-
Notifications
You must be signed in to change notification settings - Fork 155
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: introduce configs for OpenShift deployment and for developing i…
…n Eclipse Che Signed-off-by: Valeriy Svydenko <[email protected]>
- Loading branch information
Showing
10 changed files
with
820 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,218 @@ | ||
schemaVersion: 2.3.0 | ||
metadata: | ||
name: openvsx | ||
components: | ||
- name: tool | ||
container: | ||
image: quay.io/devfile/universal-developer-image:ubi8-latest | ||
memoryRequest: 256Mi | ||
memoryLimit: 8Gi | ||
cpuRequest: 100m | ||
cpuLimit: 2000m | ||
env: | ||
- name: OPENVSX_NAMESPACE | ||
value: openvsx | ||
volumeMounts: | ||
- name: local | ||
path: /home/user/.local/ | ||
- name: elasticsearch | ||
container: | ||
image: docker.elastic.co/elasticsearch/elasticsearch:8.7.1 | ||
memoryRequest: 256Mi | ||
memoryLimit: 2Gi | ||
cpuRequest: 100m | ||
cpuLimit: 800m | ||
endpoints: | ||
- exposure: internal | ||
name: elasticsearch | ||
protocol: tcp | ||
targetPort: 9200 | ||
- exposure: internal | ||
name: es9300 | ||
protocol: tcp | ||
targetPort: 9300 | ||
- exposure: public | ||
name: che-server | ||
targetPort: 8080 | ||
- exposure: public | ||
name: che-webui | ||
targetPort: 3000 | ||
env: | ||
- name: bootstrap.memory_lock | ||
value: 'true' | ||
- name: cluster.routing.allocation.disk.threshold_enabled | ||
value: 'false' | ||
- name: discovery.type | ||
value: single-node | ||
- name: xpack.ml.enabled | ||
value: 'false' | ||
- name: xpack.security.enabled | ||
value: 'false' | ||
- name: postgresql | ||
container: | ||
image: 'image-registry.openshift-image-registry.svc:5000/openshift/postgresql:15-el8' | ||
memoryRequest: 256Mi | ||
memoryLimit: 2Gi | ||
cpuRequest: 100m | ||
cpuLimit: '1' | ||
env: | ||
- name: POSTGRESQL_USER | ||
value: openvsx | ||
- name: POSTGRESQL_PASSWORD | ||
value: openvsx | ||
- name: POSTGRESQL_DATABASE | ||
value: openvsx | ||
- volume: | ||
ephemeral: true | ||
name: local | ||
|
||
commands: | ||
- id: build-cli | ||
exec: | ||
label: "1.1. Build OVSX CLI" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/cli | ||
commandLine: | | ||
yarn install && | ||
yarn prepare | ||
- id: build-webui | ||
exec: | ||
label: "1.2. Build UI Component" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/webui | ||
commandLine: | | ||
yarn install && | ||
yarn build && | ||
yarn build:default | ||
- id: build-server | ||
exec: | ||
label: "1.3. Build Server Component" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx | ||
commandLine: | | ||
server/gradlew -p server assemble downloadTestExtensions | ||
- id: run-server | ||
exec: | ||
label: "1.4. Run OpenVSX Server" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/server | ||
commandLine: | | ||
./scripts/generate-properties.sh && | ||
sed -i 's/localhost:5432\/postgres/localhost:5432\/openvsx/g' src/dev/resources/application.yml && | ||
sed -i 's/username: gitpod/username: openvsx/g' src/dev/resources/application.yml && | ||
sed -i 's/password: gitpod/password: openvsx/g' src/dev/resources/application.yml && | ||
./gradlew runServer | ||
- id: run-webui | ||
exec: | ||
label: "1.5. Run OpenVSX WebUI" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/webui | ||
commandLine: | | ||
yarn start:default | ||
- id: cli-publish | ||
exec: | ||
label: "1.6. Publish extensions by OVSX CLI" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx | ||
commandLine: | | ||
nvm use v${NODEJS_20_VERSION} | ||
export OVSX_REGISTRY_URL=http://localhost:8080 | ||
export OVSX_PAT=super_token | ||
export PUBLISHERS="DotJoshJohnson eamodio felixfbecker formulahendry HookyQR ms-azuretools ms-mssql ms-python ms-vscode octref redhat ritwickdey sburg vscode vscodevim Wscats" | ||
for pub in $PUBLISHERS; do cli/lib/ovsx create-namespace $pub; done | ||
find server/build/test-extensions-builtin -name '*.vsix' -exec cli/lib/ovsx publish '{}' \; | ||
find server/build/test-extensions -name '*.vsix' -exec cli/lib/ovsx publish '{}' \; | ||
# Commands to deploy OpenVSX to OpenShift | ||
- id: build-openvsx-image | ||
exec: | ||
label: "2.1. Build and Publish OpenVSX Image" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/openshift | ||
commandLine: | | ||
read -p "Please enter the value for OPENVSX_VERSION (default: v0.18.0): " OPENVSX_VERSION | ||
OPENVSX_VERSION=${OPENVSX_VERSION:-v0.18.0} | ||
export OPENVSX_VERSION | ||
echo "OPENVSX_VERSION is set to $OPENVSX_VERSION" | ||
podman build -t "openvsx:$OPENVSX_VERSION" --build-arg "OPENVSX_VERSION=$OPENVSX_VERSION" -f openvsx.Dockerfile .&& | ||
oc new-project $OPENVSX_NAMESPACE | ||
export IMAGE=image-registry.openshift-image-registry.svc:5000/$OPENVSX_NAMESPACE/openvsx && | ||
podman tag openvsx:$OPENVSX_VERSION ${IMAGE} && | ||
podman login --tls-verify=false -u $(oc whoami | tr -d :) -p $(oc whoami -t) image-registry.openshift-image-registry.svc:5000 && | ||
podman push --tls-verify=false "${IMAGE}" | ||
- id: build-ovsx-cli-image | ||
exec: | ||
label: "2.2. Build and Publish OpenVSX CLI Image" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/openshift | ||
commandLine: | | ||
podman build -t "openvsx-cli" -f cli.Dockerfile .&& | ||
export IMAGE=image-registry.openshift-image-registry.svc:5000/$OPENVSX_NAMESPACE/openvsx-cli && | ||
podman tag openvsx-cli ${IMAGE} && | ||
podman login --tls-verify=false -u $(oc whoami | tr -d :) -p $(oc whoami -t) image-registry.openshift-image-registry.svc:5000 && | ||
podman push --tls-verify=false "${IMAGE}" | ||
- id: deploy-openvsx | ||
exec: | ||
label: "2.3. Deploy OpenVSX" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/openshift | ||
commandLine: | | ||
oc process -f openvsx-deployment.yml \ | ||
-p OPENVSX_SERVER_IMAGE=image-registry.openshift-image-registry.svc:5000/$OPENVSX_NAMESPACE/openvsx \ | ||
-p OPENVSX_CLI_IMAGE=image-registry.openshift-image-registry.svc:5000/$OPENVSX_NAMESPACE/openvsx-cli \ | ||
| oc apply -f - | ||
- id: add-openvsx-user-with-pat | ||
exec: | ||
label: "2.4. Add OpenVSX user with PAT to the DB" | ||
component: tool | ||
commandLine: | | ||
read -p "Please enter OpenVSX user name (default: eclipse-che): " OPENVSX_USER_NAME | ||
OPENVSX_USER_NAME=${OPENVSX_USER_NAME:-eclipse-che} | ||
export OPENVSX_USER_NAME | ||
echo "OPENVSX_USER_NAME is set to $OPENVSX_USER_NAME" | ||
read -p "Please enter the value for OpenVSX user PAT (default: eclipse_che_token): " OPENVSX_USER_PAT | ||
OPENVSX_USER_PAT=${OPENVSX_USER_PAT:-eclipse_che_token} | ||
export OPENVSX_USER_PAT | ||
echo "OPENVSX_USER_PAT is set to $OPENVSX_USER_PAT" | ||
export POSTGRESQL_POD_NAME=$(kubectl get pods -n "$OPENVSX_NAMESPACE" -o jsonpath="{.items[*].metadata.name}" | tr ' ' '\n' | grep ^postgresql) && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${POSTGRESQL_POD_NAME}" -- bash -c "psql -d openvsx -c \"INSERT INTO user_data (id, login_name, role) VALUES (1001, '$OPENVSX_USER_NAME', 'privileged');\"" && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${POSTGRESQL_POD_NAME}" -- bash -c "psql -d openvsx -c \"INSERT INTO personal_access_token (id, user_data, value, active, created_timestamp, accessed_timestamp, description) VALUES (1001, 1001, '$OPENVSX_USER_PAT', true, current_timestamp, current_timestamp, 'extensions publisher');\"" | ||
- id: enable-internal-openvsx | ||
exec: | ||
label: "2.5. Configure Che to use the internal OpenVSX registry" | ||
component: tool | ||
workingDir: ${PROJECTS_ROOT}/openvsx/openshift | ||
commandLine: | | ||
export CHECLUSTER_NAME="$(kubectl get checluster --all-namespaces -o json | jq -r '.items[0].metadata.name')" && | ||
export CHECLUSTER_NAMESPACE="$(kubectl get checluster --all-namespaces -o json | jq -r '.items[0].metadata.namespace')" && | ||
export OPENVSX_ROUTE_URL="$(oc get route internal -n "$OPENVSX_NAMESPACE" -o jsonpath='{.spec.host}')" && | ||
export PATCH='{"spec":{"components":{"pluginRegistry":{"openVSXURL":"https://'"$OPENVSX_ROUTE_URL"'"}}}}' && | ||
kubectl patch checluster "${CHECLUSTER_NAME}" --type=merge --patch "${PATCH}" -n "${CHECLUSTER_NAMESPACE}" | ||
- id: publish-extension | ||
exec: | ||
label: "2.6. Publish VS Code Extension to the internal OpenVSX" | ||
component: tool | ||
commandLine: | | ||
read -p "Please enter extension's namespace name: " EXTENSION_NAMESPACE_NAME | ||
EXTENSION_NAMESPACE_NAME=${EXTENSION_NAMESPACE_NAME} | ||
export EXTENSION_NAMESPACE_NAME | ||
echo "EXTENSION_NAMESPACE_NAME is set to $EXTENSION_NAMESPACE_NAME" | ||
read -p "Please enter extension's download URL: " EXTENSION_DOWNLOAD_URL | ||
EXTENSION_DOWNLOAD_URL=${EXTENSION_DOWNLOAD_URL} | ||
export EXTENSION_DOWNLOAD_URL | ||
echo "EXTENSION_DOWNLOAD_URL is set to $EXTENSION_DOWNLOAD_URL" | ||
export OVSX_POD_NAME=$(kubectl get pods -n "$OPENVSX_NAMESPACE" -o jsonpath="{.items[*].metadata.name}" | tr ' ' '\n' | grep ^ovsx-cli) && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${OVSX_POD_NAME}" -- bash -c "wget -O /tmp/extension.vsix '$EXTENSION_DOWNLOAD_URL' " && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${OVSX_POD_NAME}" -- bash -c "ovsx create-namespace '$EXTENSION_NAMESPACE_NAME'" || true && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${OVSX_POD_NAME}" -- bash -c "ovsx publish /tmp/extension.vsix" && | ||
kubectl exec -n "${OPENVSX_NAMESPACE}" "${OVSX_POD_NAME}" -- bash -c "rm /tmp/extension.vsix" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# Deploying a Private OpenVSX Registry on OpenShift | ||
|
||
This guide provides the necessary steps to deploy a private OpenVSX registry on OpenShift. By following the instructions, you'll have a fully operational OpenVSX server and CLI deployed within your OpenShift cluster, ready to be used by Eclipse Che or other services. | ||
|
||
## Prerequisites | ||
- [Deploy and run Eclipse Che on your cluster](https://eclipse.dev/che/docs/stable/administration-guide/installing-che-in-the-cloud/) | ||
- [Create a workspace](https://eclipse.dev/che/docs/stable/end-user-guide/starting-a-workspace-from-a-git-repository-url/) from the [openvsx Git repository URL](https://github.com/eclipse/openvsx) | ||
|
||
## Step-by-Step Instructions | ||
In the workspace, you'll find a set of predefined commands from the `devfile.yaml` that will assist you in preparing and deploying a private OpenVSX registry. To execute any of these commands within your workspace, navigate to Terminal -> Run Task -> devfile: | ||
|
||
* 2.1. Build and Publish OpenVSX Image | ||
|
||
Build the OpenVSX image and push it to the OpenShift internal registry. You'll ask to enter the OpenVSX version to deploy (default is v0.18.0). | ||
|
||
* 2.2. Build and Publish OpenVSX CLI Image | ||
|
||
Build the OpenVSX CLI image and push it to the OpenShift internal registry. | ||
|
||
* 2.3. Deploy OpenVSX | ||
|
||
Deploy the OpenVSX registry using the provided `openvsx-deployment.yml` template | ||
|
||
* 2.4. Add OpenVSX user with PAT to the DB | ||
|
||
This command adds a new OpenVSX user along with a Personal Access Token (PAT) to the PostgreSQL database. | ||
|
||
* 2.5. Configure Che to use the internal OpenVSX registry | ||
|
||
In case you have deployed Eclipse Che on the cluster, you can patch it to use your private OpenVSX registry. | ||
|
||
* 2.6. Publish VS Code Extension to the internal OpenVSX | ||
|
||
This command facilitates publishing a VS Code extension to the local OpenVSX registry. It prompts the user to provide the extension's namespace name and download URL. The extension is then downloaded into a temporary folder inside the ovsx-cli pod, a namespace is created (if not already present), and the extension is published to the OpenVSX registry. Afterward, the temporary file is deleted. This command is ideal for adding custom or internal extensions to a local OpenVSX instance. | ||
|
||
## OpenShift Template (openvsx-deployment.yml) | ||
You can find the deployment YAML configuration in the `openvsx-deployment.yml` file. This template defines the deployments, services, and route for the PostgreSQL database, Elasticsearch, OpenVSX Server, and OpenVSX CLI. | ||
|
||
### Important Parameters | ||
* `ROUTE_NAME`: The name of the route to access the OpenVSX server (default: internal) | ||
* `NAMESPACE`: The namespace where OpenVSX will be deployed (default: openvsx) | ||
* `POSTGRESQL_IMAGE`: The PostgreSQL image to use for the database (default: image-registry.openshift-image-registry.svc:5000/openshift/postgresql:15-el8) | ||
* `OPENVSX_ELASTICSEARCH_IMAGE`: The image for Elasticsearch (default: docker.elastic.co/elasticsearch/elasticsearch:8.7.1). | ||
* `OPENVSX_SERVER_IMAGE`: The image for the OpenVSX Server. | ||
* `OPENVSX_CLI_IMAGE`: The image for the OpenVSX CLI. | ||
* `OVSX_PAT_BASE64`: Base64 encoded OVSX personal access token. | ||
* `GITHUB_CLIENT_ID_BASE64` and `GITHUB_CLIENT_SECRET_BASE64`: Base64 encoded GitHub Client ID and Secret to setup GitHub OAuth. |
Oops, something went wrong.