Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugin brokering fails TLS, self-signed certificates and embedded registries #14087

Closed
6 of 23 tasks
davidfestal opened this issue Jul 31, 2019 · 2 comments
Closed
6 of 23 tasks

Plugin brokering fails TLS, self-signed certificates and embedded registries #14087

davidfestal opened this issue Jul 31, 2019 · 2 comments
Assignees
@davidfestal @sleshchenko
Labels
kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code. status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it.
Milestone
7.0.0

Comments

@davidfestal
Copy link
Contributor

Describe the bug

When running Che with TLS, self-signed certificates enabled, and embedded registries (deployed behind Openshift routes), the plugin broker fails when trying to access the plugin registry because the certificate is unknown.

Che version

  • latest
  • nightly
  • other: please specify

Steps to reproduce

With the Operator or Che Ctl, install Che with the following custom resource:

apiVersion: org.eclipse.che/v1
kind: CheCluster
metadata:
  name: eclipse-che
spec:
  server:
    cheImageTag: nightly
    devfileRegistryImage: 'quay.io/eclipse/che-devfile-registry:nightly'
    pluginRegistryImage: 'quay.io/eclipse/che-plugin-registry:nightly'
    tlsSupport: true
    selfSignedCert: true
  auth:
    openShiftoAuth: true
    identityProviderImage: 'eclipse/che-keycloak:nightly'
  storage:
    pvcStrategy: per-workspace
    pvcClaimSize: 1Gi
    preCreateSubPaths: true

And try to start a workspace. You will have an error coming from the plugin broker.

Expected behavior

Workspace should start correctly.

Runtime

  • kubernetes (include output of kubectl version)
  • Openshift (include output of oc version)
  • minikube (include output of minikube version and kubectl version)
  • minishift (include output of minishift version and oc version)
  • docker-desktop + K8S (include output of docker version and kubectl version)
  • other: (please specify)

Screenshots

Installation method

  • chectl
  • che-operator
  • minishift-addon
  • I don't know

Environment

  • my computer
    • Windows
    • Linux
    • macOS
  • Cloud
    • Amazon
    • Azure
    • GCE
    • other (please specify)
  • other: please specify

Additional context
@davidfestal davidfestal mentioned this issue Jul 31, 2019
Merged
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jul 31, 2019
@slemeur slemeur added kind/bug Outline of a bug - must adhere to the bug report template. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jul 31, 2019
@slemeur slemeur added this to the 7.0.0 milestone Jul 31, 2019
@slemeur slemeur added the severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code. label Jul 31, 2019
@slemeur
Copy link
Contributor

slemeur commented Jul 31, 2019

LGTM

@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jul 31, 2019
@benoitf benoitf added status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jul 31, 2019
@davidfestal davidfestal mentioned this issue Jul 31, 2019
Merged
@sleshchenko
Copy link
Member

Should be fixed by eclipse-che/che-plugin-broker#67 and #14089

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidfestal davidfestal

@sleshchenko sleshchenko

Labels
kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code. status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it.
Projects
None yet
Milestone
7.0.0
Development

No branches or pull requests
5 participants
@benoitf @davidfestal @slemeur @sleshchenko @che-bot