diff --git a/README.md b/README.md index f5836db3..8d4a298d 100644 --- a/README.md +++ b/README.md @@ -5,67 +5,57 @@ [![Documentation](https://img.shields.io/badge/Documentation-blue?color=1f618d)](https://ibm.biz/wazi-crw-doc) ## What's inside? - -A Docker image that packages all the operator lifecycle manager dependencies for installing the IBM Wazi Developer for Red Hat CodeReady Workspaces (IBM Wazi Developer for Workspaces). This operator is installed into a Red Hat OpenShift Container Platform for a cluster administrator to manage. Once an instance is deployed into a cluster, then a user can use a browser to access the IBM Wazi Developer for Workspaces. -- This repository is based off of the upstream [Red Hat CodeReady for Workspaces Operator](https://github.com/redhat-developer/codeready-workspaces-operator), where the code is in another upstream [Eclipse Che Operator](https://github.com/eclipse/che-operator/) repository. Repositories gathered together downstream are all brought together into a [Red Hat CodeReady Workspaces Images](https://github.com/redhat-developer/codeready-workspaces-images) repository and the generated output is located in the respective branch. - -## Documentation - -Documentation can be found here for [IBM Wazi Developer for Workspaces](https://ibm.biz/wazi-crw-doc) - -* The [IBM Wazi Developer for Workspaces](https://github.com/ibm/wazi-codeready-workspaces) repository - provides the devfile and plug-in registries for the Red Hat CodeReady Workspaces. -* The [IBM Wazi Developer for Workspaces Sidecars](https://github.com/ibm/wazi-codeready-workspaces-sidecars) repository - provides the supporting resources for the devfile and plug-in registries. -* The [IBM Wazi Developer for Workspaces Operator](https://github.com/ibm/wazi-codeready-workspaces-operator) repository - provides the Operator Lifecycle Manager for deployment. - -## Feadback - -We would love to hear feedback from you about IBM Wazi Developer for Red Hat CodeReady Workspaces. -File an issue or provide feedback here: [IBM Wazi Developer for Workspaces Issues](https://github.com/IBM/wazi-codeready-workspaces/issues) +This repository contains a Docker image that packages all the operator lifecycle manager dependencies for installing IBM Wazi Developer for Red Hat CodeReady Workspaces (IBM Wazi Developer for Workspaces). This operator is installed into a Red Hat OpenShift Container Platform for a cluster administrator to manage. Once an instance is deployed into a cluster, then a user can use a browser to access IBM Wazi Developer for Workspaces. -## IBM Wazi Developer for Red Hat CodeReady Workspaces -IBM Wazi Developer for Red Hat CodeReady Workspaces (IBM Wazi Developer) is a single integrated solution, which delivers a cloud native development experience for z/OS. It enables application developers to develop and test z/OS application components in a virtual z/OS environment on an OpenShift®-powered hybrid multicloud platform, and to use an industry standard integrated development environment (IDE) of their choice. +This repository is based off of the upstream [Red Hat CodeReady for Workspaces Operator](https://github.com/redhat-developer/codeready-workspaces-operator), whose code is in another upstream [Eclipse Che Operator](https://github.com/eclipse/che-operator/) repository. Repositories gathered together downstream are all brought together into a [Red Hat CodeReady Workspaces Images](https://github.com/redhat-developer/codeready-workspaces-images) repository, where the generated output is located in the respective branch for each version. -IBM Wazi Developer for Workspaces, a component of IBM Wazi Developer, is built on the Red Hat CodeReady Workspaces project. The core functionality for Red Hat CodeReady Workspaces is provided by an open-source project called Eclipse Che. IBM Wazi Developer for Workspaces uses Kubernetes and containers to provide your team with a consistent, secure, and zero-configuration development environment that interacts with your IBM Z platform. - -IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open-source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology and stacks, IBM Wazi Developer for Workspaces brings the necessary technology to the task at hand. +## IBM Wazi Developer for Workspaces + +IBM Wazi Developer for Workspaces is a component shipped with either IBM Wazi Developer for Red Hat CodeReady Workspaces (Wazi Developer for Workspaces) or IBM Developer for z/OS Enterprise Edition (IDzEE). + +IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology, IBM Wazi Developer for Workspaces brings the necessary tools to the task at hand. + +For more benefits of IBM Wazi Developer for Workspaces, see the [IBM Wazi Developer product page](https://www.ibm.com/products/wazi-developer) or [IDzEE product page](https://www.ibm.com/products/developer-for-zos). ## Details -IBM Wazi Developer for Workspaces provides a custom stack for mainframe developers with the all-in-one mainframe development package that includes the following capabilities: +IBM Wazi Developer for Workspaces provides a custom stack with the all-in-one mainframe development package that enables mainframe developers to: -- Modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I, which provides language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using [IBM Z Open Editor](https://marketplace.visualstudio.com/items?itemName=IBM.zopeneditor) -- Source code management (SCM) integration to enable integration with any flavor of Git, a popular and modern parallel development SCM -- Intelligent build capability that enables developers to perform a user build with IBM Dependency Based Build for any flavor of Git -- Integrations that enable developers to work with z/OS resources such as MVS and UNIX files and JES jobs -- Connectivity to Z host using [Zowe Explorer](https://marketplace.visualstudio.com/items?itemName=Zowe.vscode-extension-for-zowe) -- Connectivity to Z host using [IBM Remote System Explorer API](https://ibm.github.io/zopeneditor-about/Docs/interact_zos_overview.html) -- Debugging COBOL and PL/I applications using [IBM Z Open Debug](https://developer.ibm.com/mainframe/2020/06/12/introducing-ibm-z-open-debug/) -- Mainframe Development package with a custom plug-in and devfile registry support using the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) +- Use a modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I, which provides language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using IBM Z Open Editor, a component of IBM Wazi Developer for VS Code +- Integrate with any flavor of Git source code management (SCM) +- Perform a user build with IBM Dependency Based Build for any flavor of Git +- Work with z/OS resources such as MVS, UNIX files, and JES jobs +- Connect to the Z host with z/OSMF or IBM Remote System Explorer (RSE) API, using Zowe Explorer plus IBM Z Open Editor for a graphical user interface and Zowe CLI plus the RSE API plug-in for Zowe CLI for command line access +- Debug COBOL and PL/I applications using IBM Z Open Debug +- Use a mainframe development package with a custom plug-in and devfile registry support from the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) -Read our official documentation on the [IBM Documentation](https://ibm.biz/wazi-crw-doc) site to learn more about IBM Wazi Developer. +## Documentation -## Prerequisites +For details of the features for IBM Wazi Developer for Workspaces, see its [official documentation](https://ibm.biz/wazi-crw-doc). -### Resources Required +| Repository | Description | +| --- | --- | +| [IBM Wazi Developer for Workspaces](https://github.com/ibm/wazi-codeready-workspaces) | The devfile and plug-in registries | +| [IBM Wazi Developer for Workspaces Sidecars](https://github.com/ibm/wazi-codeready-workspaces-sidecars) | Supporting resources for the Wazi Developer plug-ins | +| [IBM Wazi Developer for Workspaces Operator](https://github.com/ibm/wazi-codeready-workspaces-operator) | Deployment using the Operator Lifecycle Manager | -- Ensure that you have a connection to a Red Hat OpenShift Container Platform (OCP) cluster, and that you have cluster-admin permissions. -- The Red Hat OpenShift cluster must be configured with a default storage class. For more information, see OpenShift Container Platform documentation. -- If you plan to use the OpenShift oAuth, then the cluster oAuth must be configured. For more information, see Configuring the internal OAuth server. -- Install OpenShift command-line tool, which lets you create applications and manage OpenShift Container Platform projects from a terminal. -- Install IBM Cloud Pak® command-line tool, which is a command line tool to manage Container Application Software for Enterprises (CASEs). +## Feedback + +We would love to hear feedback from you about IBM Wazi Developer for Workspaces. +File an issue or provide feedback here: [IBM Wazi Developer for Workspaces Issues](https://github.com/IBM/wazi-codeready-workspaces/issues) --- -**_Red Hat Content_** +## Reference: Red Hat content -## Building CRW Operator and Metadata containers +### Building CRW Operator and Metadata containers -### Operator container +#### Operator container -* The CRW operator has most of code in the upstream [che-operator](https://github.com/eclipse-che/che-operator/) repo, including this [Dockerfile](https://github.com/eclipse-che/che-operator/blob/master/Dockerfile). +- The CRW operator has most of code in the upstream [che-operator](https://github.com/eclipse-che/che-operator/) repo, including this [Dockerfile](https://github.com/eclipse-che/che-operator/blob/master/Dockerfile). -* This code is then synced to the [downstream repo](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator/?h=crw-2-rhel-8) via a job located here: +- This code is then synced to the [downstream repo](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator/?h=crw-2-rhel-8) via a job located here: - https://main-jenkins-csb-crwqe.apps.ocp4.prod.psi.redhat.com/job/CRW_CI/ (jobs) - https://gitlab.cee.redhat.com/codeready-workspaces/crw-jenkins/-/tree/master/jobs/CRW_CI (sources) @@ -73,37 +63,41 @@ Read our official documentation on the [IBM Documentation](https://ibm.biz/wazi- The Jenkinsfile transforms the Che code into CRW code and commits the changed code directly to downstream so there's no need for a branch in che-operator or to have code duplicated here. -NOTE: The job can be configured to sync from any upstream che-operator branch, eg., `SOURCE_BRANCH` = `7.26.x` or `master`. +| | | +| --- | --- | +| **NOTE** | The job can be configured to sync from any upstream che-operator branch, eg., `SOURCE_BRANCH` = `7.26.x` or `master`. | -* Once the sync is done: +- Once the sync is done: -** the [codeready-workspaces-operator](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator/?h=crw-2-rhel-8) repo is updated; + - the [codeready-workspaces-operator](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator/?h=crw-2-rhel-8) repo is updated; -** a Brew build will be triggered via **get-sources-rhpkg-container-build** job + - a Brew build will be triggered via **get-sources-rhpkg-container-build** job -** and, if successful, the Brew build will be copied to Quay as `https://quay.io/crw/crw-2-rhel8-operator`. + - and, if successful, the Brew build will be copied to Quay as `https://quay.io/crw/crw-2-rhel8-operator`. -### Metadata container +#### Metadata container -* Metadata for the CRW operator is contained in this repo. See [manifests](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/manifests), [metadata](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/metadata) and [deploy](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/deploy) folders, and this [operator-metadata.Dockerfile](https://github.com/redhat-developer/codeready-workspaces-operator/blob/master/operator-metadata.Dockerfile). +- Metadata for the CRW operator is contained in this repo. See [manifests](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/manifests), [metadata](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/metadata) and [deploy](https://github.com/redhat-developer/codeready-workspaces-operator/tree/master/deploy) folders, and this [operator-metadata.Dockerfile](https://github.com/redhat-developer/codeready-workspaces-operator/blob/master/operator-metadata.Dockerfile). -* The metadata is then synced to the [downstream repo](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator-metadata/?h=crw-2-rhel-8) via a job located here: +- The metadata is then synced to the [downstream repo](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator-metadata/?h=crw-2-rhel-8) via a job located here: - https://main-jenkins-csb-crwqe.apps.ocp4.prod.psi.redhat.com/job/CRW_CI/ (jobs) - https://gitlab.cee.redhat.com/codeready-workspaces/crw-jenkins/-/tree/master/jobs/CRW_CI (sources) - https://github.com/redhat-developer/codeready-workspaces-images#jenkins-jobs (copied sources) -NOTE: The job can be configured to sync from any upstream che-operator branch, eg., `SOURCE_BRANCH` = `7.26.x` or `master`. +| | | +| --- | --- | +| **NOTE** | The job can be configured to sync from any upstream che-operator branch, eg., `SOURCE_BRANCH` = `7.26.x` or `master`. | -* Once the sync is done: +- Once the sync is done: -** the [codeready-workspaces-operator-metadata](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator-metadata/?h=crw-2-rhel-8) repo is updated; + - the [codeready-workspaces-operator-metadata](http://pkgs.devel.redhat.com/cgit/containers/codeready-workspaces-operator-metadata/?h=crw-2-rhel-8) repo is updated; -** a Brew build will be triggered via **get-sources-rhpkg-container-build** job + - a Brew build will be triggered via **get-sources-rhpkg-container-build** job -** and, if successful, the Brew build will be copied to Quay] as `https://quay.io/crw/crw-2-rhel8-operator-metadata`. + - and, if successful, the Brew build will be copied to Quay] as `https://quay.io/crw/crw-2-rhel8-operator-metadata`. -### crwctl CLI binary +#### crwctl CLI binary * Once the operator and metadata is rebuilt, a new build of [crwctl](https://github.com/redhat-developer/codeready-workspaces-chectl) is triggered. diff --git a/bundle/manifests/ibm-developer-for-zos-enterprise-edition.clusterserviceversion.yaml b/bundle/manifests/ibm-developer-for-zos-enterprise-edition.clusterserviceversion.yaml new file mode 120000 index 00000000..a73be0cb --- /dev/null +++ b/bundle/manifests/ibm-developer-for-zos-enterprise-edition.clusterserviceversion.yaml @@ -0,0 +1 @@ +../../deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml \ No newline at end of file diff --git a/bundle/manifests/ibm-wazi-developer-for-workspaces.clusterserviceversion.yaml b/bundle/manifests/ibm-wazi-developer-for-workspaces.clusterserviceversion.yaml new file mode 120000 index 00000000..092cf698 --- /dev/null +++ b/bundle/manifests/ibm-wazi-developer-for-workspaces.clusterserviceversion.yaml @@ -0,0 +1 @@ +../../deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml \ No newline at end of file diff --git a/bundle/manifests/wazi-codeready-workspaces-operator/idzee-codeready-workspaces.clusterserviceversion.yaml b/bundle/manifests/wazi-codeready-workspaces-operator/idzee-codeready-workspaces.clusterserviceversion.yaml deleted file mode 120000 index 5c92b2e5..00000000 --- a/bundle/manifests/wazi-codeready-workspaces-operator/idzee-codeready-workspaces.clusterserviceversion.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml \ No newline at end of file diff --git a/bundle/manifests/wazi-codeready-workspaces-operator/wazi-codeready-workspaces.clusterserviceversion.yaml b/bundle/manifests/wazi-codeready-workspaces-operator/wazi-codeready-workspaces.clusterserviceversion.yaml deleted file mode 120000 index 0c1f42b3..00000000 --- a/bundle/manifests/wazi-codeready-workspaces-operator/wazi-codeready-workspaces.clusterserviceversion.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml \ No newline at end of file diff --git a/catalog-source/catalog-source-1.4.1.yaml b/catalog-source/catalog-source-1.4.1.yaml new file mode 100644 index 00000000..e3ecf2cd --- /dev/null +++ b/catalog-source/catalog-source-1.4.1.yaml @@ -0,0 +1,34 @@ +# +# Copyright IBM Corporation 2021 +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# +# Contributors: +# IBM Corporation - implementation +# + +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: wazi-codeready-operator-catalog + namespace: openshift-marketplace + labels: + name: wazi-codeready-operator-catalog + app.kubernetes.io/name: wazi-codeready-operator-catalog + app.kubernetes.io/instance: wazi-codeready-operator-catalog-1.4.1 + app.kubernetes.io/version: "1.4.1" + app.kubernetes.io/component: workspaces + app.kubernetes.io/part-of: wazi-developer + app.kubernetes.io/managed-by: olm + annotations: + productVersion: "1.4.1" + +spec: + displayName: IBM Wazi Developer Operators + publisher: IBM + sourceType: grpc + image: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog@sha256:dd6ed0f026ba1ef9abea6bcdf8b8f812ce6f79356ef085149e750b1ff0dd71fe + # tag: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog:1.4.1 \ No newline at end of file diff --git a/catalog-source/catalog-source-ibm-catalog.yaml b/catalog-source/catalog-source-ibm-catalog.yaml new file mode 100644 index 00000000..43513476 --- /dev/null +++ b/catalog-source/catalog-source-ibm-catalog.yaml @@ -0,0 +1,25 @@ +# +# Copyright IBM Corporation 2021 +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# +# Contributors: +# IBM Corporation - implementation +# + +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: ibm-operator-catalog + namespace: openshift-marketplace +spec: + displayName: IBM Operator Catalog + publisher: IBM + sourceType: grpc + image: icr.io/cpopen/ibm-operator-catalog:latest + updateStrategy: + registryPoll: + interval: 45m diff --git a/catalog-source/catalog-source.yaml b/catalog-source/catalog-source.yaml index 58e2834f..e3ecf2cd 100644 --- a/catalog-source/catalog-source.yaml +++ b/catalog-source/catalog-source.yaml @@ -18,17 +18,17 @@ metadata: labels: name: wazi-codeready-operator-catalog app.kubernetes.io/name: wazi-codeready-operator-catalog - app.kubernetes.io/instance: wazi-codeready-operator-catalog-1.4.0 - app.kubernetes.io/version: "1.4.0" + app.kubernetes.io/instance: wazi-codeready-operator-catalog-1.4.1 + app.kubernetes.io/version: "1.4.1" app.kubernetes.io/component: workspaces app.kubernetes.io/part-of: wazi-developer app.kubernetes.io/managed-by: olm annotations: - productVersion: "1.4.0" + productVersion: "1.4.1" spec: - sourceType: grpc displayName: IBM Wazi Developer Operators publisher: IBM - image: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog@sha256:d7f26aa2f05fdc9812d5347f1f36eb1d5d3d77467ff34982e4d08fe89375b036 - # tag: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog:1.4.0 + sourceType: grpc + image: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog@sha256:dd6ed0f026ba1ef9abea6bcdf8b8f812ce6f79356ef085149e750b1ff0dd71fe + # tag: icr.io/cpopen/ibm-wazi-developer-for-workspaces-catalog:1.4.1 \ No newline at end of file diff --git a/deploy/cluster_role.yaml b/deploy/cluster_role.yaml index 5fd2b778..ebe4eecf 100644 --- a/deploy/cluster_role.yaml +++ b/deploy/cluster_role.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm rules: - apiGroups: - oauth.openshift.io @@ -133,7 +134,10 @@ rules: - checlusters - checlusters/finalizers verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - project.openshift.io resources: @@ -327,7 +331,10 @@ rules: - secrets - serviceaccounts verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - "" resources: @@ -357,7 +364,10 @@ rules: resources: - services verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - admissionregistration.k8s.io resources: @@ -395,7 +405,10 @@ rules: - deployments - replicasets verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - apps - extensions @@ -422,13 +435,19 @@ rules: resources: - '*' verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - controller.devfile.io resources: - devworkspaceroutings verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - controller.devfile.io resources: @@ -442,7 +461,10 @@ rules: resources: - ingresses verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - monitoring.coreos.com resources: @@ -481,7 +503,10 @@ rules: resources: - routes verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - route.openshift.io resources: @@ -493,7 +518,10 @@ rules: resources: - '*' verbs: - - '*' + - get + - create + - update + - delete # devworkspace requirements: devworkspace-controller-view-workspaces cluster roles - apiGroups: - workspace.devfile.io @@ -556,7 +584,10 @@ rules: - secrets - serviceaccounts verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - "" resources: @@ -574,7 +605,10 @@ rules: resources: - services verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - apps resourceNames: @@ -599,7 +633,10 @@ rules: - deployments - replicasets verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - apps - extensions @@ -624,13 +661,19 @@ rules: resources: - '*' verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - che.eclipse.org resources: - chemanagers verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - che.eclipse.org resources: @@ -650,7 +693,10 @@ rules: resources: - devworkspaceroutings verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - controller.devfile.io resources: @@ -682,7 +728,10 @@ rules: resources: - ingresses verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - monitoring.coreos.com resources: @@ -721,7 +770,10 @@ rules: resources: - routes verbs: - - '*' + - get + - create + - update + - delete - apiGroups: - route.openshift.io resources: diff --git a/deploy/cluster_role_binding.yaml b/deploy/cluster_role_binding.yaml index 25dc0bb3..506589ab 100644 --- a/deploy/cluster_role_binding.yaml +++ b/deploy/cluster_role_binding.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm subjects: - kind: ServiceAccount name: codeready-operator diff --git a/deploy/crds/org_v1_che_cr.yaml b/deploy/crds/org_v1_che_cr.yaml index 2980e31e..911c5378 100644 --- a/deploy/crds/org_v1_che_cr.yaml +++ b/deploy/crds/org_v1_che_cr.yaml @@ -12,6 +12,10 @@ apiVersion: org.eclipse.che/v1 kind: CheCluster metadata: name: codeready-workspaces + labels: + app.kubernetes.io/name: che + app.kubernetes.io/instance: che + app.kubernetes.io/managed-by: olm spec: server: useInternalClusterSVCNames: true diff --git a/deploy/crds/org_v1_che_crd-v1beta1.yaml b/deploy/crds/org_v1_che_crd-v1beta1.yaml deleted file mode 100644 index 34473e1d..00000000 --- a/deploy/crds/org_v1_che_crd-v1beta1.yaml +++ /dev/null @@ -1,1036 +0,0 @@ -# -# Copyright (c) 2019-2021 Red Hat, Inc. -# This program and the accompanying materials are made -# available under the terms of the Eclipse Public License 2.0 -# which is available at https://www.eclipse.org/legal/epl-2.0/ -# -# SPDX-License-Identifier: EPL-2.0 -# -# Contributors: -# Red Hat, Inc. - initial API and implementation -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: checlusters.org.eclipse.che -spec: - group: org.eclipse.che - names: - kind: CheCluster - listKind: CheClusterList - plural: checlusters - singular: checluster - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: The `CheCluster` custom resource allows defining and managing a - Che server installation - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired configuration of the Che installation. Based on these - settings, the Operator automatically creates and maintains several ConfigMaps - that will contain the appropriate environment variables the various components - of the Che installation. These generated ConfigMaps must NOT be updated - manually. - properties: - auth: - description: Configuration settings related to the Authentication used - by the Che installation. - properties: - externalIdentityProvider: - description: 'Instructs the Operator on whether or not to deploy - a dedicated Identity Provider (Keycloak or RH SSO instance). Instructs - the Operator on whether to deploy a dedicated Identity Provider - (Keycloak or RH-SSO instance). By default, a dedicated Identity - Provider server is deployed as part of the Che installation. When - `externalIdentityProvider` is `true`, no dedicated identity provider - will be deployed by the Operator and you will need to provide - details about the external identity provider you are about to - use. See also all the other fields starting with: `identityProvider`.' - type: boolean - identityProviderAdminUserName: - description: Overrides the name of the Identity Provider administrator - user. Defaults to `admin`. - type: string - identityProviderClientId: - description: Name of a Identity provider, Keycloak or RH-SSO, `client-id` - that is used for Che. Override this when an external Identity - Provider is in use. See the `externalIdentityProvider` field. - When omitted or left blank, it is set to the value of the `flavour` - field suffixed with `-public`. - type: string - identityProviderContainerResources: - description: Identity provider container custom settings. - properties: - limits: - description: Limits describes the maximum amount of compute - resources allowed. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - request: - description: Requests describes the minimum amount of compute - resources required. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - type: object - identityProviderImage: - description: Overrides the container image used in the Identity - Provider, Keycloak or RH-SSO, deployment. This includes the image - tag. Omit it or leave it empty to use the default container image - provided by the Operator. - type: string - identityProviderImagePullPolicy: - description: Overrides the image pull policy used in the Identity - Provider, Keycloak or RH-SSO, deployment. Default value is `Always` - for `nightly` or `latest` images, and `IfNotPresent` in other - cases. - type: string - identityProviderIngress: - description: Ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - identityProviderPassword: - description: Overrides the password of Keycloak administrator user. - Override this when an external Identity Provider is in use. See - the `externalIdentityProvider` field. When omitted or left blank, - it is set to an auto-generated password. - type: string - identityProviderPostgresPassword: - description: Password for a Identity Provider, Keycloak or RH-SSO, - to connect to the database. Override this when an external Identity - Provider is in use. See the `externalIdentityProvider` field. - When omitted or left blank, it is set to an auto-generated password. - type: string - identityProviderPostgresSecret: - description: 'The secret that contains `password` for the Identity - Provider, Keycloak or RH-SSO, to connect to the database. When - the secret is defined, the `identityProviderPostgresPassword` - is ignored. When the value is omitted or left blank, the one of - following scenarios applies: 1. `identityProviderPostgresPassword` - is defined, then it will be used to connect to the database. 2. - `identityProviderPostgresPassword` is not defined, then a new - secret with the name `che-identity-postgres-secret` will be created - with an auto-generated value for `password`.' - type: string - identityProviderRealm: - description: Name of a Identity provider, Keycloak or RH-SSO, realm - that is used for Che. Override this when an external Identity - Provider is in use. See the `externalIdentityProvider` field. - When omitted or left blank, it is set to the value of the `flavour` - field. - type: string - identityProviderRoute: - description: Route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - identityProviderSecret: - description: 'The secret that contains `user` and `password` for - Identity Provider. When the secret is defined, the `identityProviderAdminUserName` - and `identityProviderPassword` are ignored. When the value is - omitted or left blank, the one of following scenarios applies: - 1. `identityProviderAdminUserName` and `identityProviderPassword` - are defined, then they will be used. 2. `identityProviderAdminUserName` - or `identityProviderPassword` are not defined, then a new secret - with the name `che-identity-secret` will be created with default - value `admin` for `user` and with an auto-generated value for - `password`.' - type: string - identityProviderURL: - description: Public URL of the Identity Provider server (Keycloak - / RH-SSO server). Set this ONLY when a use of an external Identity - Provider is needed. See the `externalIdentityProvider` field. - By default, this will be automatically calculated and set by the - Operator. - type: string - initialOpenShiftOAuthUser: - description: For operating with the OpenShift OAuth authentication, - create a new user account since the kubeadmin can not be used. - If the value is true, then a new OpenShift OAuth user will be - created for the HTPasswd identity provider. If the value is false - and the user has already been created, then it will be removed. - If value is an empty, then do nothing. The user's credentials - are stored in the `openshift-oauth-user-credentials` secret in - 'openshift-config' namespace by Operator. Note that this solution - is Openshift 4 platform-specific. - type: boolean - oAuthClientName: - description: Name of the OpenShift `OAuthClient` resource used to - setup identity federation on the OpenShift side. Auto-generated - when left blank. See also the `OpenShiftoAuth` field. - type: string - oAuthSecret: - description: Name of the secret set in the OpenShift `OAuthClient` - resource used to setup identity federation on the OpenShift side. - Auto-generated when left blank. See also the `OAuthClientName` - field. - type: string - openShiftoAuth: - description: 'Enables the integration of the identity provider (Keycloak - / RHSSO) with OpenShift OAuth. Empty value on OpenShift by default. - This will allow users to directly login with their OpenShift user - through the OpenShift login, and have their workspaces created - under personal OpenShift namespaces. WARNING: the `kubeadmin` - user is NOT supported, and logging through it will NOT allow accessing - the Che Dashboard.' - type: boolean - updateAdminPassword: - description: Forces the default `admin` Che user to update password - on first login. Defaults to `false`. - type: boolean - type: object - database: - description: Configuration settings related to the database used by - the Che installation. - properties: - chePostgresContainerResources: - description: PostgreSQL container custom settings - properties: - limits: - description: Limits describes the maximum amount of compute - resources allowed. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - request: - description: Requests describes the minimum amount of compute - resources required. - properties: - cpu: - description: CPU, in cores. (500m = .5 cores) - type: string - memory: - description: Memory, in bytes. (500Gi = 500GiB = 500 * 1024 - * 1024 * 1024) - type: string - type: object - type: object - chePostgresDb: - description: PostgreSQL database name that the Che server uses to - connect to the DB. Defaults to `dbche`. - type: string - chePostgresHostName: - description: PostgreSQL Database host name that the Che server uses - to connect to. Defaults is `postgres`. Override this value ONLY - when using an external database. See field `externalDb`. In the - default case it will be automatically set by the Operator. - type: string - chePostgresPassword: - description: PostgreSQL password that the Che server uses to connect - to the DB. When omitted or left blank, it will be set to an automatically - generated value. - type: string - chePostgresPort: - description: PostgreSQL Database port that the Che server uses to - connect to. Defaults to 5432. Override this value ONLY when using - an external database. See field `externalDb`. In the default case - it will be automatically set by the Operator. - type: string - chePostgresSecret: - description: 'The secret that contains PostgreSQL`user` and `password` - that the Che server uses to connect to the DB. When the secret - is defined, the `chePostgresUser` and `chePostgresPassword` are - ignored. When the value is omitted or left blank, the one of following - scenarios applies: 1. `chePostgresUser` and `chePostgresPassword` - are defined, then they will be used to connect to the DB. 2. `chePostgresUser` - or `chePostgresPassword` are not defined, then a new secret with - the name `che-postgres-secret` will be created with default value - of `pgche` for `user` and with an auto-generated value for `password`.' - type: string - chePostgresUser: - description: PostgreSQL user that the Che server uses to connect - to the DB. Defaults to `pgche`. - type: string - externalDb: - description: 'Instructs the Operator on whether to deploy a dedicated - database. By default, a dedicated PostgreSQL database is deployed - as part of the Che installation. When `externalDb` is `true`, - no dedicated database will be deployed by the Operator and you - will need to provide connection details to the external DB you - are about to use. See also all the fields starting with: `chePostgres`.' - type: boolean - postgresImage: - description: Overrides the container image used in the PostgreSQL - database deployment. This includes the image tag. Omit it or leave - it empty to use the default container image provided by the Operator. - type: string - postgresImagePullPolicy: - description: Overrides the image pull policy used in the PostgreSQL - database deployment. Default value is `Always` for `nightly` or - `latest` images, and `IfNotPresent` in other cases. - type: string - type: object - devWorkspace: - description: Dev Workspace operator configuration - properties: - controllerImage: - description: Overrides the container image used in the DevWorkspace - controller deployment. This includes the image tag. Omit it or - leave it empty to use the default container image provided by - the Operator. - type: string - enable: - description: Deploys the DevWorkspace Operator in the cluster. Does - nothing when a matching version of the Operator is already installed. - Fails when a non-matching version of the Operator is already installed. - type: boolean - type: object - imagePuller: - description: Kubernetes Image Puller configuration - properties: - enable: - description: "Install and configure the Community Supported Kubernetes - Image Puller Operator. When set to `true` and no spec is provided, - it will create a default KubernetesImagePuller object to be managed - by the Operator. When set to `false`, the KubernetesImagePuller - object will be deleted, and the Operator will be uninstalled, - regardless of whether a spec is provided. - Note that while this - the Operator and its behavior is community-supported, its payload - may be commercially-supported for pulling commercially-supported - images." - type: boolean - spec: - description: A KubernetesImagePullerSpec to configure the image - puller in the CheCluster - properties: - cachingCPULimit: - type: string - cachingCPURequest: - type: string - cachingIntervalHours: - type: string - cachingMemoryLimit: - type: string - cachingMemoryRequest: - type: string - configMapName: - type: string - daemonsetName: - type: string - deploymentName: - type: string - images: - type: string - nodeSelector: - type: string - type: object - type: object - k8s: - description: Configuration settings specific to Che installations made - on upstream Kubernetes. - properties: - ingressClass: - description: 'Ingress class that will define the which controller - will manage ingresses. Defaults to `nginx`. NB: This drives the - `kubernetes.io/ingress.class` annotation on Che-related ingresses.' - type: string - ingressDomain: - description: 'Global ingress domain for a Kubernetes cluster. This - MUST be explicitly specified: there are no defaults.' - type: string - ingressStrategy: - description: 'Strategy for ingress creation. Options are: `multi-host` - (host is explicitly provided in ingress), `single-host` (host - is provided, path-based rules) and `default-host` (no host is - provided, path-based rules). Defaults to `multi-host` Deprecated - in favor of `serverExposureStrategy` in the `server` section, - which defines this regardless of the cluster type. When both are - defined, the `serverExposureStrategy` option takes precedence.' - type: string - securityContextFsGroup: - description: The FSGroup in which the Che Pod and workspace Pods - containers runs in. Default value is `1724`. - type: string - securityContextRunAsUser: - description: ID of the user the Che Pod and workspace Pods containers - run as. Default value is `1724`. - type: string - singleHostExposureType: - description: When the serverExposureStrategy is set to `single-host`, - the way the server, registries and workspaces are exposed is further - configured by this property. The possible values are `native`, - which means that the server and workspaces are exposed using ingresses - on K8s or `gateway` where the server and workspaces are exposed - using a custom gateway based on link:https://doc.traefik.io/traefik/[Traefik]. - All the endpoints whether backed by the ingress or gateway `route` - always point to the subpaths on the same domain. Defaults to `native`. - type: string - tlsSecretName: - description: Name of a secret that will be used to setup ingress - TLS termination when TLS is enabled. When the field is empty string, - the default cluster certificate will be used. See also the `tlsSupport` - field. - type: string - type: object - metrics: - description: Configuration settings related to the metrics collection - used by the Che installation. - properties: - enable: - description: Enables `metrics` the Che server endpoint. Default - to `true`. - type: boolean - type: object - server: - description: General configuration settings related to the Che server - and the plugin and devfile registries - properties: - airGapContainerRegistryHostname: - description: Optional host name, or URL, to an alternate container - registry to pull images from. This value overrides the container - registry host name defined in all the default container images - involved in a Che deployment. This is particularly useful to install - Che in a restricted environment. - type: string - airGapContainerRegistryOrganization: - description: Optional repository name of an alternate container - registry to pull images from. This value overrides the container - registry organization defined in all the default container images - involved in a Che deployment. This is particularly useful to install - CodeReady Workspaces in a restricted environment. - type: string - allowUserDefinedWorkspaceNamespaces: - description: Deprecated. The value of this flag is ignored. Defines - that a user is allowed to specify a Kubernetes namespace, or an - OpenShift project, which differs from the default. It's NOT RECOMMENDED - to set to `true` without OpenShift OAuth configured. The OpenShift - infrastructure also uses this property. - type: boolean - cheClusterRoles: - description: A comma-separated list of ClusterRoles that will be - assigned to Che ServiceAccount. Be aware that the Che Operator - has to already have all permissions in these ClusterRoles to grant - them. - type: string - cheDebug: - description: Enables the debug mode for Che server. Defaults to - `false`. - type: string - cheFlavor: - description: Specifies a variation of the installation. The options - are `che` for upstream Che installations, or `codeready` for link:https://developers.redhat.com/products/codeready-workspaces/overview[CodeReady - Workspaces] installation. Override the default value only on necessary - occasions. - type: string - cheHost: - description: Public host name of the installed Che server. When - value is omitted, the value it will be automatically set by the - Operator. See the `cheHostTLSSecret` field. - type: string - cheHostTLSSecret: - description: Name of a secret containing certificates to secure - ingress or route for the custom host name of the installed Che - server. See the `cheHost` field. - type: string - cheImage: - description: Overrides the container image used in Che deployment. - This does NOT include the container image tag. Omit it or leave - it empty to use the default container image provided by the Operator. - type: string - cheImagePullPolicy: - description: Overrides the image pull policy used in Che deployment. - Default value is `Always` for `nightly` or `latest` images, and - `IfNotPresent` in other cases. - type: string - cheImageTag: - description: Overrides the tag of the container image used in Che - deployment. Omit it or leave it empty to use the default image - tag provided by the Operator. - type: string - cheLogLevel: - description: 'Log level for the Che server: `INFO` or `DEBUG`. Defaults - to `INFO`.' - type: string - cheServerIngress: - description: The Che server ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - cheServerRoute: - description: The Che server route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - cheWorkspaceClusterRole: - description: Custom cluster role bound to the user for the Che workspaces. - The default roles are used when omitted or left blank. - type: string - customCheProperties: - additionalProperties: - type: string - description: Map of additional environment variables that will be - applied in the generated `che` ConfigMap to be used by the Che - server, in addition to the values already generated from other - fields of the `CheCluster` custom resource (CR). When `customCheProperties` - contains a property that would be normally generated in `che` - ConfigMap from other CR fields, the value defined in the `customCheProperties` - is used instead. - type: object - dashboardCpuLimit: - description: Overrides the CPU limit used in the dashboard deployment. - In cores. (500m = .5 cores). Default to 500m. - type: string - dashboardCpuRequest: - description: Overrides the CPU request used in the dashboard deployment. - In cores. (500m = .5 cores). Default to 100m. - type: string - dashboardImage: - description: Overrides the container image used in the dashboard - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - dashboardImagePullPolicy: - description: Overrides the image pull policy used in the dashboard - deployment. Default value is `Always` for `nightly` or `latest` - images, and `IfNotPresent` in other cases. - type: string - dashboardIngress: - description: Dashboard ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - dashboardMemoryLimit: - description: Overrides the memory limit used in the dashboard deployment. - Defaults to 256Mi. - type: string - dashboardMemoryRequest: - description: Overrides the memory request used in the dashboard - deployment. Defaults to 16Mi. - type: string - dashboardRoute: - description: Dashboard route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryCpuLimit: - description: Overrides the CPU limit used in the devfile registry - deployment. In cores. (500m = .5 cores). Default to 500m. - type: string - devfileRegistryCpuRequest: - description: Overrides the CPU request used in the devfile registry - deployment. In cores. (500m = .5 cores). Default to 100m. - type: string - devfileRegistryImage: - description: Overrides the container image used in the devfile registry - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - devfileRegistryIngress: - description: The devfile registry ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryMemoryLimit: - description: Overrides the memory limit used in the devfile registry - deployment. Defaults to 256Mi. - type: string - devfileRegistryMemoryRequest: - description: Overrides the memory request used in the devfile registry - deployment. Defaults to 16Mi. - type: string - devfileRegistryPullPolicy: - description: Overrides the image pull policy used in the devfile - registry deployment. Default value is `Always` for `nightly` or - `latest` images, and `IfNotPresent` in other cases. - type: string - devfileRegistryRoute: - description: The devfile registry route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - devfileRegistryUrl: - description: Deprecated in favor of `externalDevfileRegistries` - fields. - type: string - externalDevfileRegistries: - description: External devfile registries, that serves sample, ready-to-use - devfiles. Configure this in addition to a dedicated devfile registry - (when `externalDevfileRegistry` is `false`) or instead of it (when - `externalDevfileRegistry` is `true`) - items: - description: Settings for a configuration of the external devfile - registries. - properties: - url: - description: Public URL of the devfile registry. - type: string - type: object - type: array - externalDevfileRegistry: - description: Instructs the Operator on whether to deploy a dedicated - devfile registry server. By default, a dedicated devfile registry - server is started. When `externalDevfileRegistry` is `true`, no - such dedicated server will be started by the Operator and configure - at least one devfile registry with `externalDevfileRegistries` - field. - type: boolean - externalPluginRegistry: - description: Instructs the Operator on whether to deploy a dedicated - plugin registry server. By default, a dedicated plugin registry - server is started. When `externalPluginRegistry` is `true`, no - such dedicated server will be started by the Operator and you - will have to manually set the `pluginRegistryUrl` field. - type: boolean - gitSelfSignedCert: - description: When enabled, the certificate from `che-git-self-signed-cert` - ConfigMap will be propagated to the Che components and provide - particular configuration for Git. - type: boolean - nonProxyHosts: - description: 'List of hosts that will be reached directly, bypassing - the proxy. Specify wild card domain use the following form `.` - and `|` as delimiter, for example: `localhost|.my.host.com|123.42.12.32` - Only use when configuring a proxy is required. Operator respects - OpenShift cluster wide proxy configuration and no additional configuration - is required, but defining `nonProxyHosts` in a custom resource - leads to merging non proxy hosts lists from the cluster proxy - configuration and ones defined in the custom resources. See the - doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. - See also the `proxyURL` fields.' - type: string - pluginRegistryCpuLimit: - description: Overrides the CPU limit used in the plugin registry - deployment. In cores. (500m = .5 cores). Default to 500m. - type: string - pluginRegistryCpuRequest: - description: Overrides the CPU request used in the plugin registry - deployment. In cores. (500m = .5 cores). Default to 100m. - type: string - pluginRegistryImage: - description: Overrides the container image used in the plugin registry - deployment. This includes the image tag. Omit it or leave it empty - to use the default container image provided by the Operator. - type: string - pluginRegistryIngress: - description: Plugin registry ingress custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - pluginRegistryMemoryLimit: - description: Overrides the memory limit used in the plugin registry - deployment. Defaults to 256Mi. - type: string - pluginRegistryMemoryRequest: - description: Overrides the memory request used in the plugin registry - deployment. Defaults to 16Mi. - type: string - pluginRegistryPullPolicy: - description: Overrides the image pull policy used in the plugin - registry deployment. Default value is `Always` for `nightly` or - `latest` images, and `IfNotPresent` in other cases. - type: string - pluginRegistryRoute: - description: Plugin registry route custom settings. - properties: - annotations: - additionalProperties: - type: string - description: Unstructured key value map stored with a resource - that may be set by external tools to store and retrieve arbitrary - metadata. - type: object - domain: - description: 'Operator uses the domain to generate a hostname - for a route. In a conjunction with labels it creates a route, - which is served by a non-default Ingress controller. The generated - host name will follow this pattern: `-.`.' - type: string - labels: - description: Comma separated list of labels that can be used - to organize and categorize objects by scoping and selecting. - type: string - type: object - pluginRegistryUrl: - description: Public URL of the plugin registry that serves sample - ready-to-use devfiles. Set this ONLY when a use of an external - devfile registry is needed. See the `externalPluginRegistry` field. - By default, this will be automatically calculated by the Operator. - type: string - proxyPassword: - description: Password of the proxy server. Only use when proxy configuration - is required. See the `proxyURL`, `proxyUser` and `proxySecret` - fields. - type: string - proxyPort: - description: Port of the proxy server. Only use when configuring - a proxy is required. See also the `proxyURL` and `nonProxyHosts` - fields. - type: string - proxySecret: - description: The secret that contains `user` and `password` for - a proxy server. When the secret is defined, the `proxyUser` and - `proxyPassword` are ignored. - type: string - proxyURL: - description: URL (protocol+host name) of the proxy server. This - drives the appropriate changes in the `JAVA_OPTS` and `https(s)_proxy` - variables in the Che server and workspaces containers. Only use - when configuring a proxy is required. Operator respects OpenShift - cluster wide proxy configuration and no additional configuration - is required, but defining `proxyUrl` in a custom resource leads - to overrides the cluster proxy configuration with fields `proxyUrl`, - `proxyPort`, `proxyUser` and `proxyPassword` from the custom resource. - See the doc https://docs.openshift.com/container-platform/4.4/networking/enable-cluster-wide-proxy.html. - See also the `proxyPort` and `nonProxyHosts` fields. - type: string - proxyUser: - description: User name of the proxy server. Only use when configuring - a proxy is required. See also the `proxyURL`, `proxyPassword` - and `proxySecret` fields. - type: string - selfSignedCert: - description: Deprecated. The value of this flag is ignored. The - Che Operator will automatically detect whether the router certificate - is self-signed and propagate it to other components, such as the - Che server. - type: boolean - serverCpuLimit: - description: Overrides the CPU limit used in the Che server deployment - In cores. (500m = .5 cores). Default to 1. - type: string - serverCpuRequest: - description: Overrides the CPU request used in the Che server deployment - In cores. (500m = .5 cores). Default to 100m. - type: string - serverExposureStrategy: - description: Sets the server and workspaces exposure type. Possible - values are `multi-host`, `single-host`, `default-host`. Defaults - to `multi-host`, which creates a separate ingress, or OpenShift - routes, for every required endpoint. `single-host` makes Che exposed - on a single host name with workspaces exposed on subpaths. Read - the docs to learn about the limitations of this approach. Also - consult the `singleHostExposureType` property to further configure - how the Operator and the Che server make that happen on Kubernetes. - `default-host` exposes the Che server on the host of the cluster. - Read the docs to learn about the limitations of this approach. - type: string - serverMemoryLimit: - description: Overrides the memory limit used in the Che server deployment. - Defaults to 1Gi. - type: string - serverMemoryRequest: - description: Overrides the memory request used in the Che server - deployment. Defaults to 512Mi. - type: string - serverTrustStoreConfigMapName: - description: Name of the ConfigMap with public certificates to add - to Java trust store of the Che server. This is often required - when adding the OpenShift OAuth provider, which has HTTPS endpoint - signed with self-signed cert. The Che server must be aware of - its CA cert to be able to request it. This is disabled by default. - type: string - singleHostGatewayConfigMapLabels: - additionalProperties: - type: string - description: The labels that need to be present in the ConfigMaps - representing the gateway configuration. - type: object - singleHostGatewayConfigSidecarImage: - description: The image used for the gateway sidecar that provides - configuration to the gateway. Omit it or leave it empty to use - the default container image provided by the Operator. - type: string - singleHostGatewayImage: - description: The image used for the gateway in the single host mode. - Omit it or leave it empty to use the default container image provided - by the Operator. - type: string - tlsSupport: - description: Deprecated. Instructs the Operator to deploy Che in - TLS mode. This is enabled by default. Disabling TLS sometimes - cause malfunction of some Che components. - type: boolean - useInternalClusterSVCNames: - description: Use internal cluster SVC names to communicate between - components to speed up the traffic and avoid proxy issues. The - default value is `true`. - type: boolean - workspaceNamespaceDefault: - description: Defines Kubernetes default namespace in which user's - workspaces are created for a case when a user does not override - it. It's possible to use ``, `` and `` - placeholders, such as che-workspace-. In that case, - a new namespace will be created for each user or workspace. - type: string - type: object - storage: - description: Configuration settings related to the persistent storage - used by the Che installation. - properties: - postgresPVCStorageClassName: - description: Storage class for the Persistent Volume Claim dedicated - to the PostgreSQL database. When omitted or left blank, a default - storage class is used. - type: string - preCreateSubPaths: - description: Instructs the Che server to start a special Pod to - pre-create a sub-path in the Persistent Volumes. Defaults to `false`, - however it will need to enable it according to the configuration - of your Kubernetes cluster. - type: boolean - pvcClaimSize: - description: Size of the persistent volume claim for workspaces. - Defaults to `1Gi`. - type: string - pvcJobsImage: - description: Overrides the container image used to create sub-paths - in the Persistent Volumes. This includes the image tag. Omit it - or leave it empty to use the default container image provided - by the Operator. See also the `preCreateSubPaths` field. - type: string - pvcStrategy: - description: Persistent volume claim strategy for the Che server. - This Can be:`common` (all workspaces PVCs in one volume), `per-workspace` - (one PVC per workspace for all declared volumes) and `unique` - (one PVC per declared volume). Defaults to `common`. - type: string - workspacePVCStorageClassName: - description: Storage class for the Persistent Volume Claims dedicated - to the Che workspaces. When omitted or left blank, a default storage - class is used. - type: string - type: object - type: object - status: - description: CheClusterStatus defines the observed state of Che installation - properties: - cheClusterRunning: - description: Status of a Che installation. Can be `Available`, `Unavailable`, - or `Available, Rolling Update in Progress`. - type: string - cheURL: - description: Public URL to the Che server. - type: string - cheVersion: - description: Current installed Che version. - type: string - dbProvisioned: - description: Indicates that a PostgreSQL instance has been correctly - provisioned or not. - type: boolean - devfileRegistryURL: - description: Public URL to the devfile registry. - type: string - devworkspaceStatus: - description: The status of the Devworkspace subsystem - properties: - gatewayHost: - description: GatewayHost is the resolved host of the ingress/route. - This is equal to the Host in the spec on Kubernetes but contains - the actual host name of the route if Host is unspecified on OpenShift. - type: string - gatewayPhase: - description: GatewayPhase specifies the phase in which the gateway - deployment currently is. If the gateway is disabled, the phase - is "Inactive". - type: string - message: - description: Message contains further human-readable info for why - the Che cluster is in the phase it currently is. - type: string - phase: - description: Phase is the phase in which the Che cluster as a whole - finds itself in. - type: string - reason: - description: A brief CamelCase message indicating details about - why the Che cluster is in this state. - type: string - workspaceBaseDomain: - description: The resolved workspace base domain. This is either - the copy of the explicitly defined property of the same name in - the spec or, if it is undefined in the spec and we're running - on OpenShift, the automatically resolved basedomain for routes. - type: string - type: object - gitHubOAuthProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been configured to integrate with the GitHub OAuth. - type: boolean - helpLink: - description: A URL that points to some URL where to find help related - to the current Operator status. - type: string - keycloakProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been provisioned with realm, client and user. - type: boolean - keycloakURL: - description: Public URL to the Identity Provider server, Keycloak or - RH-SSO,. - type: string - message: - description: A human readable message indicating details about why the - Pod is in this condition. - type: string - openShiftOAuthUserCredentialsSecret: - description: OpenShift OAuth secret in `openshift-config` namespace - that contains user credentials for HTPasswd identity provider. - type: string - openShiftoAuthProvisioned: - description: Indicates whether an Identity Provider instance, Keycloak - or RH-SSO, has been configured to integrate with the OpenShift OAuth. - type: boolean - pluginRegistryURL: - description: Public URL to the plugin registry. - type: string - reason: - description: A brief CamelCase message indicating details about why - the Pod is in this state. - type: string - type: object - type: object - version: v1 - versions: - - name: v1 - served: true - storage: true diff --git a/deploy/crds/org_v1_che_crd.yaml b/deploy/crds/org_v1_che_crd.yaml index aede17e2..9d01fa1c 100644 --- a/deploy/crds/org_v1_che_crd.yaml +++ b/deploy/crds/org_v1_che_crd.yaml @@ -12,6 +12,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: checlusters.org.eclipse.che + labels: + app.kubernetes.io/name: che + app.kubernetes.io/instance: che + app.kubernetes.io/managed-by: olm spec: group: org.eclipse.che names: diff --git a/deploy/namespaces_cluster_role.yaml b/deploy/namespaces_cluster_role.yaml index 48c0d16b..d182cd49 100644 --- a/deploy/namespaces_cluster_role.yaml +++ b/deploy/namespaces_cluster_role.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm rules: - apiGroups: - "" diff --git a/deploy/namespaces_cluster_role_binding.yaml b/deploy/namespaces_cluster_role_binding.yaml index 4a3d4b26..7bf67c7a 100644 --- a/deploy/namespaces_cluster_role_binding.yaml +++ b/deploy/namespaces_cluster_role_binding.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm subjects: - kind: ServiceAccount name: codeready-operator diff --git a/deploy/olm-catalog/idzee/manifests/idzee-codeready-rolebinding.yaml b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces-rolebinding.yaml similarity index 100% rename from deploy/olm-catalog/idzee/manifests/idzee-codeready-rolebinding.yaml rename to deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces-rolebinding.yaml diff --git a/deploy/olm-catalog/idzee/manifests/idzee-codeready-servicemonitor.yaml b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces-servicemonitor.yaml similarity index 100% rename from deploy/olm-catalog/idzee/manifests/idzee-codeready-servicemonitor.yaml rename to deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces-servicemonitor.yaml diff --git a/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.crd.yaml b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.crd.yaml index 7604c052..ca4f009c 100644 --- a/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.crd.yaml +++ b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.crd.yaml @@ -357,8 +357,7 @@ spec: managed by the Operator. When set to `false`, the KubernetesImagePuller object will be deleted, and the Operator will be uninstalled, regardless of whether a spec is provided. - Note that while - this the Operator and its behavior is community-supported, its + Note that while this Operator and its behavior is community-supported, its payload may be commercially-supported for pulling commercially-supported images." type: boolean @@ -450,7 +449,7 @@ spec: type: object server: description: General configuration settings related to the Che server - and the plugin and devfile registries + and the plug-in and devfile registries properties: airGapContainerRegistryHostname: description: Optional host name, or URL, to an alternate container diff --git a/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml index b960bd6b..605f3536 100644 --- a/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml +++ b/deploy/olm-catalog/idzee/manifests/idzee-codeready-workspaces.csv.yaml @@ -90,8 +90,8 @@ metadata: operatorframework.io/cluster-monitoring: "true" repository: https://github.com/IBM/wazi-codeready-workspaces-operator support: IBM - olm.skipRange: ">=1.0.0 <1.4.0" - name: ibm-developer-for-zos-enterprise-edition.v1.4.0 + olm.skipRange: ">=1.0.0 <1.4.1" + name: ibm-developer-for-zos-enterprise-edition.v1.4.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -155,149 +155,90 @@ spec: - urn:alm:descriptor:text version: v1 description: | - # Introduction + IBM Wazi Developer for Workspaces is a component shipped with either IBM Wazi Developer for Red Hat CodeReady Workspaces (Wazi Developer for Workspaces) or IBM Developer for z/OS Enterprise Edition (IDzEE). - IBM Wazi Developer for Red Hat CodeReady Workspaces (IBM Wazi Developer) is a single integrated solution, which delivers a cloud native development experience for z/OS. It enables application developers to develop and test z/OS application components in a virtual z/OS environment on an OpenShift®-powered hybrid multicloud platform, and to use an industry standard integrated development environment (IDE) of their choice. + # Name + IBM Wazi Developer for Red Hat CodeReady Workspaces (Wazi Developer for Workspaces) - IBM Wazi Developer for Workspaces, a component of IBM Wazi Developer, is built on the Red Hat CodeReady Workspaces project. The core functionality for Red Hat CodeReady Workspaces is provided by an open-source project called Eclipse Che. IBM Wazi Developer for Workspaces uses Kubernetes and containers to provide your team with a consistent, secure, and zero-configuration development environment that interacts with your IBM Z platform. - - IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open-source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology and stacks, IBM Wazi Developer for Workspaces brings the necessary technology to the task at hand. + ## Introduction + IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology, IBM Wazi Developer for Workspaces brings the necessary tools to the task at hand. ## Details + IBM Wazi Developer for Workspaces provides a custom stack with the all-in-one mainframe development package that enables mainframe developers to: - IBM Wazi Developer for Workspaces provides a custom stack for mainframe developers with the all-in-one mainframe development package that includes the following capabilities: - - - Modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I that provide language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using [IBM Z Open Editor](https://marketplace.visualstudio.com/items?itemName=IBM.zopeneditor) - - Source code management (SCM) integration to enable integration with any flavor of Git, a popular and modern parallel development SCM - - Intelligent build capability that enables developers to perform a user build with IBM Dependency Based Build for any flavor of Git - - Integrations that enable developers to work with z/OS resources such as MVS and UNIX files and JES jobs - - Connectivity to Z host using [Zowe Explorer](https://marketplace.visualstudio.com/items?itemName=Zowe.vscode-extension-for-zowe) - - Debugging COBOL and PL/I applications using [IBM Z Open Debug](https://developer.ibm.com/mainframe/2020/06/12/introducing-ibm-z-open-debug/) - - Interacting with the [IBM Remote System Explorer API](https://ibm.github.io/zopeneditor-about/Docs/interact_zos_overview.html) - - Mainframe Development package with custom plugin and devfile registry support using the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) - - Read our official documentation on the [IBM Documentation](https://ibm.biz/wazi-crw-doc) site to learn more about IBM Wazi Developer. + - Use a modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I, which provides language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using IBM Z Open Editor, a component of IBM Wazi Developer for VS Code + - Integrate with any flavor of Git source code management (SCM) + - Perform a user build with IBM Dependency Based Build for any flavor of Git + - Work with z/OS resources such as MVS, UNIX files, and JES jobs + - Connect to the Z host with z/OSMF or IBM Remote System Explorer (RSE) API, using Zowe Explorer plus IBM Z Open Editor for a graphical user interface and Zowe CLI plus the RSE API plug-in for Zowe CLI for command line access + - Debug COBOL and PL/I applications using IBM Z Open Debug + - Use a mainframe development package with a custom plug-in and devfile registry support from the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) ## Prerequisites + Before you install Wazi Developer for Workspaces, ensure that the following prerequisites are met. Ensure that you have the latest version of each tool mentioned below. If you installed these tools previously, check the versions and update if necessary. + + - Ensure that you have a connection to a Red Hat® OpenShift Container Platform (OCP) cluster, and that you have cluster-admin permissions. + - Install the OpenShift command-line interface (CLI), which lets you create applications and manage OpenShift Container Platform projects from a terminal. ### Resources Required + | Pod | Container Name | Default memory limit | Default memory request | + | --- | --- | --- | --- | + | Wazi CodeReady Operator | wazi-codeready-operator | 256 MiB | 64 MiB | + | Che Server and Dashboard | che | 1 GiB | 512 MiB | + | PostgreSQL | postgres | 1 GiB | 512 MiB | + | RH-SSO | keycloak | 2 GiB | 512 MiB | + | Devfile registry | che-devfile-registry | 256 MiB | 32 MiB | + | Plug-in registry | che-plugin-registry | 1 GiB | 512 MiB | + | Wazi CodeReady Sidecar | wazi-terminal | 128 MiB | 32 MiB | - - Ensure that you have a connection to a Red Hat OpenShift Container Platform (OCP) cluster, and that you have cluster-admin permissions. - - The Red Hat OpenShift cluster must be configured with a default storage class. For more information, see OpenShift Container Platform documentation. - - If you plan to use the OpenShift oAuth, then the cluster oAuth must be configured. For more information, see Configuring the internal OAuth server. - - Install OpenShift command-line tool, which lets you create applications and manage OpenShift Container Platform projects from a terminal. - - Install IBM Cloud Pak® command-line tool, which is a command line tool to manage Container Application Software for Enterprises (CASEs). - + **Note**: For larger deployments, [increase the memory limits](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.12/html-single/installation_guide/index#advanced-configuration-options-for-the-codeready-workspaces-server-component_crw). + + ### Storage Minimum scheduling capacity: - | Software | Memory (GB) | CPU (cores) | Disk (GB) | Nodes | | ------------------------------------------- | ----------- | ----------- | --------- | ----- | | IBM Wazi Developer for Workspaces | 8 GB | 4 (vCPUs) | 35 GB | 1 | | | | | | | | **Total** | 8 GB | 4 (vCPUs) | 35 GB | 1 | - - - #### Minimum of 5 GB of RAM is required to run Codeready Workspaces - - The CodeReady Workspaces server: about 750 MB - - The Red Hat Single Sign-On authorization server: about 1 GB - - PostgreSQL: about 515 MB - - Keycloak: about 1GB - - Workspaces: 2 GB of RAM per workspace. The require size of RAM for workspace depends on the runtime and number of pods. - - - #### Codeready Workspaces storage requirements - - CodeReady Workspaces server: 1 GB to store logs and initial workspace stacks - - Keycloak: 2 PVCs, 1 GB each to store logs and Keycloak data - - PostgreSQL: 1 GB PVC to store database. - + + ### SecurityContextConstraints Requirements + All pods run in `restricted` mode, see [Managing security context constraints](https://docs.openshift.com/container-platform/latest/authentication/managing-security-context-constraints.html) for more information. + ## Installing + The Operator will manage the lifecycle of an instance of IBM Wazi Developer for Workspaces. - Press the **Install** button, select the namespace, choose the update strategy, click the Subscribe button, and wait for the **Succeeded** Operator status. - - When the operator is installed, create a new instance of the IBM Wazi Developer for Workspaces (click the **Create Instance** button). - - IBM Wazi Developer for Workspaces spec contains all defaults (see below). - - You can start using the IBM Wazi Developer for Workspaces when the status is set to **Available**, and you see a URL. - - # Configuration + | Product Name | Default Project | + | ----------------------------------------- | -------------------------- | + | IBM Wazi Developer for Workspaces | wazi-codeready-workspaces | + | IBM Developer for z/OS Enterprise Edition | idzee-codeready-workspaces | - ## Defaults + In the OpenShift cluster web console: - By default, the operator deploys IBM Wazi Developer for Workspaces with: - - - Bundled PostgreSQL and Keycloak - - Per-Workspace PVC strategy - - Auto-generated passwords - - TLS mode (secure routes) - - Built-in authentication (Keycloak) - - ## Installation Options + 1. Expand the **Operators** tab on the left side menu and click **OperatorHub**. + 1. Search for `z/os`. A set of Operator tiles will be filtered on the main window. + 1. Click the **Product Name** tile, and then click **Install**. + 1. Review all settings and click the **Install** button. + 1. When the Operator is installed, an entry will appear under **Operators** > **Installed Operators**. Select the installed Operator from the default project, and click **Create instance** under **Provided APIs**. + 1. Review the configuration sections and click the **Create** button. This will create a new instance of Wazi Developer for Workspaces. - IBM Wazi Developer operator installation options include: - - - Connection to external database and Keycloak - - Configuration of default passwords and object names - - PVC strategy (once shared PVC for all workspaces, PVC per workspace, or PVC per volume) - - Authentication options - - ## External Database and Keycloak - - To instruct the operator to skip deploying PostgreSQL and Keycloak and connect to an existing DB and Keycloak instead: - - - set respective fields to `true` in a custom resource spec - - provide the operator with connection and authentication details: - - `externalDb: true` - - - `chePostgresHostname: 'yourPostgresHost'` - - - `chePostgresPort: '5432'` - - - `chePostgresUser: 'myuser'` - - - `chePostgresPassword: 'mypass'` - - - `chePostgresDb: 'mydb'` - - - `externalIdentityProvider: true` - - - `identityProviderURL: 'https://my-keycloak.com'` - - - `identityProviderRealm: 'myrealm'` - - - `identityProviderClientId: 'myClient'` - - ## Self-signed Certificates - - IBM Wazi Developer for Workspaces uses self-signed certificates by default. - - You can also manually create a secret: - - ``` - oc create secret generic self-signed-certificate --from-file=/path/to/certificate/ca.crt -n=$codeReadyNamespace - ``` + **Note**: If you use the license of IBM Developer for z/OS Enterprise Edition (IDzEE), use the `IBM Developer for z/OS Enterprise Edition` tile. - ## Limitations - - - See the [Release Notes and Known Issues](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces) for Red Hat CodeReady Workspaces - - ## SecurityContextConstraints Requirements - - - Security Context Constraints (SCC) is in a `restricted` mode for all pods. - - Custom SecurityContextConstraints definition: - - ``` - openshift.io/scc: restricted - ``` + You can start using IBM Wazi Developer for Workspaces when the instance has been created and all pods are up and running. + + ### Configuration + - **Auth**: Configuration settings related to the Authentication used by the Che installation. + - **Database**: Configuration settings related to the database used by the Che installation. + - **Dev Workspace**: Dev Workspace operator configuration. + - **Image Puller**: Kubernetes Image Puller configuration. + - **K8S**: Configuration settings specific to Che installations made on upstream Kubernetes. + - **Metrics**: Configuration settings related to the metrics collection used by the Che installation. + - **Server**: General configuration settings related to the Che server and the plug-in and devfile registries. + - **Storage**: Configuration settings related to the persistent storage used by the Che installation. + + For more information about configuration parameters, see [Advanced configuration options for the Che server component](https://www.eclipse.org/che/docs/che-7/installation-guide/advanced-configuration-options-for-the-che-server-component/). + + ### Limitations + See the [Release Notes and Known Issues](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces) for Red Hat CodeReady Workspaces. displayName: IBM Developer for z/OS Enterprise Edition icon: - base64data: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgMzIgMzIiPjxkZWZzPjxzdHlsZT4uY2xzLTF7ZmlsbDojZmZmO30uY2xzLTJ7ZmlsbDp1cmwoI2xpbmVhci1ncmFkaWVudCk7fS5jbHMtM3ttYXNrOnVybCgjbWFzayk7fS5jbHMtNHtmaWxsOnVybCgjbGluZWFyLWdyYWRpZW50LTIpO30uY2xzLTV7ZmlsbDojMDYxZjgwO308L3N0eWxlPjxsaW5lYXJHcmFkaWVudCBpZD0ibGluZWFyLWdyYWRpZW50IiB4MT0iMTAwLjI3IiB5MT0iNS4wNyIgeDI9IjEwNC4xMyIgeTI9IjcuMyIgZ3JhZGllbnRUcmFuc2Zvcm09Im1hdHJpeCgtMC41LCAtMS41NiwgMC44NywgLTAuOSwgNzMuNTEsIDE4My45NikiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBvZmZzZXQ9IjAiIHN0b3Atb3BhY2l0eT0iMCIvPjxzdG9wIG9mZnNldD0iMC45Ii8+PC9saW5lYXJHcmFkaWVudD48bWFzayBpZD0ibWFzayIgeD0iMCIgeT0iMCIgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIj48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0xNiwzMWEuOS45LDAsMCwxLS41LS4xNGwtMTItN0ExLDEsMCwwLDEsMywyM1Y5YTEsMSwwLDAsMSwuNS0uODZsMTItN2ExLDEsMCwwLDEsMSwwbDEyLDdBMSwxLDAsMCwxLDI5LDlhMSwxLDAsMCwxLS40OS44N2wtMTAsNi0xLTEuNzJMMjYsOSwxNiwzLjE2LDUsOS41N1YyMi40M2wxMSw2LjQxLDExLTYuNDFWMTVoMnY4YTEsMSwwLDAsMS0uNS44NmwtMTIsN0EuOS45LDAsMCwxLDE2LDMxWiIvPjxyZWN0IGNsYXNzPSJjbHMtMiIgeD0iMjYuMjUiIHk9IjE0LjUiIHdpZHRoPSIzLjA1IiBoZWlnaHQ9IjguMDYiLz48L21hc2s+PGxpbmVhckdyYWRpZW50IGlkPSJsaW5lYXItZ3JhZGllbnQtMiIgeTE9IjMyIiB4Mj0iMzIiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBvZmZzZXQ9IjAuMSIgc3RvcC1jb2xvcj0iI2I5OGNmZCIvPjxzdG9wIG9mZnNldD0iMC45IiBzdG9wLWNvbG9yPSIjNDE4YWZjIi8+PC9saW5lYXJHcmFkaWVudD48L2RlZnM+PHRpdGxlPmFwcC1pY29uLWxpZ2h0LTwvdGl0bGU+PGcgaWQ9IkxheWVyXzMiIGRhdGEtbmFtZT0iTGF5ZXIgMyI+PGcgY2xhc3M9ImNscy0zIj48cmVjdCBjbGFzcz0iY2xzLTQiIHdpZHRoPSIzMiIgaGVpZ2h0PSIzMiIvPjwvZz48cGF0aCBjbGFzcz0iY2xzLTUiIGQ9Ik0xNiwyMGE0LDQsMCwxLDEsNC00QTQsNCwwLDAsMSwxNiwyMFptMC02YTIsMiwwLDEsMCwyLDJBMiwyLDAsMCwwLDE2LDE0WiIvPjwvZz48L3N2Zz4= @@ -1114,7 +1055,7 @@ spec: - name: RELATED_IMAGE_dashboard value: registry.redhat.io/codeready-workspaces/dashboard-rhel8@sha256:d6911d22200677aa0116f4523d325e5630b300788ee55fd2ba3b709714901d34 - name: RELATED_IMAGE_devfile_registry - value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:8cf9c39cb8a45cd14ff4f7df09bc9ceb39768befe87761f7140e9c9d259ad397 + value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:70929334aa9bc85916dfcdd2a82572aad6ffd730f575a79888a8824f51199be9 - name: RELATED_IMAGE_devworkspace_che_operator value: registry.redhat.io/codeready-workspaces/devworkspace-rhel8@sha256:832ebf337003084ea649244b331bcc5442dae90f5ad5a0c83b2cc15e68b29fdf - name: RELATED_IMAGE_devworkspace_controller @@ -1122,13 +1063,13 @@ spec: - name: RELATED_IMAGE_jboss_eap_7_eap73_openjdk8_openshift_rhel7 value: registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7@sha256:d16cfe30eaf20a157cd5d5980a6c34f3fcbcfd2fd225e670a0138d81007dd919 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openj9_11_openshift - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:74cd92e152eaded1a7977215712618197bbf661e3de36a467b66c4d00ead9cea - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift value: registry.redhat.io/jboss-eap-7/eap-xp2-openjdk11-openshift-rhel8@sha256:647d092383a760edc083eafb2d7bc3208d6409097281bedbd5eaccde360e7e39 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift_ppc64le - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:fae94e81cb18a1a3d1a60674a562a466a766238926d2437f4963744ec5a4fba7 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift_s390x - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:85381683a149a82fb24efde8377e34a46e74e9f55a7f8a16fda25b1e199a9b4a - name: RELATED_IMAGE_keycloak value: registry.redhat.io/rh-sso-7/sso74-openshift-rhel8@sha256:05f97328bafa615ceca025a6a93051a1ecdc08ae6123a78bf6ce56096f2ad233 - name: RELATED_IMAGE_keycloak_ppc64le @@ -1136,7 +1077,7 @@ spec: - name: RELATED_IMAGE_keycloak_s390x value: registry.redhat.io/rh-sso-7/sso74-openj9-openshift-rhel8@sha256:eb5110c22109412b5101f95d353603c7e3080844ee48f89186f139be5b5faa42 - name: RELATED_IMAGE_plugin_registry - value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:6baada84cccbe4b1abcf560e317998efb12e4db238557d85a1ec1c63e65a396f + value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:96ab5a1363fccc4938c4e23ca61971db47a8602cebb5b1a0d9b49644e4479139 - name: RELATED_IMAGE_postgres value: registry.redhat.io/rhel8/postgresql-96@sha256:33643fb4cafffacb277982c6098b561aa80c06210e77d2badebef405ee953e43 - name: RELATED_IMAGE_pvc_jobs @@ -1323,7 +1264,7 @@ spec: - java links: - name: Product Page - url: https://www.ibm.com/products/wazi-for-red-hat-codeready-workspaces + url: https://www.ibm.com/products/developer-for-zos - name: Documentation url: https://ibm.biz/wazi-crw-doc - name: Readme @@ -1337,7 +1278,8 @@ spec: maturity: stable provider: name: IBM - version: 1.4.0 + replaces: ibm-developer-for-zos-enterprise-edition.v1.4.0 + version: 1.4.1 relatedImages: - name: crw-2-rhel8-operator-eac1db6b4008ba849d4bcab9acc8542806b2aeda8a5a5f4b3c56fb87129d8e54-annotation image: registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator@sha256:eac1db6b4008ba849d4bcab9acc8542806b2aeda8a5a5f4b3c56fb87129d8e54 @@ -1388,7 +1330,7 @@ spec: - name: dashboard image: registry.redhat.io/codeready-workspaces/dashboard-rhel8@sha256:d6911d22200677aa0116f4523d325e5630b300788ee55fd2ba3b709714901d34 - name: devfile_registry - image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:8cf9c39cb8a45cd14ff4f7df09bc9ceb39768befe87761f7140e9c9d259ad397 + image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:70929334aa9bc85916dfcdd2a82572aad6ffd730f575a79888a8824f51199be9 - name: devworkspace_che_operator image: registry.redhat.io/codeready-workspaces/devworkspace-rhel8@sha256:832ebf337003084ea649244b331bcc5442dae90f5ad5a0c83b2cc15e68b29fdf - name: devworkspace_controller @@ -1396,13 +1338,13 @@ spec: - name: jboss_eap_7_eap73_openjdk8_openshift_rhel7 image: registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7@sha256:d16cfe30eaf20a157cd5d5980a6c34f3fcbcfd2fd225e670a0138d81007dd919 - name: jboss_eap_7_eap_xp2_openj9_11_openshift - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:74cd92e152eaded1a7977215712618197bbf661e3de36a467b66c4d00ead9cea - name: jboss_eap_7_eap_xp2_openjdk11_openshift image: registry.redhat.io/jboss-eap-7/eap-xp2-openjdk11-openshift-rhel8@sha256:647d092383a760edc083eafb2d7bc3208d6409097281bedbd5eaccde360e7e39 - name: jboss_eap_7_eap_xp2_openjdk11_openshift_ppc64le - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:fae94e81cb18a1a3d1a60674a562a466a766238926d2437f4963744ec5a4fba7 - name: jboss_eap_7_eap_xp2_openjdk11_openshift_s390x - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:85381683a149a82fb24efde8377e34a46e74e9f55a7f8a16fda25b1e199a9b4a - name: keycloak image: registry.redhat.io/rh-sso-7/sso74-openshift-rhel8@sha256:05f97328bafa615ceca025a6a93051a1ecdc08ae6123a78bf6ce56096f2ad233 - name: keycloak_ppc64le @@ -1410,7 +1352,7 @@ spec: - name: keycloak_s390x image: registry.redhat.io/rh-sso-7/sso74-openj9-openshift-rhel8@sha256:eb5110c22109412b5101f95d353603c7e3080844ee48f89186f139be5b5faa42 - name: plugin_registry - image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:6baada84cccbe4b1abcf560e317998efb12e4db238557d85a1ec1c63e65a396f + image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:96ab5a1363fccc4938c4e23ca61971db47a8602cebb5b1a0d9b49644e4479139 - name: postgres image: registry.redhat.io/rhel8/postgresql-96@sha256:33643fb4cafffacb277982c6098b561aa80c06210e77d2badebef405ee953e43 - name: pvc_jobs diff --git a/deploy/olm-catalog/wazi/manifests/wazi-codeready-rolebinding.yaml b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces-rolebinding.yaml similarity index 100% rename from deploy/olm-catalog/wazi/manifests/wazi-codeready-rolebinding.yaml rename to deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces-rolebinding.yaml diff --git a/deploy/olm-catalog/wazi/manifests/wazi-codeready-servicemonitor.yaml b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces-servicemonitor.yaml similarity index 100% rename from deploy/olm-catalog/wazi/manifests/wazi-codeready-servicemonitor.yaml rename to deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces-servicemonitor.yaml diff --git a/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.crd.yaml b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.crd.yaml index 7604c052..ca4f009c 100644 --- a/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.crd.yaml +++ b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.crd.yaml @@ -357,8 +357,7 @@ spec: managed by the Operator. When set to `false`, the KubernetesImagePuller object will be deleted, and the Operator will be uninstalled, regardless of whether a spec is provided. - Note that while - this the Operator and its behavior is community-supported, its + Note that while this Operator and its behavior is community-supported, its payload may be commercially-supported for pulling commercially-supported images." type: boolean @@ -450,7 +449,7 @@ spec: type: object server: description: General configuration settings related to the Che server - and the plugin and devfile registries + and the plug-in and devfile registries properties: airGapContainerRegistryHostname: description: Optional host name, or URL, to an alternate container diff --git a/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml index 7acf6f09..e44f7596 100644 --- a/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml +++ b/deploy/olm-catalog/wazi/manifests/wazi-codeready-workspaces.csv.yaml @@ -90,8 +90,8 @@ metadata: operatorframework.io/cluster-monitoring: "true" repository: https://github.com/IBM/wazi-codeready-workspaces-operator support: IBM - olm.skipRange: ">=1.0.0 <1.4.0" - name: ibm-wazi-developer-for-workspaces.v1.4.0 + olm.skipRange: ">=1.0.0 <1.4.1" + name: ibm-wazi-developer-for-workspaces.v1.4.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -155,149 +155,90 @@ spec: - urn:alm:descriptor:text version: v1 description: | - # Introduction + IBM Wazi Developer for Workspaces is a component shipped with either IBM Wazi Developer for Red Hat CodeReady Workspaces (Wazi Developer for Workspaces) or IBM Developer for z/OS Enterprise Edition (IDzEE). - IBM Wazi Developer for Red Hat CodeReady Workspaces (IBM Wazi Developer) is a single integrated solution, which delivers a cloud native development experience for z/OS. It enables application developers to develop and test z/OS application components in a virtual z/OS environment on an OpenShift®-powered hybrid multicloud platform, and to use an industry standard integrated development environment (IDE) of their choice. + # Name + IBM Wazi Developer for Red Hat CodeReady Workspaces (Wazi Developer for Workspaces) - IBM Wazi Developer for Workspaces, a component of IBM Wazi Developer, is built on the Red Hat CodeReady Workspaces project. The core functionality for Red Hat CodeReady Workspaces is provided by an open-source project called Eclipse Che. IBM Wazi Developer for Workspaces uses Kubernetes and containers to provide your team with a consistent, secure, and zero-configuration development environment that interacts with your IBM Z platform. - - IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open-source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology and stacks, IBM Wazi Developer for Workspaces brings the necessary technology to the task at hand. + ## Introduction + IBM Wazi Developer for Workspaces provides a modern experience for mainframe software developers working with z/OS applications in the cloud. Powered by the open source projects Zowe and Red Hat CodeReady Workspaces, IBM Wazi Developer for Workspaces offers an easy, streamlined onboarding process to provide mainframe developers the tools they need. Using container technology, IBM Wazi Developer for Workspaces brings the necessary tools to the task at hand. ## Details + IBM Wazi Developer for Workspaces provides a custom stack with the all-in-one mainframe development package that enables mainframe developers to: - IBM Wazi Developer for Workspaces provides a custom stack for mainframe developers with the all-in-one mainframe development package that includes the following capabilities: - - - Modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I that provide language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using [IBM Z Open Editor](https://marketplace.visualstudio.com/items?itemName=IBM.zopeneditor) - - Source code management (SCM) integration to enable integration with any flavor of Git, a popular and modern parallel development SCM - - Intelligent build capability that enables developers to perform a user build with IBM Dependency Based Build for any flavor of Git - - Integrations that enable developers to work with z/OS resources such as MVS and UNIX files and JES jobs - - Connectivity to Z host using [Zowe Explorer](https://marketplace.visualstudio.com/items?itemName=Zowe.vscode-extension-for-zowe) - - Debugging COBOL and PL/I applications using [IBM Z Open Debug](https://developer.ibm.com/mainframe/2020/06/12/introducing-ibm-z-open-debug/) - - Interacting with the [IBM Remote System Explorer API](https://ibm.github.io/zopeneditor-about/Docs/interact_zos_overview.html) - - Mainframe Development package with custom plugin and devfile registry support using the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) - - Read our official documentation on the [IBM Documentation](https://ibm.biz/wazi-crw-doc) site to learn more about IBM Wazi Developer. + - Use a modern mainframe editor with rich language support for COBOL, JCL, Assembler (HLASM), and PL/I, which provides language-specific features such as syntax highlighting, outline view, declaration hovering, code completion, snippets, a preview of copybooks, copybook navigation, and basic refactoring using IBM Z Open Editor, a component of IBM Wazi Developer for VS Code + - Integrate with any flavor of Git source code management (SCM) + - Perform a user build with IBM Dependency Based Build for any flavor of Git + - Work with z/OS resources such as MVS, UNIX files, and JES jobs + - Connect to the Z host with z/OSMF or IBM Remote System Explorer (RSE) API, using Zowe Explorer plus IBM Z Open Editor for a graphical user interface and Zowe CLI plus the RSE API plug-in for Zowe CLI for command line access + - Debug COBOL and PL/I applications using IBM Z Open Debug + - Use a mainframe development package with a custom plug-in and devfile registry support from the [IBM Wazi Developer stack](https://github.com/IBM/wazi-codeready-workspaces) ## Prerequisites + Before you install Wazi Developer for Workspaces, ensure that the following prerequisites are met. Ensure that you have the latest version of each tool mentioned below. If you installed these tools previously, check the versions and update if necessary. + + - Ensure that you have a connection to a Red Hat® OpenShift Container Platform (OCP) cluster, and that you have cluster-admin permissions. + - Install the OpenShift command-line interface (CLI), which lets you create applications and manage OpenShift Container Platform projects from a terminal. ### Resources Required + | Pod | Container Name | Default memory limit | Default memory request | + | --- | --- | --- | --- | + | Wazi CodeReady Operator | wazi-codeready-operator | 256 MiB | 64 MiB | + | Che Server and Dashboard | che | 1 GiB | 512 MiB | + | PostgreSQL | postgres | 1 GiB | 512 MiB | + | RH-SSO | keycloak | 2 GiB | 512 MiB | + | Devfile registry | che-devfile-registry | 256 MiB | 32 MiB | + | Plug-in registry | che-plugin-registry | 1 GiB | 512 MiB | + | Wazi CodeReady Sidecar | wazi-terminal | 128 MiB | 32 MiB | - - Ensure that you have a connection to a Red Hat OpenShift Container Platform (OCP) cluster, and that you have cluster-admin permissions. - - The Red Hat OpenShift cluster must be configured with a default storage class. For more information, see OpenShift Container Platform documentation. - - If you plan to use the OpenShift oAuth, then the cluster oAuth must be configured. For more information, see Configuring the internal OAuth server. - - Install OpenShift command-line tool, which lets you create applications and manage OpenShift Container Platform projects from a terminal. - - Install IBM Cloud Pak® command-line tool, which is a command line tool to manage Container Application Software for Enterprises (CASEs). - + **Note**: For larger deployments, [increase the memory limits](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.12/html-single/installation_guide/index#advanced-configuration-options-for-the-codeready-workspaces-server-component_crw). + + ### Storage Minimum scheduling capacity: - | Software | Memory (GB) | CPU (cores) | Disk (GB) | Nodes | | ------------------------------------------- | ----------- | ----------- | --------- | ----- | | IBM Wazi Developer for Workspaces | 8 GB | 4 (vCPUs) | 35 GB | 1 | | | | | | | | **Total** | 8 GB | 4 (vCPUs) | 35 GB | 1 | - - - #### Minimum of 5 GB of RAM is required to run Codeready Workspaces - - The CodeReady Workspaces server: about 750 MB - - The Red Hat Single Sign-On authorization server: about 1 GB - - PostgreSQL: about 515 MB - - Keycloak: about 1GB - - Workspaces: 2 GB of RAM per workspace. The require size of RAM for workspace depends on the runtime and number of pods. - - - #### Codeready Workspaces storage requirements - - CodeReady Workspaces server: 1 GB to store logs and initial workspace stacks - - Keycloak: 2 PVCs, 1 GB each to store logs and Keycloak data - - PostgreSQL: 1 GB PVC to store database. - + + ### SecurityContextConstraints Requirements + All pods run in `restricted` mode, see [Managing security context constraints](https://docs.openshift.com/container-platform/latest/authentication/managing-security-context-constraints.html) for more information. + ## Installing + The Operator will manage the lifecycle of an instance of IBM Wazi Developer for Workspaces. - Press the **Install** button, select the namespace, choose the update strategy, click the Subscribe button, and wait for the **Succeeded** Operator status. - - When the operator is installed, create a new instance of the IBM Wazi Developer for Workspaces (click the **Create Instance** button). - - IBM Wazi Developer for Workspaces spec contains all defaults (see below). - - You can start using the IBM Wazi Developer for Workspaces when the status is set to **Available**, and you see a URL. - - # Configuration + | Product Name | Default Project | + | ----------------------------------------- | -------------------------- | + | IBM Wazi Developer for Workspaces | wazi-codeready-workspaces | + | IBM Developer for z/OS Enterprise Edition | idzee-codeready-workspaces | - ## Defaults + In the OpenShift cluster web console: - By default, the operator deploys IBM Wazi Developer for Workspaces with: - - - Bundled PostgreSQL and Keycloak - - Per-Workspace PVC strategy - - Auto-generated passwords - - TLS mode (secure routes) - - Built-in authentication (Keycloak) - - ## Installation Options + 1. Expand the **Operators** tab on the left side menu and click **OperatorHub**. + 1. Search for `z/os`. A set of Operator tiles will be filtered on the main window. + 1. Click the **Product Name** tile, and then click **Install**. + 1. Review all settings and click the **Install** button. + 1. When the Operator is installed, an entry will appear under **Operators** > **Installed Operators**. Select the installed Operator from the default project, and click **Create instance** under **Provided APIs**. + 1. Review the configuration sections and click the **Create** button. This will create a new instance of Wazi Developer for Workspaces. - IBM Wazi Developer operator installation options include: - - - Connection to external database and Keycloak - - Configuration of default passwords and object names - - PVC strategy (once shared PVC for all workspaces, PVC per workspace, or PVC per volume) - - Authentication options - - ## External Database and Keycloak - - To instruct the operator to skip deploying PostgreSQL and Keycloak and connect to an existing DB and Keycloak instead: - - - set respective fields to `true` in a custom resource spec - - provide the operator with connection and authentication details: - - `externalDb: true` - - - `chePostgresHostname: 'yourPostgresHost'` - - - `chePostgresPort: '5432'` - - - `chePostgresUser: 'myuser'` - - - `chePostgresPassword: 'mypass'` - - - `chePostgresDb: 'mydb'` - - - `externalIdentityProvider: true` - - - `identityProviderURL: 'https://my-keycloak.com'` - - - `identityProviderRealm: 'myrealm'` - - - `identityProviderClientId: 'myClient'` - - ## Self-signed Certificates - - IBM Wazi Developer for Workspaces uses self-signed certificates by default. - - You can also manually create a secret: - - ``` - oc create secret generic self-signed-certificate --from-file=/path/to/certificate/ca.crt -n=$codeReadyNamespace - ``` + **Note**: If you use the license of IBM Developer for z/OS Enterprise Edition (IDzEE), use the `IBM Developer for z/OS Enterprise Edition` tile. - ## Limitations - - - See the [Release Notes and Known Issues](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces) for Red Hat CodeReady Workspaces - - ## SecurityContextConstraints Requirements - - - Security Context Constraints (SCC) is in a `restricted` mode for all pods. - - Custom SecurityContextConstraints definition: - - ``` - openshift.io/scc: restricted - ``` + You can start using IBM Wazi Developer for Workspaces when the instance has been created and all pods are up and running. + + ### Configuration + - **Auth**: Configuration settings related to the Authentication used by the Che installation. + - **Database**: Configuration settings related to the database used by the Che installation. + - **Dev Workspace**: Dev Workspace operator configuration. + - **Image Puller**: Kubernetes Image Puller configuration. + - **K8S**: Configuration settings specific to Che installations made on upstream Kubernetes. + - **Metrics**: Configuration settings related to the metrics collection used by the Che installation. + - **Server**: General configuration settings related to the Che server and the plug-in and devfile registries. + - **Storage**: Configuration settings related to the persistent storage used by the Che installation. + + For more information about configuration parameters, see [Advanced configuration options for the Che server component](https://www.eclipse.org/che/docs/che-7/installation-guide/advanced-configuration-options-for-the-che-server-component/). + + ### Limitations + See the [Release Notes and Known Issues](https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces) for Red Hat CodeReady Workspaces. displayName: IBM Wazi Developer for Workspaces icon: - base64data: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgMzIgMzIiPjxkZWZzPjxzdHlsZT4uY2xzLTF7ZmlsbDojZmZmO30uY2xzLTJ7ZmlsbDp1cmwoI2xpbmVhci1ncmFkaWVudCk7fS5jbHMtM3ttYXNrOnVybCgjbWFzayk7fS5jbHMtNHtmaWxsOnVybCgjbGluZWFyLWdyYWRpZW50LTIpO30uY2xzLTV7ZmlsbDojMDYxZjgwO308L3N0eWxlPjxsaW5lYXJHcmFkaWVudCBpZD0ibGluZWFyLWdyYWRpZW50IiB4MT0iMTAwLjI3IiB5MT0iNS4wNyIgeDI9IjEwNC4xMyIgeTI9IjcuMyIgZ3JhZGllbnRUcmFuc2Zvcm09Im1hdHJpeCgtMC41LCAtMS41NiwgMC44NywgLTAuOSwgNzMuNTEsIDE4My45NikiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBvZmZzZXQ9IjAiIHN0b3Atb3BhY2l0eT0iMCIvPjxzdG9wIG9mZnNldD0iMC45Ii8+PC9saW5lYXJHcmFkaWVudD48bWFzayBpZD0ibWFzayIgeD0iMCIgeT0iMCIgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIj48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0xNiwzMWEuOS45LDAsMCwxLS41LS4xNGwtMTItN0ExLDEsMCwwLDEsMywyM1Y5YTEsMSwwLDAsMSwuNS0uODZsMTItN2ExLDEsMCwwLDEsMSwwbDEyLDdBMSwxLDAsMCwxLDI5LDlhMSwxLDAsMCwxLS40OS44N2wtMTAsNi0xLTEuNzJMMjYsOSwxNiwzLjE2LDUsOS41N1YyMi40M2wxMSw2LjQxLDExLTYuNDFWMTVoMnY4YTEsMSwwLDAsMS0uNS44NmwtMTIsN0EuOS45LDAsMCwxLDE2LDMxWiIvPjxyZWN0IGNsYXNzPSJjbHMtMiIgeD0iMjYuMjUiIHk9IjE0LjUiIHdpZHRoPSIzLjA1IiBoZWlnaHQ9IjguMDYiLz48L21hc2s+PGxpbmVhckdyYWRpZW50IGlkPSJsaW5lYXItZ3JhZGllbnQtMiIgeTE9IjMyIiB4Mj0iMzIiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBvZmZzZXQ9IjAuMSIgc3RvcC1jb2xvcj0iI2I5OGNmZCIvPjxzdG9wIG9mZnNldD0iMC45IiBzdG9wLWNvbG9yPSIjNDE4YWZjIi8+PC9saW5lYXJHcmFkaWVudD48L2RlZnM+PHRpdGxlPmFwcC1pY29uLWxpZ2h0LTwvdGl0bGU+PGcgaWQ9IkxheWVyXzMiIGRhdGEtbmFtZT0iTGF5ZXIgMyI+PGcgY2xhc3M9ImNscy0zIj48cmVjdCBjbGFzcz0iY2xzLTQiIHdpZHRoPSIzMiIgaGVpZ2h0PSIzMiIvPjwvZz48cGF0aCBjbGFzcz0iY2xzLTUiIGQ9Ik0xNiwyMGE0LDQsMCwxLDEsNC00QTQsNCwwLDAsMSwxNiwyMFptMC02YTIsMiwwLDEsMCwyLDJBMiwyLDAsMCwwLDE2LDE0WiIvPjwvZz48L3N2Zz4= @@ -1114,7 +1055,7 @@ spec: - name: RELATED_IMAGE_dashboard value: registry.redhat.io/codeready-workspaces/dashboard-rhel8@sha256:d6911d22200677aa0116f4523d325e5630b300788ee55fd2ba3b709714901d34 - name: RELATED_IMAGE_devfile_registry - value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:8cf9c39cb8a45cd14ff4f7df09bc9ceb39768befe87761f7140e9c9d259ad397 + value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:70929334aa9bc85916dfcdd2a82572aad6ffd730f575a79888a8824f51199be9 - name: RELATED_IMAGE_devworkspace_che_operator value: registry.redhat.io/codeready-workspaces/devworkspace-rhel8@sha256:832ebf337003084ea649244b331bcc5442dae90f5ad5a0c83b2cc15e68b29fdf - name: RELATED_IMAGE_devworkspace_controller @@ -1122,13 +1063,13 @@ spec: - name: RELATED_IMAGE_jboss_eap_7_eap73_openjdk8_openshift_rhel7 value: registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7@sha256:d16cfe30eaf20a157cd5d5980a6c34f3fcbcfd2fd225e670a0138d81007dd919 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openj9_11_openshift - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:74cd92e152eaded1a7977215712618197bbf661e3de36a467b66c4d00ead9cea - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift value: registry.redhat.io/jboss-eap-7/eap-xp2-openjdk11-openshift-rhel8@sha256:647d092383a760edc083eafb2d7bc3208d6409097281bedbd5eaccde360e7e39 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift_ppc64le - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:fae94e81cb18a1a3d1a60674a562a466a766238926d2437f4963744ec5a4fba7 - name: RELATED_IMAGE_jboss_eap_7_eap_xp2_openjdk11_openshift_s390x - value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + value: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:85381683a149a82fb24efde8377e34a46e74e9f55a7f8a16fda25b1e199a9b4a - name: RELATED_IMAGE_keycloak value: registry.redhat.io/rh-sso-7/sso74-openshift-rhel8@sha256:05f97328bafa615ceca025a6a93051a1ecdc08ae6123a78bf6ce56096f2ad233 - name: RELATED_IMAGE_keycloak_ppc64le @@ -1136,7 +1077,7 @@ spec: - name: RELATED_IMAGE_keycloak_s390x value: registry.redhat.io/rh-sso-7/sso74-openj9-openshift-rhel8@sha256:eb5110c22109412b5101f95d353603c7e3080844ee48f89186f139be5b5faa42 - name: RELATED_IMAGE_plugin_registry - value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:6baada84cccbe4b1abcf560e317998efb12e4db238557d85a1ec1c63e65a396f + value: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:96ab5a1363fccc4938c4e23ca61971db47a8602cebb5b1a0d9b49644e4479139 - name: RELATED_IMAGE_postgres value: registry.redhat.io/rhel8/postgresql-96@sha256:33643fb4cafffacb277982c6098b561aa80c06210e77d2badebef405ee953e43 - name: RELATED_IMAGE_pvc_jobs @@ -1323,7 +1264,7 @@ spec: - java links: - name: Product Page - url: https://www.ibm.com/products/wazi-for-red-hat-codeready-workspaces + url: https://www.ibm.com/products/wazi-developer - name: Documentation url: https://ibm.biz/wazi-crw-doc - name: Readme @@ -1337,7 +1278,8 @@ spec: maturity: stable provider: name: IBM - version: 1.4.0 + replaces: ibm-wazi-developer-for-workspaces.v1.4.0 + version: 1.4.1 relatedImages: - name: crw-2-rhel8-operator-eac1db6b4008ba849d4bcab9acc8542806b2aeda8a5a5f4b3c56fb87129d8e54-annotation image: registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator@sha256:eac1db6b4008ba849d4bcab9acc8542806b2aeda8a5a5f4b3c56fb87129d8e54 @@ -1388,7 +1330,7 @@ spec: - name: dashboard image: registry.redhat.io/codeready-workspaces/dashboard-rhel8@sha256:d6911d22200677aa0116f4523d325e5630b300788ee55fd2ba3b709714901d34 - name: devfile_registry - image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:8cf9c39cb8a45cd14ff4f7df09bc9ceb39768befe87761f7140e9c9d259ad397 + image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-dev-file@sha256:70929334aa9bc85916dfcdd2a82572aad6ffd730f575a79888a8824f51199be9 - name: devworkspace_che_operator image: registry.redhat.io/codeready-workspaces/devworkspace-rhel8@sha256:832ebf337003084ea649244b331bcc5442dae90f5ad5a0c83b2cc15e68b29fdf - name: devworkspace_controller @@ -1396,13 +1338,13 @@ spec: - name: jboss_eap_7_eap73_openjdk8_openshift_rhel7 image: registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7@sha256:d16cfe30eaf20a157cd5d5980a6c34f3fcbcfd2fd225e670a0138d81007dd919 - name: jboss_eap_7_eap_xp2_openj9_11_openshift - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:74cd92e152eaded1a7977215712618197bbf661e3de36a467b66c4d00ead9cea - name: jboss_eap_7_eap_xp2_openjdk11_openshift image: registry.redhat.io/jboss-eap-7/eap-xp2-openjdk11-openshift-rhel8@sha256:647d092383a760edc083eafb2d7bc3208d6409097281bedbd5eaccde360e7e39 - name: jboss_eap_7_eap_xp2_openjdk11_openshift_ppc64le - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:fae94e81cb18a1a3d1a60674a562a466a766238926d2437f4963744ec5a4fba7 - name: jboss_eap_7_eap_xp2_openjdk11_openshift_s390x - image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:3f2de8176fb0b0e996fb1051d4244b4720014e0767b60e4b815ef0f7ec33dec9 + image: registry.redhat.io/jboss-eap-7/eap-xp2-openj9-11-openshift-rhel8@sha256:85381683a149a82fb24efde8377e34a46e74e9f55a7f8a16fda25b1e199a9b4a - name: keycloak image: registry.redhat.io/rh-sso-7/sso74-openshift-rhel8@sha256:05f97328bafa615ceca025a6a93051a1ecdc08ae6123a78bf6ce56096f2ad233 - name: keycloak_ppc64le @@ -1410,7 +1352,7 @@ spec: - name: keycloak_s390x image: registry.redhat.io/rh-sso-7/sso74-openj9-openshift-rhel8@sha256:eb5110c22109412b5101f95d353603c7e3080844ee48f89186f139be5b5faa42 - name: plugin_registry - image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:6baada84cccbe4b1abcf560e317998efb12e4db238557d85a1ec1c63e65a396f + image: icr.io/wazi-code/ibm-wazi-developer-for-workspaces-plugin@sha256:96ab5a1363fccc4938c4e23ca61971db47a8602cebb5b1a0d9b49644e4479139 - name: postgres image: registry.redhat.io/rhel8/postgresql-96@sha256:33643fb4cafffacb277982c6098b561aa80c06210e77d2badebef405ee953e43 - name: pvc_jobs diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 35585e02..7de80168 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -12,6 +12,10 @@ apiVersion: apps/v1 kind: Deployment metadata: name: codeready-operator + labels: + app.kubernetes.io/name: che + app.kubernetes.io/instance: che + app.kubernetes.io/managed-by: olm spec: replicas: 1 selector: @@ -21,15 +25,20 @@ spec: type: RollingUpdate template: metadata: + annotations: + productName: placeholder + productID: 11111111111111111111111111111111 + productMetric: FREE labels: app: codeready-operator app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm spec: containers: - name: codeready-operator - image: registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator:2.10 + image: registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator@sha256:eac1db6b4008ba849d4bcab9acc8542806b2aeda8a5a5f4b3c56fb87129d8e54 ports: - containerPort: 60000 name: metrics @@ -137,3 +146,13 @@ spec: restartPolicy: Always serviceAccountName: codeready-operator terminationGracePeriodSeconds: 20 + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: in + values: + - amd64 + - s390x diff --git a/deploy/role.yaml b/deploy/role.yaml index 9cf4262c..3fb7fb00 100644 --- a/deploy/role.yaml +++ b/deploy/role.yaml @@ -17,6 +17,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm rules: - apiGroups: - extensions diff --git a/deploy/role_binding.yaml b/deploy/role_binding.yaml index 15e4dced..68994238 100644 --- a/deploy/role_binding.yaml +++ b/deploy/role_binding.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm subjects: - kind: ServiceAccount name: codeready-operator diff --git a/deploy/role_binding_oauth.yaml b/deploy/role_binding_oauth.yaml index 971b8cda..55205538 100644 --- a/deploy/role_binding_oauth.yaml +++ b/deploy/role_binding_oauth.yaml @@ -16,6 +16,7 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm objects: - kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/deploy/service_account.yaml b/deploy/service_account.yaml index 61e7eccc..da980a30 100644 --- a/deploy/service_account.yaml +++ b/deploy/service_account.yaml @@ -16,3 +16,6 @@ metadata: app.kubernetes.io/name: che app.kubernetes.io/instance: che app.kubernetes.io/component: codeready-operator + app.kubernetes.io/managed-by: olm +imagePullSecrets: + - name: codeready-operator