infof("Creating a new object: %s, name %s", specRole.Kind, specRole.Name) - err := clusterAPI.Client.Create(context.TODO(), specRole) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRole) return nil, err } @@ -66,8 +64,8 @@ func getClusterRole(name string, namespace string, client runtimeClient.Client) return role, nil } -func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string, verbs []string, clusterAPI ClusterAPI) (*rbac.Role, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) +func getSpecRole(deployContext *DeployContext, name string, resources []string, verbs []string) (*rbac.Role, error) { + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) role := &rbac.Role{ TypeMeta: metav1.TypeMeta{ Kind: "Role", @@ -75,7 +73,7 @@ func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string, }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Rules: []rbac.PolicyRule{ @@ -89,7 +87,7 @@ func getSpecRole(checluster *orgv1.CheCluster, name string, resources []string, }, } - err := controllerutil.SetControllerReference(checluster, role, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, role, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/rolebinding.go b/pkg/deploy/rolebinding.go index cd1c26cca8..4cc377f0fd 100644 --- a/pkg/deploy/rolebinding.go +++ b/pkg/deploy/rolebinding.go @@ -14,7 +14,6 @@ package deploy import ( "context" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/sirupsen/logrus" rbac "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" @@ -25,26 +24,25 @@ import ( ) func SyncRoleBindingToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, serviceAccountName string, roleName string, - roleKind string, - clusterAPI ClusterAPI) (*rbac.RoleBinding, error) { + roleKind string) (*rbac.RoleBinding, error) { - specRB, err := getSpecRoleBinding(checluster, name, serviceAccountName, roleName, roleKind, clusterAPI) + specRB, err := getSpecRoleBinding(deployContext, name, serviceAccountName, roleName, roleKind) if err != nil { return nil, err } - clusterRB, err := getClusterRoleBiding(specRB.Name, specRB.Namespace, clusterAPI.Client) + clusterRB, err := getClusterRoleBiding(specRB.Name, specRB.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterRB == nil { logrus.Infof("Creating a new object: %s, name %s", specRB.Kind, specRB.Name) - err := clusterAPI.Client.Create(context.TODO(), specRB) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRB) return nil, err } @@ -68,14 +66,13 @@ func getClusterRoleBiding(name string, namespace string, client runtimeClient.Cl } func getSpecRoleBinding( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, serviceAccountName string, roleName string, - roleKind string, - clusterAPI ClusterAPI) (*rbac.RoleBinding, error) { + roleKind string) (*rbac.RoleBinding, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) roleBinding := &rbac.RoleBinding{ TypeMeta: metav1.TypeMeta{ Kind: "RoleBinding", @@ -83,14 +80,14 @@ func getSpecRoleBinding( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Subjects: []rbac.Subject{ { Kind: rbac.ServiceAccountKind, Name: serviceAccountName, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, }, }, RoleRef: rbac.RoleRef{ @@ -100,7 +97,7 @@ func getSpecRoleBinding( }, } - err := controllerutil.SetControllerReference(checluster, roleBinding, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, roleBinding, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/route.go b/pkg/deploy/route.go index bc9b9eba89..69f7b69fcc 100644 --- a/pkg/deploy/route.go +++ b/pkg/deploy/route.go @@ -15,7 +15,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" routev1 "github.com/openshift/api/route/v1" @@ -39,26 +38,25 @@ var routeWithHostDiffOpts = cmp.Options{ } func SyncRouteToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, host string, serviceName string, - servicePort int32, - clusterAPI ClusterAPI) (*routev1.Route, error) { + servicePort int32) (*routev1.Route, error) { - specRoute, err := GetSpecRoute(checluster, name, host, serviceName, servicePort, clusterAPI) + specRoute, err := GetSpecRoute(deployContext, name, host, serviceName, servicePort) if err != nil { return nil, err } - clusterRoute, err := GetClusterRoute(specRoute.Name, specRoute.Namespace, clusterAPI.Client) + clusterRoute, err := GetClusterRoute(specRoute.Name, specRoute.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterRoute == nil { logrus.Infof("Creating a new object: %s, name %s", specRoute.Kind, specRoute.Name) - err := clusterAPI.Client.Create(context.TODO(), specRoute) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specRoute) if !errors.IsAlreadyExists(err) { return nil, err } @@ -74,12 +72,12 @@ func SyncRouteToCluster( logrus.Infof("Updating existed object: %s, name: %s", clusterRoute.Kind, clusterRoute.Name) fmt.Printf("Difference:\n%s", diff) - err := clusterAPI.Client.Delete(context.TODO(), clusterRoute) + err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterRoute) if err != nil { return nil, err } - err = clusterAPI.Client.Create(context.TODO(), specRoute) + err = deployContext.ClusterAPI.Client.Create(context.TODO(), specRoute) return nil, err } @@ -105,19 +103,18 @@ func GetClusterRoute(name string, namespace string, client runtimeClient.Client) // GetSpecRoute returns default configuration of a route in Che namespace. func GetSpecRoute( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, host string, serviceName string, - servicePort int32, - clusterAPI ClusterAPI) (*routev1.Route, error) { + servicePort int32) (*routev1.Route, error) { - tlsSupport := checluster.Spec.Server.TlsSupport - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) + tlsSupport := deployContext.CheCluster.Spec.Server.TlsSupport + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) weight := int32(100) if name == "keycloak" { - labels = GetLabels(checluster, name) + labels = GetLabels(deployContext.CheCluster, name) } targetPort := intstr.IntOrString{ Type: intstr.Int, @@ -130,7 +127,7 @@ func GetSpecRoute( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, } @@ -153,13 +150,13 @@ func GetSpecRoute( Termination: routev1.TLSTerminationEdge, } - if name == DefaultCheFlavor(checluster) && checluster.Spec.Server.CheHostTLSSecret != "" { + if name == DefaultCheFlavor(deployContext.CheCluster) && deployContext.CheCluster.Spec.Server.CheHostTLSSecret != "" { secret := &corev1.Secret{} namespacedName := types.NamespacedName{ - Namespace: checluster.Namespace, - Name: checluster.Spec.Server.CheHostTLSSecret, + Namespace: deployContext.CheCluster.Namespace, + Name: deployContext.CheCluster.Spec.Server.CheHostTLSSecret, } - if err := clusterAPI.Client.Get(context.TODO(), namespacedName, secret); err != nil { + if err := deployContext.ClusterAPI.Client.Get(context.TODO(), namespacedName, secret); err != nil { return nil, err } @@ -168,7 +165,7 @@ func GetSpecRoute( } } - err := controllerutil.SetControllerReference(checluster, route, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, route, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/secret.go b/pkg/deploy/secret.go index c39825ee6c..49bc7d5d01 100644 --- a/pkg/deploy/secret.go +++ b/pkg/deploy/secret.go @@ -17,7 +17,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" "github.com/sirupsen/logrus" @@ -33,24 +32,23 @@ var secretDiffOpts = cmp.Options{ // SyncSecretToCluster applies secret into cluster func SyncSecretToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, - data map[string][]byte, - clusterAPI ClusterAPI) (*corev1.Secret, error) { + data map[string][]byte) (*corev1.Secret, error) { - specSecret, err := GetSpecSecret(checluster, name, data, clusterAPI) + specSecret, err := GetSpecSecret(deployContext, name, data) if err != nil { return nil, err } - clusterSecret, err := GetClusterSecret(specSecret.Name, specSecret.Namespace, clusterAPI) + clusterSecret, err := GetClusterSecret(specSecret.Name, specSecret.Namespace, deployContext.ClusterAPI) if err != nil { return nil, err } if clusterSecret == nil { logrus.Infof("Creating a new object: %s, name %s", specSecret.Kind, specSecret.Name) - err := clusterAPI.Client.Create(context.TODO(), specSecret) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specSecret) return specSecret, err } @@ -59,12 +57,12 @@ func SyncSecretToCluster( logrus.Infof("Updating existed object: %s, name: %s", clusterSecret.Kind, clusterSecret.Name) fmt.Printf("Difference:\n%s", diff) - err := clusterAPI.Client.Delete(context.TODO(), clusterSecret) + err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterSecret) if err != nil { return nil, err } - err = clusterAPI.Client.Create(context.TODO(), specSecret) + err = deployContext.ClusterAPI.Client.Create(context.TODO(), specSecret) if err != nil { return nil, err } @@ -91,8 +89,8 @@ func GetClusterSecret(name string, namespace string, clusterAPI ClusterAPI) (*co } // GetSpecSecret return default secret config for given data -func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][]byte, clusterAPI ClusterAPI) (*corev1.Secret, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) +func GetSpecSecret(deployContext *DeployContext, name string, data map[string][]byte) (*corev1.Secret, error) { + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) secret := &corev1.Secret{ TypeMeta: metav1.TypeMeta{ Kind: "Secret", @@ -100,13 +98,13 @@ func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][] }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Data: data, } - err := controllerutil.SetControllerReference(checluster, secret, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, secret, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } @@ -117,16 +115,16 @@ func GetSpecSecret(checluster *orgv1.CheCluster, name string, data map[string][] // CreateTLSSecretFromRoute creates TLS secret with given name which contains certificates obtained from give url. // If the url is empty string, then router certificate will be obtained. // Works only on Openshift family infrastructures. -func CreateTLSSecretFromRoute(checluster *orgv1.CheCluster, url string, name string, proxy *Proxy, clusterAPI ClusterAPI) (err error) { +func CreateTLSSecretFromRoute(deployContext *DeployContext, url string, name string) (err error) { secret := &corev1.Secret{} - if err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: checluster.Namespace}, secret); err != nil && errors.IsNotFound(err) { - crtBytes, err := GetEndpointTLSCrtBytes(checluster, url, proxy, clusterAPI) + if err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: deployContext.CheCluster.Namespace}, secret); err != nil && errors.IsNotFound(err) { + crtBytes, err := GetEndpointTLSCrtBytes(deployContext, url) if err != nil { logrus.Errorf("Failed to extract certificate for secret %s. Failed to create a secret with a self signed crt: %s", name, err) return err } - secret, err = SyncSecretToCluster(checluster, name, map[string][]byte{"ca.crt": crtBytes}, clusterAPI) + secret, err = SyncSecretToCluster(deployContext, name, map[string][]byte{"ca.crt": crtBytes}) if err != nil { return err } diff --git a/pkg/deploy/service.go b/pkg/deploy/service.go index 15de5f95de..41ef4bc7e8 100644 --- a/pkg/deploy/service.go +++ b/pkg/deploy/service.go @@ -16,7 +16,6 @@ import ( "context" "fmt" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" @@ -41,58 +40,54 @@ var portsDiffOpts = cmp.Options{ cmpopts.IgnoreFields(corev1.ServicePort{}, "TargetPort", "NodePort"), } -func SyncCheServiceToCluster(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) ServiceProvisioningStatus { - specService, err := GetSpecCheService(checluster, clusterAPI) +func SyncCheServiceToCluster(deployContext *DeployContext) ServiceProvisioningStatus { + specService, err := GetSpecCheService(deployContext) if err != nil { return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - return doSyncServiceToCluster(checluster, specService, clusterAPI) + return doSyncServiceToCluster(deployContext, specService) } -func GetSpecCheService(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (*corev1.Service, error) { +func GetSpecCheService(deployContext *DeployContext) (*corev1.Service, error) { portName := []string{"http"} portNumber := []int32{8080} - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) - if checluster.Spec.Metrics.Enable { + if deployContext.CheCluster.Spec.Metrics.Enable { portName = append(portName, "metrics") portNumber = append(portNumber, DefaultCheMetricsPort) } - if checluster.Spec.Server.CheDebug == "true" { + if deployContext.CheCluster.Spec.Server.CheDebug == "true" { portName = append(portName, "debug") portNumber = append(portNumber, DefaultCheDebugPort) } - return getSpecService(checluster, CheServiceHame, portName, portNumber, labels, clusterAPI) + return getSpecService(deployContext, CheServiceHame, portName, portNumber, labels) } func SyncServiceToCluster( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, portName []string, portNumber []int32, - labels map[string]string, - clusterAPI ClusterAPI) ServiceProvisioningStatus { - specService, err := getSpecService(checluster, name, portName, portNumber, labels, clusterAPI) + labels map[string]string) ServiceProvisioningStatus { + specService, err := getSpecService(deployContext, name, portName, portNumber, labels) if err != nil { return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, } } - return doSyncServiceToCluster(checluster, specService, clusterAPI) + return doSyncServiceToCluster(deployContext, specService) } -func doSyncServiceToCluster( - checluster *orgv1.CheCluster, - specService *corev1.Service, - clusterAPI ClusterAPI) ServiceProvisioningStatus { +func doSyncServiceToCluster(deployContext *DeployContext, specService *corev1.Service) ServiceProvisioningStatus { - clusterService, err := getClusterService(specService.Name, specService.Namespace, clusterAPI.Client) + clusterService, err := getClusterService(specService.Name, specService.Namespace, deployContext.ClusterAPI.Client) if err != nil { return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Err: err}, @@ -101,7 +96,7 @@ func doSyncServiceToCluster( if clusterService == nil { logrus.Infof("Creating a new object: %s, name %s", specService.Kind, specService.Name) - err := clusterAPI.Client.Create(context.TODO(), specService) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specService) return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -114,14 +109,14 @@ func doSyncServiceToCluster( fmt.Printf("Ports difference:\n%s", diffPorts) fmt.Printf("Selectors difference:\n%s", diffSelectors) - err := clusterAPI.Client.Delete(context.TODO(), clusterService) + err := deployContext.ClusterAPI.Client.Delete(context.TODO(), clusterService) if err != nil { return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } } - err = clusterAPI.Client.Create(context.TODO(), specService) + err = deployContext.ClusterAPI.Client.Create(context.TODO(), specService) return ServiceProvisioningStatus{ ProvisioningStatus: ProvisioningStatus{Requeue: true, Err: err}, } @@ -133,12 +128,11 @@ func doSyncServiceToCluster( } func getSpecService( - checluster *orgv1.CheCluster, + deployContext *DeployContext, name string, portName []string, portNumber []int32, - labels map[string]string, - clusterAPI ClusterAPI) (*corev1.Service, error) { + labels map[string]string) (*corev1.Service, error) { ports := []corev1.ServicePort{} for i := range portName { @@ -157,7 +151,7 @@ func getSpecService( }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, Spec: corev1.ServiceSpec{ @@ -167,7 +161,7 @@ func getSpecService( } if !util.IsTestMode() { - err := controllerutil.SetControllerReference(checluster, service, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, service, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/service_account.go b/pkg/deploy/service_account.go index abd7eb155f..4a7b09da25 100644 --- a/pkg/deploy/service_account.go +++ b/pkg/deploy/service_account.go @@ -14,7 +14,6 @@ package deploy import ( "context" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" @@ -24,20 +23,20 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" ) -func SyncServiceAccountToCluster(checluster *orgv1.CheCluster, name string, clusterAPI ClusterAPI) (*corev1.ServiceAccount, error) { - specSA, err := getSpecServiceAccount(checluster, name, clusterAPI) +func SyncServiceAccountToCluster(deployContext *DeployContext, name string) (*corev1.ServiceAccount, error) { + specSA, err := getSpecServiceAccount(deployContext, name) if err != nil { return nil, err } - clusterSA, err := getClusterServiceAccount(specSA.Name, specSA.Namespace, clusterAPI.Client) + clusterSA, err := getClusterServiceAccount(specSA.Name, specSA.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } if clusterSA == nil { logrus.Infof("Creating a new object: %s, name %s", specSA.Kind, specSA.Name) - err := clusterAPI.Client.Create(context.TODO(), specSA) + err := deployContext.ClusterAPI.Client.Create(context.TODO(), specSA) return nil, err } @@ -60,8 +59,8 @@ func getClusterServiceAccount(name string, namespace string, client runtimeClien return serviceAccount, nil } -func getSpecServiceAccount(checluster *orgv1.CheCluster, name string, clusterAPI ClusterAPI) (*corev1.ServiceAccount, error) { - labels := GetLabels(checluster, DefaultCheFlavor(checluster)) +func getSpecServiceAccount(deployContext *DeployContext, name string) (*corev1.ServiceAccount, error) { + labels := GetLabels(deployContext.CheCluster, DefaultCheFlavor(deployContext.CheCluster)) serviceAccount := &corev1.ServiceAccount{ TypeMeta: metav1.TypeMeta{ Kind: "ServiceAccount", @@ -69,12 +68,12 @@ func getSpecServiceAccount(checluster *orgv1.CheCluster, name string, clusterAPI }, ObjectMeta: metav1.ObjectMeta{ Name: name, - Namespace: checluster.Namespace, + Namespace: deployContext.CheCluster.Namespace, Labels: labels, }, } - err := controllerutil.SetControllerReference(checluster, serviceAccount, clusterAPI.Scheme) + err := controllerutil.SetControllerReference(deployContext.CheCluster, serviceAccount, deployContext.ClusterAPI.Scheme) if err != nil { return nil, err } diff --git a/pkg/deploy/tls.go b/pkg/deploy/tls.go index 4e4973e1d8..813685782a 100644 --- a/pkg/deploy/tls.go +++ b/pkg/deploy/tls.go @@ -21,7 +21,6 @@ import ( "strings" "time" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/eclipse/che-operator/pkg/util" routev1 "github.com/openshift/api/route/v1" "github.com/sirupsen/logrus" @@ -45,13 +44,13 @@ const ( ) // IsSelfSignedCertificateUsed detects whether endpoints are/should be secured by self-signed certificate. -func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clusterAPI ClusterAPI) (bool, error) { +func IsSelfSignedCertificateUsed(deployContext *DeployContext) (bool, error) { if util.IsTestMode() { return true, nil } cheTLSSelfSignedCertificateSecret := &corev1.Secret{} - err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret) + err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret) if err == nil { // "self signed-certificate" secret found return true, nil @@ -63,7 +62,7 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu if util.IsOpenShift { // Get router TLS certificates chain - peerCertificates, err := GetEndpointTLSCrtChain(checluster, "", proxy, clusterAPI) + peerCertificates, err := GetEndpointTLSCrtChain(deployContext, "") if err != nil { return false, err } @@ -81,13 +80,13 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu // For Kubernetes, check che-tls secret. - cheTLSSecretName := checluster.Spec.K8s.TlsSecretName + cheTLSSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName if len(cheTLSSecretName) < 1 { cheTLSSecretName = DefaultCheTLSSecretName } cheTLSSecret := &corev1.Secret{} - err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret) + err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret) if err != nil { if !errors.IsNotFound(err) { // Failed to get secret, return error to restart reconcile loop. @@ -103,7 +102,7 @@ func IsSelfSignedCertificateUsed(checluster *orgv1.CheCluster, proxy *Proxy, clu // GetEndpointTLSCrtChain retrieves TLS certificates chain from given endpoint. // If endpoint is not specified, then a test route will be created and used to get router certificates. -func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, proxy *Proxy, clusterAPI ClusterAPI) ([]*x509.Certificate, error) { +func GetEndpointTLSCrtChain(deployContext *DeployContext, endpointURL string) ([]*x509.Certificate, error) { if util.IsTestMode() { return nil, stderrors.New("Not allowed for tests") } @@ -113,14 +112,14 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox if isTestRoute { // Create test route to get certificates chain. // Note, it is not possible to use SyncRouteToCluster here as it may cause infinite reconcile loop. - routeSpec, err := GetSpecRoute(instance, "test", "", "test", 8080, clusterAPI) + routeSpec, err := GetSpecRoute(deployContext, "test", "", "test", 8080) if err != nil { return nil, err } // Remove controller reference to prevent queueing new reconcile loop routeSpec.SetOwnerReferences(nil) // Create route manually - if err := clusterAPI.Client.Create(context.TODO(), routeSpec); err != nil { + if err := deployContext.ClusterAPI.Client.Create(context.TODO(), routeSpec); err != nil { if !errors.IsAlreadyExists(err) { logrus.Errorf("Failed to create test route 'test': %s", err) return nil, err @@ -129,7 +128,7 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox // Schedule test route cleanup after the job done. defer func() { - if err := clusterAPI.Client.Delete(context.TODO(), routeSpec); err != nil { + if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), routeSpec); err != nil { logrus.Errorf("Failed to delete test route %s: %s", routeSpec.Name, err) } }() @@ -138,7 +137,7 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox var route *routev1.Route for wait := true; wait; { time.Sleep(time.Duration(1) * time.Second) - route, err = GetClusterRoute(routeSpec.Name, routeSpec.Namespace, clusterAPI.Client) + route, err = GetClusterRoute(routeSpec.Name, routeSpec.Namespace, deployContext.ClusterAPI.Client) if err != nil { return nil, err } @@ -153,9 +152,9 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox transport := &http.Transport{} // Adding the proxy settings to the Transport object. // However, in case of test route we need to reach cluter directly in order to get the right certificate. - if proxy.HttpProxy != "" && !isTestRoute { - logrus.Infof("Configuring proxy with %s to extract crt from the following URL: %s", proxy.HttpProxy, requestURL) - ConfigureProxy(instance, transport, proxy) + if deployContext.Proxy.HttpProxy != "" && !isTestRoute { + logrus.Infof("Configuring proxy with %s to extract crt from the following URL: %s", deployContext.Proxy.HttpProxy, requestURL) + ConfigureProxy(deployContext, transport) } transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} client := &http.Client{ @@ -175,8 +174,8 @@ func GetEndpointTLSCrtChain(instance *orgv1.CheCluster, endpointURL string, prox // GetEndpointTLSCrtBytes creates a test TLS route and gets it to extract certificate chain // There's an easier way which is to read tls secret in default (3.11) or openshift-ingress (4.0) namespace // which however requires extra privileges for operator service account -func GetEndpointTLSCrtBytes(instance *orgv1.CheCluster, endpointURL string, proxy *Proxy, clusterAPI ClusterAPI) (certificates []byte, err error) { - peerCertificates, err := GetEndpointTLSCrtChain(instance, endpointURL, proxy, clusterAPI) +func GetEndpointTLSCrtBytes(deployContext *DeployContext, endpointURL string) (certificates []byte, err error) { + peerCertificates, err := GetEndpointTLSCrtChain(deployContext, endpointURL) if err != nil { if util.IsTestMode() { fakeCrt := make([]byte, 5) @@ -198,13 +197,13 @@ func GetEndpointTLSCrtBytes(instance *orgv1.CheCluster, endpointURL string, prox } // K8sHandleCheTLSSecrets handles TLS secrets required for Che deployment on Kubernetes infrastructure. -func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) (reconcile.Result, error) { - cheTLSSecretName := checluster.Spec.K8s.TlsSecretName +func K8sHandleCheTLSSecrets(deployContext *DeployContext) (reconcile.Result, error) { + cheTLSSecretName := deployContext.CheCluster.Spec.K8s.TlsSecretName // ===== Check Che server TLS certificate ===== // cheTLSSecret := &corev1.Secret{} - err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret) + err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: cheTLSSecretName}, cheTLSSecret) if err != nil { if !errors.IsNotFound(err) { // Error reading secret info @@ -216,7 +215,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // Remove Che CA certificate secret if any cheCASelfSignedCertificateSecret := &corev1.Secret{} - err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheCASelfSignedCertificateSecret) + err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheCASelfSignedCertificateSecret) if err != nil { if !errors.IsNotFound(err) { // Error reading secret info @@ -226,40 +225,40 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // Che CA certificate doesn't exists (that's expected at this point), do nothing } else { // Remove Che CA secret because Che TLS secret is missing (they should be generated together). - if err = clusterAPI.Client.Delete(context.TODO(), cheCASelfSignedCertificateSecret); err != nil { + if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheCASelfSignedCertificateSecret); err != nil { logrus.Errorf("Error deleting Che self-signed certificate secret \"%s\": %v", CheTLSSelfSignedCertificateSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } } // Prepare permissions for the certificate generation job - sa, err := SyncServiceAccountToCluster(checluster, CheTLSJobServiceAccountName, clusterAPI) + sa, err := SyncServiceAccountToCluster(deployContext, CheTLSJobServiceAccountName) if sa == nil { return reconcile.Result{RequeueAfter: time.Second}, err } - role, err := SyncRoleToCluster(checluster, CheTLSJobRoleName, []string{"secrets"}, []string{"create"}, clusterAPI) + role, err := SyncRoleToCluster(deployContext, CheTLSJobRoleName, []string{"secrets"}, []string{"create"}) if role == nil { return reconcile.Result{RequeueAfter: time.Second}, err } - roleBiding, err := SyncRoleBindingToCluster(checluster, CheTLSJobRoleBindingName, CheTLSJobServiceAccountName, CheTLSJobRoleName, "Role", clusterAPI) + roleBiding, err := SyncRoleBindingToCluster(deployContext, CheTLSJobRoleBindingName, CheTLSJobServiceAccountName, CheTLSJobRoleName, "Role") if roleBiding == nil { return reconcile.Result{RequeueAfter: time.Second}, err } - domains := checluster.Spec.K8s.IngressDomain + ",*." + checluster.Spec.K8s.IngressDomain - if checluster.Spec.Server.CheHost != "" && strings.Index(checluster.Spec.Server.CheHost, checluster.Spec.K8s.IngressDomain) == -1 && checluster.Spec.Server.CheHostTLSSecret == "" { - domains += "," + checluster.Spec.Server.CheHost + domains := deployContext.CheCluster.Spec.K8s.IngressDomain + ",*." + deployContext.CheCluster.Spec.K8s.IngressDomain + if deployContext.CheCluster.Spec.Server.CheHost != "" && strings.Index(deployContext.CheCluster.Spec.Server.CheHost, deployContext.CheCluster.Spec.K8s.IngressDomain) == -1 && deployContext.CheCluster.Spec.Server.CheHostTLSSecret == "" { + domains += "," + deployContext.CheCluster.Spec.Server.CheHost } cheTLSSecretsCreationJobImage := DefaultCheTLSSecretsCreationJobImage() jobEnvVars := map[string]string{ "DOMAIN": domains, - "CHE_NAMESPACE": checluster.Namespace, + "CHE_NAMESPACE": deployContext.CheCluster.Namespace, "CHE_SERVER_TLS_SECRET_NAME": cheTLSSecretName, "CHE_CA_CERTIFICATE_SECRET_NAME": CheTLSSelfSignedCertificateSecretName, } - job, err := SyncJobToCluster(checluster, CheTLSJobName, CheTLSJobComponentName, cheTLSSecretsCreationJobImage, CheTLSJobServiceAccountName, jobEnvVars, clusterAPI) + job, err := SyncJobToCluster(deployContext, CheTLSJobName, CheTLSJobComponentName, cheTLSSecretsCreationJobImage, CheTLSJobServiceAccountName, jobEnvVars) if err != nil { logrus.Error(err) return reconcile.Result{RequeueAfter: time.Second}, err @@ -272,7 +271,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // cleanup job job := &batchv1.Job{} - err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: CheTLSJobName, Namespace: checluster.Namespace}, job) + err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: CheTLSJobName, Namespace: deployContext.CheCluster.Namespace}, job) if err != nil && !errors.IsNotFound(err) { // Failed to get the job return reconcile.Result{RequeueAfter: time.Second}, err @@ -281,10 +280,10 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // The job object is present if job.Status.Succeeded > 0 { logrus.Infof("Import public part of Eclipse Che self-signed CA certificate from \"%s\" secret into your browser.", CheTLSSelfSignedCertificateSecretName) - deleteJob(job, checluster, clusterAPI) + deleteJob(deployContext, job) } else if job.Status.Failed > 0 { // The job failed, but the certificate is present, shouldn't happen - deleteJob(job, checluster, clusterAPI) + deleteJob(deployContext, job) return reconcile.Result{}, nil } // Job hasn't reported finished status yet, wait more @@ -296,7 +295,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // The secret is invalid because required field(s) missing. logrus.Infof("Che TLS secret \"%s\" is invalid. Recreating...", cheTLSSecretName) // Delete old invalid secret - if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil { + if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil { logrus.Errorf("Error deleting Che TLS secret \"%s\": %v", cheTLSSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } @@ -307,11 +306,11 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // Check owner reference if cheTLSSecret.ObjectMeta.OwnerReferences == nil { // Set owner Che cluster as Che TLS secret owner - if err := controllerutil.SetControllerReference(checluster, cheTLSSecret, clusterAPI.Scheme); err != nil { + if err := controllerutil.SetControllerReference(deployContext.CheCluster, cheTLSSecret, deployContext.ClusterAPI.Scheme); err != nil { logrus.Errorf("Failed to set owner for Che TLS secret \"%s\". Error: %s", cheTLSSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } - if err := clusterAPI.Client.Update(context.TODO(), cheTLSSecret); err != nil { + if err := deployContext.ClusterAPI.Client.Update(context.TODO(), cheTLSSecret); err != nil { logrus.Errorf("Failed to update owner for Che TLS secret \"%s\". Error: %s", cheTLSSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } @@ -320,7 +319,7 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // ===== Check Che CA certificate ===== // cheTLSSelfSignedCertificateSecret := &corev1.Secret{} - err = clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: checluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret) + err = deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Namespace: deployContext.CheCluster.Namespace, Name: CheTLSSelfSignedCertificateSecretName}, cheTLSSelfSignedCertificateSecret) if err != nil { if !errors.IsNotFound(err) { // Error reading Che self-signed secret info @@ -334,13 +333,13 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) if !isCheCASecretValid(cheTLSSelfSignedCertificateSecret) { logrus.Infof("Che self-signed certificate secret \"%s\" is invalid. Recrating...", CheTLSSelfSignedCertificateSecretName) // Che CA self-signed certificate secret is invalid, delete it - if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil { + if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil { logrus.Errorf("Error deleting Che self-signed certificate secret \"%s\": %v", CheTLSSelfSignedCertificateSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } // Also delete Che TLS as the certificates should be created together // Here it is not mandatory to check Che TLS secret existence as it is handled above - if err = clusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil { + if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), cheTLSSecret); err != nil { logrus.Errorf("Error deleting Che TLS secret \"%s\": %v", cheTLSSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } @@ -351,11 +350,11 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // Check owner reference if cheTLSSelfSignedCertificateSecret.ObjectMeta.OwnerReferences == nil { // Set owner Che cluster as Che TLS secret owner - if err := controllerutil.SetControllerReference(checluster, cheTLSSelfSignedCertificateSecret, clusterAPI.Scheme); err != nil { + if err := controllerutil.SetControllerReference(deployContext.CheCluster, cheTLSSelfSignedCertificateSecret, deployContext.ClusterAPI.Scheme); err != nil { logrus.Errorf("Failed to set owner for Che self-signed certificate secret \"%s\". Error: %s", CheTLSSelfSignedCertificateSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } - if err := clusterAPI.Client.Update(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil { + if err := deployContext.ClusterAPI.Client.Update(context.TODO(), cheTLSSelfSignedCertificateSecret); err != nil { logrus.Errorf("Failed to update owner for Che self-signed certificate secret \"%s\". Error: %s", CheTLSSelfSignedCertificateSecretName, err) return reconcile.Result{RequeueAfter: time.Second}, err } @@ -368,10 +367,10 @@ func K8sHandleCheTLSSecrets(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) // CheckAndUpdateK8sTLSConfiguration validates Che TLS configuration on Kubernetes infra. // If configuration is wrong it will guess most common use cases and will make changes in Che CR accordingly to the assumption. -func CheckAndUpdateK8sTLSConfiguration(checluster *orgv1.CheCluster, clusterAPI ClusterAPI) error { - if checluster.Spec.K8s.TlsSecretName == "" { - checluster.Spec.K8s.TlsSecretName = DefaultCheTLSSecretName - if err := UpdateCheCRSpec(checluster, "TlsSecretName", checluster.Spec.K8s.TlsSecretName, clusterAPI); err != nil { +func CheckAndUpdateK8sTLSConfiguration(deployContext *DeployContext) error { + if deployContext.CheCluster.Spec.K8s.TlsSecretName == "" { + deployContext.CheCluster.Spec.K8s.TlsSecretName = DefaultCheTLSSecretName + if err := UpdateCheCRSpec(deployContext, "TlsSecretName", deployContext.CheCluster.Spec.K8s.TlsSecretName); err != nil { return err } } @@ -396,20 +395,20 @@ func isCheCASecretValid(cheCASelfSignedCertificateSecret *corev1.Secret) bool { return true } -func deleteJob(job *batchv1.Job, checluster *orgv1.CheCluster, clusterAPI ClusterAPI) { - names := util.K8sclient.GetPodsByComponent(CheTLSJobComponentName, checluster.Namespace) +func deleteJob(deployContext *DeployContext, job *batchv1.Job) { + names := util.K8sclient.GetPodsByComponent(CheTLSJobComponentName, deployContext.CheCluster.Namespace) for _, podName := range names { pod := &corev1.Pod{} - err := clusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: podName, Namespace: checluster.Namespace}, pod) + err := deployContext.ClusterAPI.Client.Get(context.TODO(), types.NamespacedName{Name: podName, Namespace: deployContext.CheCluster.Namespace}, pod) if err == nil { // Delete pod (for some reasons pod isn't removed when job is removed) - if err = clusterAPI.Client.Delete(context.TODO(), pod); err != nil { + if err = deployContext.ClusterAPI.Client.Delete(context.TODO(), pod); err != nil { logrus.Errorf("Error deleting pod: '%s', error: %v", podName, err) } } } - if err := clusterAPI.Client.Delete(context.TODO(), job); err != nil { + if err := deployContext.ClusterAPI.Client.Delete(context.TODO(), job); err != nil { logrus.Errorf("Error deleting job: '%s', error: %v", CheTLSJobName, err) } } diff --git a/pkg/deploy/update.go b/pkg/deploy/update.go index 94cb4c841a..d7881c5813 100644 --- a/pkg/deploy/update.go +++ b/pkg/deploy/update.go @@ -14,28 +14,27 @@ package deploy import ( "context" - orgv1 "github.com/eclipse/che-operator/pkg/apis/org/v1" "github.com/sirupsen/logrus" ) -func UpdateCheCRSpec(instance *orgv1.CheCluster, updatedField string, value string, clusterAPI ClusterAPI) (err error) { - logrus.Infof("Updating %s CR with %s: %s", instance.Name, updatedField, value) - err = clusterAPI.Client.Update(context.TODO(), instance) +func UpdateCheCRSpec(deployContext *DeployContext, updatedField string, value string) (err error) { + logrus.Infof("Updating %s CR with %s: %s", deployContext.CheCluster.Name, updatedField, value) + err = deployContext.ClusterAPI.Client.Update(context.TODO(), deployContext.CheCluster) if err != nil { - logrus.Errorf("Failed to update %s CR: %s", instance.Name, err) + logrus.Errorf("Failed to update %s CR: %s", deployContext.CheCluster.Name, err) return err } - logrus.Infof("Custom resource %s updated", instance.Name) + logrus.Infof("Custom resource %s updated", deployContext.CheCluster.Name) return nil } -func UpdateCheCRStatus(instance *orgv1.CheCluster, updatedField string, value string, clusterAPI ClusterAPI) (err error) { - logrus.Infof("Updating %s CR with %s: %s", instance.Name, updatedField, value) - err = clusterAPI.Client.Status().Update(context.TODO(), instance) +func UpdateCheCRStatus(deployContext *DeployContext, updatedField string, value string) (err error) { + logrus.Infof("Updating %s CR with %s: %s", deployContext.CheCluster.Name, updatedField, value) + err = deployContext.ClusterAPI.Client.Status().Update(context.TODO(), deployContext.CheCluster) if err != nil { - logrus.Errorf("Failed to update %s CR. Fetching the latest CR version: %s", instance.Name, err) + logrus.Errorf("Failed to update %s CR. Fetching the latest CR version: %s", deployContext.CheCluster.Name, err) return err } - logrus.Infof("Custom resource %s updated", instance.Name) + logrus.Infof("Custom resource %s updated", deployContext.CheCluster.Name) return nil }