-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Obtain and persist Bitbucket personal access token as k8s secret #18726
Obtain and persist Bitbucket personal access token as k8s secret #18726
Conversation
15a5ebd
to
fe9872c
Compare
270e8f5
to
42a26d9
Compare
Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
668e474
to
d20ef75
Compare
❌ E2E Happy path tests failed ❗ See Details
Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)
|
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
❌ E2E Happy path tests failed ❗ See Details
Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)
|
On today's call @l0rd suggest me to try to sync Bitbucket OAuth config with
So I can suggest such a format:
With such a secret che-operator will mount it to che-server container with path /home/user/eclipse-che/conf/oauth1/bitbucket.
|
I like that @skabashnyuk. A couple of suggestions: - che.eclipse.org/bitbucket-server-oauth-credentials: 'true'
+ che.eclipse.org/oauth-credentials-git-server: 'bitbucket' # can be github or bitbucket, in the future gitlab too and - che.eclipse.org/bitbucket-server-endpoint: (...)
- che.eclipse.org/git-server-endpoint: (...) because for github/gitlab hosted in enterprise we probably would need that too. |
Do you want to rename the attribute from |
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
yes
that's better, you are right
Why do you want to consider SAAS and On-Prem as different? I mean SAAS is just one instance for which the endpoint is publicly available, but it still has an endpoint. |
@l0rd I didn't get your point about About SAAS vs On-Prem. They are different because:
|
❌ E2E Happy path tests failed ❗ See Details
Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)
|
@l0rd just to sum up what we have at this point. kind: Secret
apiVersion: v1
metadata:
name: <scm-provider-id>-oaut-config
namespace: <...>
labels:
app.kubernetes.io/part-of: che.eclipse.org
app.kubernetes.io/component: <?>-secret (variants: che or keycloak)
annotations:
che.eclipse.org/oauth-scm-server: bitbucket-server (variants: github, bitbucket, gitlab, gitlab-server)
che.eclipse.org/mount-path: /home/user/eclipse-che/conf/oauth1/bitbucket
che.eclipse.org/mount-as: file
che.eclipse.org/scm-server-endpoint: http://bitbucket-bitbucket.apps.cluster-2d6e.2d6e.example.opentlc.com/
type: Opaque
data:
private.key: <...>
consumer.key: <...>
EOF |
|
Yes
At this moment |
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
Sure we could have 2 separate PRs. But the second PR should be merged before next release. Otherwise we would introduce something that will be deprecated after a few weeks. |
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
❌ E2E Happy path tests failed ❗ See Details
Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)
|
…_authorizing Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
❌ E2E Happy path tests failed ❗ See Details
Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)
|
What does this PR do?
Obtain and persist Bitbucket personal access token as k8s secret
This pr include changes from #18709
Screenshot/screencast of this PR
TODO
What issues does this PR fix or reference?
Fixes #18388
Docs eclipse-che/che-docs#1807
How to test this PR?
Deploy Bitbucket server 5.15.2 or newer.
Helm deployment can be found here
https://github.com/skabashnyuk/gitsrv/tree/main/bitbucket.
Generation keys.
Configure links
Setup Che
Create a private Bitbucket repository.
che
che-server
Link Che and Bitbucket
Open Link in browser
Run the factory with a private repository
PR Checklist
As the author of this Pull Request I made sure that:
What issues does this PR fix or reference
andHow to test this PR
completedReviewers
Reviewers, please comment how you tested the PR when approving it.