feat: Add pre-install task to check if an OIDC provider is installed (#…

…1912)

Add pre-install task to check if an OIDC provider is installed

Signed-off-by: Mykola Morhun <mmorhun@redhat.com>

README.md

@@ -117,7 +117,7 @@ EXAMPLES
   $ chectl autocomplete --refresh-cache
 ```
 
-_See code: [@oclif/plugin-autocomplete](https://github.com/oclif/plugin-autocomplete/blob/v0.3.0/src/commands/autocomplete/index.ts)_
+_See code: [@oclif/plugin-autocomplete](https://github.com/oclif/plugin-autocomplete/blob/v1.1.0/src/commands/autocomplete/index.ts)_
 
 ## `chectl cacert:export`
 
@@ -180,7 +180,7 @@ OPTIONS
   --all  see all commands in CLI
 ```
 
-_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v3.2.14/src/commands/help.ts)_
+_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v3.2.18/src/commands/help.ts)_
 
 ## `chectl server:backup`
 
@@ -407,6 +407,9 @@ OPTIONS
   --skip-kubernetes-health-check
       Skip Kubernetes health check
 
+  --skip-oidc-provider-check
+      Skip OIDC Provider check
+
   --skip-version-check
       Skip minimal versions check.
 
@@ -649,7 +652,7 @@ OPTIONS
   --from-local  interactively choose an already installed version
 ```
 
-_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v1.5.0/src/commands/update.ts)_
+_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v2.1.3/src/commands/update.ts)_
 <!-- commandsstop -->
 
 

package.json

@@ -23,7 +23,7 @@
     "command-exists": "^1.2.9",
     "countries-and-timezones": "^3.3.0",
     "debug": "^4.3.3",
-    "eclipse-che-operator": "git://github.com/eclipse-che/che-operator#main",
+    "eclipse-che-operator": "https://github.com/eclipse-che/che-operator#main",
     "execa": "^5.1.1",
     "fancy-test": "^2.0.0",
     "fs-extra": "^10.0.0",

src/commands/server/deploy.ts

@@ -15,7 +15,7 @@ import { boolean, string } from '@oclif/parser/lib/flags'
 import { cli } from 'cli-ux'
 import * as Listr from 'listr'
 import * as semver from 'semver'
-import { ChectlContext, OLM } from '../../api/context'
+import { ChectlContext, OIDCContextKeys, OLM } from '../../api/context'
 import { KubeHelper } from '../../api/kube'
 import { batch, cheDeployment, cheDeployVersion, cheNamespace, cheOperatorCRPatchYaml, cheOperatorCRYaml, CHE_OPERATOR_CR_PATCH_YAML_KEY, CHE_OPERATOR_CR_YAML_KEY, CHE_TELEMETRY, DEPLOY_VERSION_KEY, k8sPodDownloadImageTimeout, K8SPODDOWNLOADIMAGETIMEOUT_KEY, k8sPodErrorRecheckTimeout, K8SPODERRORRECHECKTIMEOUT_KEY, k8sPodReadyTimeout, K8SPODREADYTIMEOUT_KEY, k8sPodWaitTimeout, K8SPODWAITTIMEOUT_KEY, listrRenderer, logsDirectory, LOG_DIRECTORY_KEY, skipKubeHealthzCheck as skipK8sHealthCheck } from '../../common-flags'
 import { DEFAULT_ANALYTIC_HOOK_NAME, DEFAULT_CHE_NAMESPACE, DEFAULT_OLM_SUGGESTED_NAMESPACE, DOCS_LINK_INSTALL_RUNNING_CHE_LOCALLY, MIN_CHE_OPERATOR_INSTALLER_VERSION, MIN_OLM_INSTALLER_VERSION } from '../../constants'
@@ -135,6 +135,10 @@ export default class Deploy extends Command {
       description: 'Skip cluster availability check. The check is a simple request to ensure the cluster is reachable.',
       default: false,
     }),
+    'skip-oidc-provider-check': flags.boolean({
+      description: 'Skip OIDC Provider check',
+      default: false,
+    }),
     'auto-update': flags.boolean({
       description: `Auto update approval strategy for installation Eclipse Che.
                     With this strategy will be provided auto-update Eclipse Che without any human interaction.
@@ -357,6 +361,7 @@ export default class Deploy extends Command {
       title: '👀  Looking for an already existing Eclipse Che instance',
       task: () => new Listr(cheTasks.checkIfCheIsInstalledTasks(flags)),
     })
+    preInstallTasks.add(ensureOIDCProviderInstalled(flags))
     preInstallTasks.add(checkChectlAndCheVersionCompatibility(flags))
     preInstallTasks.add(downloadTemplates(flags))
     preInstallTasks.add({
@@ -424,6 +429,37 @@ export default class Deploy extends Command {
   }
 }
 
+function ensureOIDCProviderInstalled(flags: any): Listr.ListrTask {
+  return {
+    title: 'Check if OIDC Provider installed',
+    enabled: ctx => !flags['skip-oidc-provider-check'] && isKubernetesPlatformFamily(flags.platform) && !ctx.isCheDeployed,
+    skip: () => {
+      if (flags.platform === 'minikube') {
+        return 'Dex will be automatically installed'
+      }
+    },
+    task: async (_ctx: any, task: any) => {
+      const kube = new KubeHelper(flags)
+      const apiServerPods = await kube.getPodListByLabel('kube-system', 'component=kube-apiserver')
+      for (const pod of apiServerPods) {
+        if (!pod.spec) {
+          continue
+        }
+        for (const container of pod.spec.containers) {
+          if (container.command) {
+            if (container.command.some(value => value.includes(OIDCContextKeys.ISSUER_URL) && value.includes(OIDCContextKeys.CLIENT_ID))) {
+              task.title = `${task.title}...OK`
+              return
+            }
+          }
+        }
+      }
+      task.title = `${task.title}...NOT INSTALLED`
+      throw new Error('OIDC Provider is not installed in order to deploy Eclipse Che. To bypass OIDC Provider check use \'--skip-oidc-provider-check\' flag')
+    },
+  }
+}
+
 /**
  * Sets default installer which is `olm` for OpenShift 4 with stable version of chectl
  * and `operator` for other cases.

yarn.lock

@@ -2611,9 +2611,9 @@ ecc-jsbn@~0.1.1:
     jsbn "~0.1.0"
     safer-buffer "^2.1.0"
 
-"eclipse-che-operator@git://github.com/eclipse-che/che-operator#main":
+"eclipse-che-operator@https://github.com/eclipse-che/che-operator#main":
   version "0.0.0"
-  resolved "git://github.com/eclipse-che/che-operator#4ccd0bdde3c349b125d0ae2d3eb2835e18390c76"
+  resolved "https://github.com/eclipse-che/che-operator#bb3c53cc6cba197ebab9d2889aa4fc0788c076e8"
 
 editorconfig@^0.15.0:
   version "0.15.3"