diff --git a/codereadyworkspaces/tl500-devfile-v2.yaml b/codereadyworkspaces/tl500-devfile-v2.yaml new file mode 100644 index 0000000..3918354 --- /dev/null +++ b/codereadyworkspaces/tl500-devfile-v2.yaml @@ -0,0 +1,116 @@ +schemaVersion: 2.1.0 +metadata: + name: tl500 +attributes: + che-theia.eclipse.org/sidecar-policy: USE_DEV_CONTAINER + controller.devfile.io/devworkspace-config: + name: devworkspace-config + namespace: tl500-workspaces + controller.devfile.io/storage-type: per-workspace + metadata-name-field: generateName + metadata-name-original-value: tl500- +projects: + - attributes: + source-origin: branch + clonePath: tech-exercise + git: + checkoutFrom: + revision: main + remotes: + origin: 'https://github.com/rht-labs/tech-exercise' + name: tech-exercise +components: + - container: + args: + - /bin/sh + - '-c' + - sleep infinity + endpoints: + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-8080 + protocol: http + targetPort: 8080 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-9000 + protocol: http + targetPort: 9000 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-3000 + protocol: http + targetPort: 3000 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-4200 + protocol: http + targetPort: 4200 + - attributes: + protocol: http + exposure: public + name: ide-4444 + protocol: http + targetPort: 4444 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-8081 + protocol: http + targetPort: 8081 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-8082 + protocol: http + targetPort: 8082 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-8083 + protocol: http + targetPort: 8083 + - attributes: + discoverable: 'true' + protocol: http + public: 'true' + exposure: public + name: ide-8084 + protocol: http + targetPort: 8084 + image: 'quay.io/rht-labs/stack-tl500:3.0.16' + memoryLimit: 2Gi + mountSources: true + sourceMapping: /projects + volumeMounts: + - name: projects + path: /projects + - name: config + path: /home/developer/.config + - name: npm + path: /home/developer/.npm + name: stack-tl500 + - name: projects + volume: {} + - name: config + volume: {} + - name: npm + volume: {} diff --git a/tooling/README.md b/tooling/README.md index 145a757..bf761a1 100644 --- a/tooling/README.md +++ b/tooling/README.md @@ -2,7 +2,7 @@ This directory contains the necessary charts used in order to deploy a TL500 Tech Stack against an OCP 4.X cluster. This assumes that the cluster has valid certificates. -🐞 Please ensure your cluster is the latest Z release - 4.9.z or 4.10.z release. We test against these. 🐞 +🐞 Please ensure your cluster is the latest Z release - 4.10.z or 4.11.z release. We test against these. 🐞 This chart is capable of deploying the following: @@ -30,6 +30,8 @@ When specifying a chart version, make sure to use the same version for both char 1. Install TL500 Base +For 4.10.z OpenShift: + ```bash helm repo add enablement-framework https://rht-labs.com/enablement-framework helm repo update @@ -37,8 +39,16 @@ helm search repo enablement-framework helm install tl500-base enablement-framework/tl500-base --version XYZ --namespace tl500 --create-namespace --timeout=15m ``` +When deploying to OpenShift 4.11.z+ there are some breaking changes in newer OpenShift versions, specifically around DevSpaces operator. Use the newer values file: + +```bash +helm install tl500-base enablement-framework/tl500-base -f tl500-base/values-v4.11.yaml --version XYZ --namespace tl500 --create-namespace --timeout=15m +``` + 2. Install TL500 Course Content +For 4.10.z OpenShift: + ```bash helm repo add enablement-framework https://rht-labs.com/enablement-framework helm repo update @@ -46,6 +56,12 @@ helm search repo enablement-framework helm install tl500-course-content enablement-framework/tl500-course-content --version XYZ --namespace tl500 --create-namespace --timeout=15m ``` +When deploying to OpenShift 4.11.z+ there are some breaking changes in newer OpenShift versions, specifically around DevSpaces operator. Use the newer values file: + +```bash +helm install tl500-course-content enablement-framework/tl500-course-content -f tl500-base/values-v4.11.yaml --version XYZ --namespace tl500 --create-namespace --timeout=15m +``` + ## Using the helm chart source code 1. Get the source code diff --git a/tooling/charts/tl500-base/Chart.yaml b/tooling/charts/tl500-base/Chart.yaml index f2768c5..2c4676e 100644 --- a/tooling/charts/tl500-base/Chart.yaml +++ b/tooling/charts/tl500-base/Chart.yaml @@ -13,7 +13,7 @@ maintainers: - name: springdo dependencies: - name: sealed-secrets - version: "2.1.6" + version: "2.6.1" repository: https://bitnami-labs.github.io/sealed-secrets condition: sealed-secrets.enabled - name: stackrox-chart @@ -21,7 +21,7 @@ dependencies: repository: https://redhat-cop.github.io/helm-charts condition: stackrox-chart.enabled - name: gitops-operator - version: "0.4.2" + version: "0.4.3" repository: https://redhat-cop.github.io/helm-charts condition: gitops-operator.enabled - name: tl500-teamsters diff --git a/tooling/charts/tl500-base/values-v4.11.yaml b/tooling/charts/tl500-base/values-v4.11.yaml new file mode 100644 index 0000000..f961447 --- /dev/null +++ b/tooling/charts/tl500-base/values-v4.11.yaml @@ -0,0 +1,16 @@ +# OpenShift 411 override values + +operators: + codeready-workspaces: # undefine + + devspaces: + enabled: true + namespace: openshift-operators + subscription: + channel: stable + approval: Automatic + operatorName: devspaces + sourceName: redhat-operators + sourceNamespace: openshift-marketplace + operatorgroup: + create: false diff --git a/tooling/charts/tl500-base/values.yaml b/tooling/charts/tl500-base/values.yaml index f5c683d..36cbe88 100644 --- a/tooling/charts/tl500-base/values.yaml +++ b/tooling/charts/tl500-base/values.yaml @@ -97,6 +97,8 @@ gitlab: - name: "postgresql" tag_name: "latest" stream_uri: "registry.redhat.io/rhscl/postgresql-96-rhel7" +# a body of CA certificate that Gitlab should be using goes in here. Body needs to be Base64! +# cacert: ldap: # port: "389" # base: "dc=CORP,dc=EXAMPLE,dc=COM" diff --git a/tooling/charts/tl500-course-content/templates/crw/ca-configmap.yaml b/tooling/charts/tl500-course-content/templates/crw/ca-configmap.yaml index d2e9cfd..2ee1aab 100644 --- a/tooling/charts/tl500-course-content/templates/crw/ca-configmap.yaml +++ b/tooling/charts/tl500-course-content/templates/crw/ca-configmap.yaml @@ -1,3 +1,4 @@ +{{- if .Values.crw }} {{- if .Values.crw.gitCustomCA }} --- apiVersion: v1 @@ -11,3 +12,4 @@ metadata: data: ca.crt: {{ .Values.crw.gitCustomCA | indent 4 }} {{- end }} +{{- end }} diff --git a/tooling/charts/tl500-course-content/templates/crw/crw.yaml b/tooling/charts/tl500-course-content/templates/crw/crw.yaml index 0161f6c..2b5a92f 100644 --- a/tooling/charts/tl500-course-content/templates/crw/crw.yaml +++ b/tooling/charts/tl500-course-content/templates/crw/crw.yaml @@ -37,4 +37,4 @@ spec: pvcStrategy: per-workspace pvcClaimSize: 2Gi preCreateSubPaths: true -{{- end }} +{{- end }} \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml b/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml new file mode 100644 index 0000000..1ed460b --- /dev/null +++ b/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml @@ -0,0 +1,28 @@ +{{- if .Values.crwv2 }} +apiVersion: org.eclipse.che/v2 +kind: CheCluster +metadata: + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "25" + name: {{ .Values.crwv2.name | default "codeready-workspaces" | quote }} + namespace: {{ .Values.crwv2.namespace | default "tl500-workspaces" | quote }} +spec: + components: + database: + externalDb: false + metrics: + enable: false + cheServer: + debug: false + logLevel: INFO + extraProperties: {{ toYaml .Values.crwv2.properties | nindent 8 | default "" }} + devEnvironments: + runningLimit: 1 + secondsOfRunBeforeIdling: {{ .Values.crwv2.secondsOfRunBeforeIdling | default "-1" | quote }} + defaultNamespace: + template: -devspaces + secondsOfInactivityBeforeIdling: {{ .Values.crwv2.secondsOfInactivityBeforeIdling | default "-1" | quote }} + storage: + pvcStrategy: per-user +{{- end }} diff --git a/tooling/charts/tl500-course-content/templates/stackrox/configure-stackrox-job.yaml b/tooling/charts/tl500-course-content/templates/stackrox/configure-stackrox-job.yaml index 8989cc6..c0faeca 100644 --- a/tooling/charts/tl500-course-content/templates/stackrox/configure-stackrox-job.yaml +++ b/tooling/charts/tl500-course-content/templates/stackrox/configure-stackrox-job.yaml @@ -38,6 +38,12 @@ spec: # wait for sericeaccount echo "waiting for tl500 pipline service account ..." while test 0 == $(oc -n tl500 get sa/pipeline -o name 2>/dev/null | wc -l); do sleep 5; done + # support newer installation where token not generated automatically + oc serviceaccounts get-token pipeline -n tl500 + if [ $? != 0 ]; then + echo '{"apiVersion":"v1","kind":"Secret","metadata":{"name":"pipeline-token","namespace":"tl500","annotations": {"kubernetes.io/service-account.name":"pipeline"}},"type":"kubernetes.io/service-account-token"}' | oc -n tl500 apply -f- + oc -n tl500 secret link pipeline pipeline-token + fi TOKEN=$(oc serviceaccounts get-token pipeline -n tl500) RET=$(curl -sk -u "admin:${ROX_ADMIN_PASSWD}" "https://$ROX_ENDPOINT/v1/imageintegrations" -d "{\"id\": \"\",\"name\": \"tl500\",\"categories\": [\"REGISTRY\"],\"docker\": {\"endpoint\": \"https://image-registry.openshift-image-registry.svc:5000\",\"username\": \"\",\"password\": \"${TOKEN}\",\"insecure\": true},\"autogenerated\": false,\"clusterId\": \"\",\"clusters\": [],\"skipTestIntegration\": false,\"type\": \"docker\" }" | jq .error) if [[ ${RET} != "null" && ! -z ${RET} ]]; then diff --git a/tooling/charts/tl500-course-content/values-v4.11.yaml b/tooling/charts/tl500-course-content/values-v4.11.yaml new file mode 100644 index 0000000..c988f90 --- /dev/null +++ b/tooling/charts/tl500-course-content/values-v4.11.yaml @@ -0,0 +1,12 @@ +# OpenShift 411 extra values + +crw: # undefine v1 + +crwv2: + namespace: tl500-workspaces + name: "codeready-workspaces" + secondsOfRunBeforeIdling: "-1" + secondsOfInactivityBeforeIdling: "-1" + properties: + CHE_LIMITS_USER_WORKSPACES_COUNT: "2" + CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB: "3072" diff --git a/tooling/charts/tl500-course-content/values.yaml b/tooling/charts/tl500-course-content/values.yaml index 8b2a839..7a46a1f 100644 --- a/tooling/charts/tl500-course-content/values.yaml +++ b/tooling/charts/tl500-course-content/values.yaml @@ -32,7 +32,6 @@ logging: kibana: {} - crw: namespace: tl500-workspaces name: "codeready-workspaces"