WIP dependency updates#488
Draft
jfaltermeier wants to merge 15 commits into
Draft
Conversation
jfaltermeier
force-pushed
the
jf/dependencies
branch
2 times, most recently
from
dfa5346 to
6b4db23
Compare
* Add openshift.md guide for local OpenShift development using Red Hat OpenShift Local (CRC) * Create 0-openshift_setup terraform configuration that reads connection details from a running CRC cluster and outputs them for downstream terraform steps
* Add fabric8 openshift-client Maven dependency to operator and defaultoperator * Add OPENSHIFT to CloudProvider enum * Set serviceAccountName: theia-cloud-sessions in deployment YAML templates
* Introduce SessionRoutingStrategy interface with methods for ensuring routing resources exist, adding session routing, and removing session routing (lazy and eager overloads) * Implement IngressRoutingStrategy that preserves existing Ingress logic * Fix potential NPE in EagerSessionHandler.sessionDeleted by moving instance null-check before autoboxing call
* create per-session Routes by cloning a Helm-managed template Route (identified by AppDefinition.ingressname) * idempotent: return existing Route hostname on operator restart/reconciliation
* build per-session Routes from templateRoute.yaml instead of cloning a Helm-deployed cluster Route * read TLS and annotation settings from the openshift-route-config ConfigMap (lazy-loaded, cached) * use ResourceEdit.updateOwnerReference for owner reference handling consistent with other templates
* add 4-01_openshift_monitor terraform config that installs CRDs, base, and main charts via token-based auth
* use SessionRoutingStrategy for session URLs in deployment replacements and proxy config maps * add route-based session URL handling for OpenShift and stop depending on IngressPathProvider in shared code
* create and remove OpenShift Routes for eager-start instances using stable app-instance hostnames * return protocol-prefixed session URLs from routing strategies and let session availability checks use them directly
* avoid double https prefix by reusing protocol when backend already returns a full URL
* package the default operator with maven-shade-plugin so that META-INF/services files are merged correctly * deploy theia-cloud-base before theia-cloud-crds so the self-signed CA issuer exists when the conversion webhook certificate is created * add cert-manager installation step to the OpenShift setup docs * use K8SANNOTATION bandwidth limiter instead of WONDERSHAPER to avoid NET_ADMIN capability requirement on OpenShift * document how to push custom images to the CRC internal registry, including namespace/ImageStream creation and CA trust setup * add commented-out image override examples to theia_cloud.tf
* Install cert-manager and Keycloak via Helm in 0_openshift-setup, replacing the manual oc apply step for cert-manager * Expose Keycloak through an OpenShift Route with edge TLS termination at keycloak.apps-crc.testing, serving at root / * Configure the TheiaCloud realm, test users (foo/bar), and admin group membership via the existing modules/keycloak terraform module * Add a null_resource wait loop so the realm setup runs only after Keycloak is fully reachable * Enable Keycloak authentication in 4-01_openshift_monitor via helm set overrides and switch service.protocol to https * Add keycloak values (realm, clientId, clientSecret, cookieSecret) to valuesOpenShiftMonitor.yaml as explicit defaults * Update openshift.md and test.md for the new dependency setup, login flow, and hostname table
* add MicroShift-based GitHub workflow for OpenShift Route and SCC code paths * use upstream MicroShift in a privileged container with a Red Hat pull secret * extract shared e2e image build, Helm values, and AppDefinition configuration for Minikube and OpenShift * support OpenShift route URLs and workspace host checks in Playwright tests
* use a scheme-neutral oauth2-proxy redirect URL placeholder * pass full external session URLs into oauth2-proxy config generation * normalize trailing slashes without forcing the deployment host protocol
jfaltermeier
force-pushed
the
jf/dependencies
branch
from
6b4db23 to
77f26e2
Compare
* use Temurin 25 in Maven workflows and production Docker images * compile production Java modules with source and target level 25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.