Propagate custom public certificates to volume mount (#171)

deploy/crds/org_v1_che_cr.yaml

@@ -33,8 +33,10 @@ spec:
     # when set to true the operator will attempt to get a secret in OpenShift router namespace
     # to add it to Java trust store of Che server. Requires cluster-admin privileges for operator service account
     selfSignedCert: false
-    ## If enabled then the certificate from `che-git-self-signed-cert` config map
-    ## will be propagated to the Che components and provide particular configuration for Git.
+    # Name of the config-map with public certificates to add to Java trust store of the Che server.
+    serverTrustStoreConfigMapName: ''
+    # If enabled then the certificate from `che-git-self-signed-cert` config map
+    # will be propagated to the Che components and provide particular configuration for Git.
     gitSelfSignedCert: false
     # TLS mode for Che. Make sure you either have public cert, or set selfSignedCert to true
     tlsSupport: false

deploy/crds/org_v1_che_crd.yaml

@@ -293,6 +293,13 @@ spec:
                     config map from other CR fields, then the value defined in the
                     `customCheProperties` will be used instead.
                   type: object
+                serverTrustStoreConfigMapName:
+                  description: Name of the config-map with public certificates to
+                    add to Java trust store of the Che server. This is usually required
+                    when adding the OpenShift OAuth provider which has https endpoint
+                    signed with self-signed cert. So, Che server must be aware of
+                    its CA cert to be able to request it. This is disabled by default.
+                  type: string
                 devfileRegistryImage:
                   description: Overrides the container image used in the Devfile registry
                     deployment. This includes the image tag. Omit it or leave it empty

olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582643605/eclipse-che-preview-kubernetes.crd.yaml.diff

@@ -0,0 +1,16 @@
+--- /home/ivinokur/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582546871/eclipse-che-preview-kubernetes.crd.yaml	2020-02-25 17:13:11.944412738 +0200
++++ /home/ivinokur/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582643605/eclipse-che-preview-kubernetes.crd.yaml	2020-02-25 17:13:25.612364648 +0200
+@@ -293,6 +293,13 @@
+                     config map from other CR fields, then the value defined in the
+                     `customCheProperties` will be used instead.
+                   type: object
++                serverTrustStoreConfigMapName:
++                  description: Name of the config-map with public certificates to
++                    add to Java trust store of the Che server. This is usually required
++                    when adding the OpenShift OAuth provider which has https endpoint
++                    signed with self-signed cert. So, Che server must be aware of
++                    its CA cert to be able to request it. This is disabled by default.
++                  type: string
+                 devfileRegistryImage:
+                   description: Overrides the container image used in the Devfile registry
+                     deployment. This includes the image tag. Omit it or leave it empty

olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582643605/eclipse-che-preview-kubernetes.v9.9.9-nightly.1582643605.clusterserviceversion.yaml.diff

@@ -0,0 +1,25 @@
+--- /home/ivinokur/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582546871/eclipse-che-preview-kubernetes.v9.9.9-nightly.1582546871.clusterserviceversion.yaml	2020-02-25 17:13:11.945412734 +0200
++++ /home/ivinokur/go/src/github.com/eclipse/che-operator/olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/9.9.9-nightly.1582643605/eclipse-che-preview-kubernetes.v9.9.9-nightly.1582643605.clusterserviceversion.yaml	2020-02-25 17:13:25.610364655 +0200
+@@ -49,12 +49,12 @@
+     categories: Developer Tools
+     certified: "false"
+     containerImage: quay.io/eclipse/che-operator:nightly
+-    createdAt: "2020-02-24T12:21:11Z"
++    createdAt: "2020-02-25T15:13:25Z"
+     description: A Kube-native development solution that delivers portable and collaborative
+       developer workspaces.
+     repository: https://github.com/eclipse/che-operator
+     support: Eclipse Foundation
+-  name: eclipse-che-preview-kubernetes.v9.9.9-nightly.1582546871
++  name: eclipse-che-preview-kubernetes.v9.9.9-nightly.1582643605
+   namespace: placeholder
+ spec:
+   apiservicedefinitions: {}
+@@ -370,5 +370,5 @@
+   maturity: stable
+   provider:
+     name: Eclipse Foundation
+-  replaces: eclipse-che-preview-kubernetes.v9.9.9-nightly.1581975496
+-  version: 9.9.9-nightly.1582546871
++  replaces: eclipse-che-preview-kubernetes.v9.9.9-nightly.1582546871
++  version: 9.9.9-nightly.1582643605

olm/eclipse-che-preview-kubernetes/deploy/olm-catalog/eclipse-che-preview-kubernetes/eclipse-che-preview-kubernetes.package.yaml

@@ -1,5 +1,5 @@
 channels:
-- currentCSV: eclipse-che-preview-kubernetes.v9.9.9-nightly.1582546871
+- currentCSV: eclipse-che-preview-kubernetes.v9.9.9-nightly.1582643605
   name: nightly
 - currentCSV: eclipse-che-preview-kubernetes.v7.9.0
   name: stable