From 738ef72506f8c939c7ff88251df177fe8ed888c0 Mon Sep 17 00:00:00 2001 From: Igor Vinokur Date: Mon, 14 Nov 2022 11:16:15 +0200 Subject: [PATCH 1/3] Add bitbucket and gitlab support Signed-off-by: Igor Vinokur --- bitbucket/.gitignore | 1 + bitbucket/.helmignore | 21 +++++++ bitbucket/1_deploy_bitbucket.sh | 5 ++ bitbucket/2_generate_keys.sh | 8 +++ bitbucket/3_configure_links.sh | 39 ++++++++++++ bitbucket/4_setupche.sh | 42 +++++++++++++ bitbucket/5_link_che_and_bitbucket.sh | 40 ++++++++++++ bitbucket/6_test_bitbucket_api.sh | 74 ++++++++++++++++++++++ bitbucket/7_factory.sh | 32 ++++++++++ bitbucket/8_test_post_bitbucket_api.sh | 80 ++++++++++++++++++++++++ bitbucket/9_test_delete_bitbucket_api.sh | 78 +++++++++++++++++++++++ bitbucket/Chart.yaml | 5 ++ bitbucket/README.md | 12 ++++ bitbucket/templates/NOTES.txt | 19 ++++++ bitbucket/templates/_helpers.tpl | 32 ++++++++++ bitbucket/templates/deployment.yaml | 62 ++++++++++++++++++ bitbucket/templates/ingress.yaml | 38 +++++++++++ bitbucket/templates/pvc-bit.yml | 17 +++++ bitbucket/templates/route.yaml | 22 +++++++ bitbucket/templates/service.yaml | 20 ++++++ bitbucket/values.yaml | 61 ++++++++++++++++++ github/deploy_github.adoc | 16 +++++ gitlab/1_deploy_gitlab.sh | 38 +++++++++++ gitlab/2_configure_oauth_app.sh | 28 +++++++++ gitlab/3_setup_oauth_secret.sh | 44 +++++++++++++ gitlab/README.md | 9 +++ gitlab/gitlab_template.yaml | 17 +++++ 27 files changed, 860 insertions(+) create mode 100644 bitbucket/.gitignore create mode 100644 bitbucket/.helmignore create mode 100755 bitbucket/1_deploy_bitbucket.sh create mode 100755 bitbucket/2_generate_keys.sh create mode 100755 bitbucket/3_configure_links.sh create mode 100755 bitbucket/4_setupche.sh create mode 100755 bitbucket/5_link_che_and_bitbucket.sh create mode 100755 bitbucket/6_test_bitbucket_api.sh create mode 100755 bitbucket/7_factory.sh create mode 100755 bitbucket/8_test_post_bitbucket_api.sh create mode 100755 bitbucket/9_test_delete_bitbucket_api.sh create mode 100644 bitbucket/Chart.yaml create mode 100644 bitbucket/README.md create mode 100644 bitbucket/templates/NOTES.txt create mode 100644 bitbucket/templates/_helpers.tpl create mode 100644 bitbucket/templates/deployment.yaml create mode 100644 bitbucket/templates/ingress.yaml create mode 100644 bitbucket/templates/pvc-bit.yml create mode 100644 bitbucket/templates/route.yaml create mode 100644 bitbucket/templates/service.yaml create mode 100644 bitbucket/values.yaml create mode 100644 github/deploy_github.adoc create mode 100755 gitlab/1_deploy_gitlab.sh create mode 100755 gitlab/2_configure_oauth_app.sh create mode 100755 gitlab/3_setup_oauth_secret.sh create mode 100644 gitlab/README.md create mode 100644 gitlab/gitlab_template.yaml diff --git a/bitbucket/.gitignore b/bitbucket/.gitignore new file mode 100644 index 0000000..ab5116e --- /dev/null +++ b/bitbucket/.gitignore @@ -0,0 +1 @@ +certs/* diff --git a/bitbucket/.helmignore b/bitbucket/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/bitbucket/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/bitbucket/1_deploy_bitbucket.sh b/bitbucket/1_deploy_bitbucket.sh new file mode 100755 index 0000000..397d64e --- /dev/null +++ b/bitbucket/1_deploy_bitbucket.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +helm install --create-namespace --namespace bitbucket bitbucket --values values.yaml . + +oc rollout status deployment/bitbucket -n bitbucket diff --git a/bitbucket/2_generate_keys.sh b/bitbucket/2_generate_keys.sh new file mode 100755 index 0000000..341d01e --- /dev/null +++ b/bitbucket/2_generate_keys.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +rm -rf ./certs +mkdir certs +openssl genrsa -out ./certs/private.pem 2048 +openssl rsa -in ./certs/private.pem -pubout > ./certs/public.pub +openssl pkcs8 -topk8 -inform pem -outform pem -nocrypt -in ./certs/private.pem -out ./certs/privatepkcs8.pem +openssl rand -base64 24 > ./certs/bitbucket_server_consumer_key +openssl rand -base64 24 > ./certs/bitbucket_shared_secret diff --git a/bitbucket/3_configure_links.sh b/bitbucket/3_configure_links.sh new file mode 100755 index 0000000..0581c70 --- /dev/null +++ b/bitbucket/3_configure_links.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +oc project $NAMESPACE +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +BITBUCKET_URL='https://'${BITBUCKET_ROUTE} +PUB_KEY=$(cat ./certs/public.pub | sed 's/-----BEGIN PUBLIC KEY-----//g' | sed 's/-----END PUBLIC KEY-----//g' | tr -d '\n') +CONSUMER_KEY=$(cat ./certs/bitbucket_server_consumer_key) +SHARED_SECRET=$(cat ./certs/bitbucket_shared_secret) +echo ' ' +echo ' ' +echo ' Open '$BITBUCKET_URL +echo ' ' +echo ' ' +echo ' Go to Administration -> Application Links' +echo ' Enter ->> '$CHE_SERVER_URL'/dashboard/ in the 'application url' field and press the 'Create new link' button and `Continue`.' +echo ' After that in `Link applications` window' +echo ' Application Name: Che' +echo ' Application Type: Generic Application' +echo ' Service Provider Name: Che' +echo ' Consumer key: '$CONSUMER_KEY +echo ' Shared secret: '$SHARED_SECRET +echo ' Request Token URL: '$BITBUCKET_URL'/plugins/servlet/oauth/request-token' +echo ' Access token URL: '$BITBUCKET_URL'/plugins/servlet/oauth/access-token' +echo ' Authorize URL: '$BITBUCKET_URL'/plugins/servlet/oauth/authorize' +echo ' Create incoming link: true' +echo ' ' +echo ' Next screen ' +echo ' ' +echo ' Consumer Key: '$CONSUMER_KEY +echo ' Consumer Name: Che' +echo ' Public Key : '$PUB_KEY + diff --git a/bitbucket/4_setupche.sh b/bitbucket/4_setupche.sh new file mode 100755 index 0000000..42a36f6 --- /dev/null +++ b/bitbucket/4_setupche.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +CONSUMER_KEY=$(cat ./certs/bitbucket_server_consumer_key) +SHARED_SECRET=$(cat ./certs/bitbucket_shared_secret) +PRIVATE_KEY=$(cat ./certs/privatepkcs8.pem | sed 's/-----BEGIN PRIVATE KEY-----//g' | sed 's/-----END PRIVATE KEY-----//g' | tr -d '\n') +BITBUCKET_HOST=$(oc get routes -n bitbucket -o json | jq -r '.items[0].spec.host') +unameOut="$(uname -s)" + +case "${unameOut}" in + Linux*) BASE64_FUNC='base64 -w 0';; + Darwin*) BASE64_FUNC='base64';; + CYGWIN*) BASE64_FUNC='base64 -w 0';; + MINGW*) BASE64_FUNC='base64 -w 0';; + *) BASE64_FUNC='base64 -w 0' +esac + +oc project $NAMESPACE +oc delete secret bitbucket-oauth-config --ignore-not-found=false + +cat < /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +oc project $NAMESPACE +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} +OS_TOKEN=$(oc whoami --show-token) +echo 'Using Eclipse Che namespace: '$NAMESPACE +echo 'Using Eclipse Che route: '$CHE_SERVER_URL +echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE +echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL + +unameOut="$(uname -s)" +case "${unameOut}" in + Linux*) OPEN_FUNC=xdg-open;; + Darwin*) OPEN_FUNC=open;; + CYGWIN*) OPEN_FUNC=xdg-open;; + MINGW*) OPEN_FUNC=xdg-open;; + *) OPEN_FUNC=xdg-open +esac + +KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ + --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ + -d "subject_token=$OS_TOKEN" \ + -d "subject_issuer=openshift-v4" \ + --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ + $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) +#echo 'KC token: '$KEYCLOAK_TOKEN +echo '=======' +USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) +echo 'Click the link' +echo 'url: '$CHE_SERVER_URL'/api/oauth/1.0/authenticate?oauth_provider=bitbucket-server&request_method=POST&signature_method=rsa&redirect_after_login=/dashboard&token='$KEYCLOAK_TOKEN +$OPEN_FUNC $CHE_SERVER_URL'/api/oauth/1.0/authenticate?oauth_provider=bitbucket-server&request_method=POST&signature_method=rsa&redirect_after_login=/dashboard&token='$KEYCLOAK_TOKEN diff --git a/bitbucket/6_test_bitbucket_api.sh b/bitbucket/6_test_bitbucket_api.sh new file mode 100755 index 0000000..3368987 --- /dev/null +++ b/bitbucket/6_test_bitbucket_api.sh @@ -0,0 +1,74 @@ +#!/bin/bash + +urlencode() { + # urlencode + + old_lc_collate=$LC_COLLATE + LC_COLLATE=C + + local length="${#1}" + for (( i = 0; i < length; i++ )); do + local c="${1:$i:1}" + case $c in + [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; + *) printf '%%%02X' "'$c" ;; + esac + done + + LC_COLLATE=$old_lc_collate +} + + +set -e +echo 'Logged in as ' $(oc whoami) + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} +DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} +OS_TOKEN=$(oc whoami --show-token) +DEVFILE_ID='' +BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) +echo 'Using Eclipse Che namespace: '$NAMESPACE +echo 'Using Eclipse Che route: '$CHE_URL +echo 'Using Eclipse Che server url : '$CHE_SERVER_URL +echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE +echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL +echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE +echo 'Bitbucket route: '$BITBUCKET_ROUTE + + +KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ + --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ + -d "subject_token=$OS_TOKEN" \ + -d "subject_issuer=openshift-v4" \ + --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ + $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) +USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) +#echo 'KC token: '$KEYCLOAK_TOKEN +echo 'User ID : '$USER_ID +echo '=======' +echo '==REQUEST=' +#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/skabashn' +BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users' +BITBACKET_REQUEST_METHOD='GET' +BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) +SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&token='$KEYCLOAK_TOKEN +echo $BITBACKET_REQUEST_URL +echo $BITBACKET_REQUEST_URL_ENCODED +echo $BITBACKET_REQUEST_METHOD +#echo $SIGNATURE_REQUEST +echo '==Execute Signature=' +REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) +echo '--------SIG-------------' +echo $REQUEST_SIGNATURE +echo '--------SIG--------------' +curl -v -s -H "Authorization: $REQUEST_SIGNATURE" $BITBACKET_REQUEST_URL | jq . diff --git a/bitbucket/7_factory.sh b/bitbucket/7_factory.sh new file mode 100755 index 0000000..14281b9 --- /dev/null +++ b/bitbucket/7_factory.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +oc project $NAMESPACE +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} +BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) +echo 'Using Eclipse Che namespace: '$NAMESPACE +echo 'Using Eclipse Che route: '$CHE_SERVER_URL +echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE +echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL +echo 'Bitbucket url: '$BITBUCKET_ROUTE +#echo 'KC token: '$KEYCLOAK_TOKEN +echo '=======' + +unameOut="$(uname -s)" +case "${unameOut}" in + Linux*) OPEN_FUNC=xdg-open;; + Darwin*) OPEN_FUNC=open;; + CYGWIN*) OPEN_FUNC=xdg-open;; + MINGW*) OPEN_FUNC=xdg-open;; + *) OPEN_FUNC=xdg-open +esac + +$OPEN_FUNC $CHE_SERVER_URL'/f?url=https://'$BITBUCKET_ROUTE'/scm/che/che-server.git' diff --git a/bitbucket/8_test_post_bitbucket_api.sh b/bitbucket/8_test_post_bitbucket_api.sh new file mode 100755 index 0000000..3f57731 --- /dev/null +++ b/bitbucket/8_test_post_bitbucket_api.sh @@ -0,0 +1,80 @@ +#!/bin/bash + +urlencode() { + # urlencode + + old_lc_collate=$LC_COLLATE + LC_COLLATE=C + + local length="${#1}" + for (( i = 0; i < length; i++ )); do + local c="${1:$i:1}" + case $c in + [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; + *) printf '%%%02X' "'$c" ;; + esac + done + + LC_COLLATE=$old_lc_collate +} + + +set -e +echo 'Logged in as ' $(oc whoami) + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} +DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} +OS_TOKEN=$(oc whoami --show-token) +DEVFILE_ID='' +BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) +echo 'Using Eclipse Che namespace: '$NAMESPACE +echo 'Using Eclipse Che route: '$CHE_URL +echo 'Using Eclipse Che server url : '$CHE_SERVER_URL +echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE +echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL +echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE +echo 'Bitbucket route: '$BITBUCKET_ROUTE + + +KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ + --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ + -d "subject_token=$OS_TOKEN" \ + -d "subject_issuer=openshift-v4" \ + --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ + $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) +USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) +#echo 'KC token: '$KEYCLOAK_TOKEN +echo 'User ID : '$USER_ID +echo '=======' +echo '==REQUEST=' +#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users/ksmster?filter=ksmster' +BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/ksmster' +BITBACKET_REQUEST_METHOD='PUT' +BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) +SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&user_id='$USER_ID'&token='$KEYCLOAK_TOKEN +echo $BITBACKET_REQUEST_URL +echo $BITBACKET_REQUEST_URL_ENCODED +echo $BITBACKET_REQUEST_METHOD +#echo $SIGNATURE_REQUEST +echo '==Execute Signature=' +REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) +echo '--------SIG-------------' +echo $REQUEST_SIGNATURE +echo '--------SIG--------------' + + + +curl -X $BITBACKET_REQUEST_METHOD --header "Content-Type: application/json" \ + --header "Authorization: $REQUEST_SIGNATURE" \ + --data '{ "name": "che5", "permissions": [ "PROJECT_WRITE", "REPO_WRITE" ] }' \ +$BITBACKET_REQUEST_URL | jq diff --git a/bitbucket/9_test_delete_bitbucket_api.sh b/bitbucket/9_test_delete_bitbucket_api.sh new file mode 100755 index 0000000..dd09464 --- /dev/null +++ b/bitbucket/9_test_delete_bitbucket_api.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +urlencode() { + # urlencode + + old_lc_collate=$LC_COLLATE + LC_COLLATE=C + + local length="${#1}" + for (( i = 0; i < length; i++ )); do + local c="${1:$i:1}" + case $c in + [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; + *) printf '%%%02X' "'$c" ;; + esac + done + + LC_COLLATE=$old_lc_collate +} + + +set -e +echo 'Logged in as ' $(oc whoami) + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi +CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +CHE_SERVER_URL='https://'${CHE_ROUTE} +KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} +DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) +DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} +OS_TOKEN=$(oc whoami --show-token) +DEVFILE_ID='' +BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) +echo 'Using Eclipse Che namespace: '$NAMESPACE +echo 'Using Eclipse Che route: '$CHE_URL +echo 'Using Eclipse Che server url : '$CHE_SERVER_URL +echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE +echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL +echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE +echo 'Bitbucket route: '$BITBUCKET_ROUTE + + +KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ + --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ + -d "subject_token=$OS_TOKEN" \ + -d "subject_issuer=openshift-v4" \ + --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ + $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) +USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) +#echo 'KC token: '$KEYCLOAK_TOKEN +echo 'User ID : '$USER_ID +echo '=======' +echo '==REQUEST=' +#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users/ksmster?filter=ksmster' +BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/ksmster/718726209545' +BITBACKET_REQUEST_METHOD='DELETE' +BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) +SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&user_id='$USER_ID'&token='$KEYCLOAK_TOKEN +echo $BITBACKET_REQUEST_URL +echo $BITBACKET_REQUEST_URL_ENCODED +echo $BITBACKET_REQUEST_METHOD +#echo $SIGNATURE_REQUEST +echo '==Execute Signature=' +REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) +echo '--------SIG-------------' +echo $REQUEST_SIGNATURE +echo '--------SIG--------------' + + +curl -v -X $BITBACKET_REQUEST_METHOD \ + --header "Authorization: $REQUEST_SIGNATURE" \ +$BITBACKET_REQUEST_URL | jq diff --git a/bitbucket/Chart.yaml b/bitbucket/Chart.yaml new file mode 100644 index 0000000..8a43938 --- /dev/null +++ b/bitbucket/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for bitbucket kubernetes +name: bitbucket +version: 0.1.0 diff --git a/bitbucket/README.md b/bitbucket/README.md new file mode 100644 index 0000000..d5ca1d4 --- /dev/null +++ b/bitbucket/README.md @@ -0,0 +1,12 @@ +Helm Chart For Bitbucket + +1. 1_deploy_bitbucket.sh +2. 2_generate_keys.sh +3. 3_configure_links.sh +4. 4_setupche.sh +5. 5_link_che_and_bitbucket.sh +6. 6_test_bitbucket_api.sh + +Prerequisites: +* kubectl, helm, oc +* Authorised oc connection to an Openshift cluster diff --git a/bitbucket/templates/NOTES.txt b/bitbucket/templates/NOTES.txt new file mode 100644 index 0000000..d78d506 --- /dev/null +++ b/bitbucket/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "bitbucket.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "bitbucket.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "bitbucket.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ include "bitbucket.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/bitbucket/templates/_helpers.tpl b/bitbucket/templates/_helpers.tpl new file mode 100644 index 0000000..587eaa1 --- /dev/null +++ b/bitbucket/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "bitbucket.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "bitbucket.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "bitbucket.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/bitbucket/templates/deployment.yaml b/bitbucket/templates/deployment.yaml new file mode 100644 index 0000000..3412c69 --- /dev/null +++ b/bitbucket/templates/deployment.yaml @@ -0,0 +1,62 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: {{ .Values.namespace }} + name: {{ include "bitbucket.fullname" . }} + labels: + app: {{ include "bitbucket.name" . }} + chart: {{ include "bitbucket.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "bitbucket.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ include "bitbucket.name" . }} + release: {{ .Release.Name }} + spec: + volumes: + - name: bitbucket-vol + persistentVolumeClaim: + claimName: {{ default (include "bitbucket.fullname" .) }}-data + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: SERVER_PORT + value: '7990' + - name: SERVER_SCHEME + value: https + - name: SERVER_SECURE + value: 'true' + - name: SERVER_PROXY_PORT + value: '443' + - name: SERVER_PROXY_NAME + value: '{{ .Values.proxyName }}' + volumeMounts: + - name: bitbucket-vol + mountPath: /var/atlassian/application-data/bitbucket + ports: + - name: bitbucket + containerPort: 7990 + protocol: TCP + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/bitbucket/templates/ingress.yaml b/bitbucket/templates/ingress.yaml new file mode 100644 index 0000000..f6146f6 --- /dev/null +++ b/bitbucket/templates/ingress.yaml @@ -0,0 +1,38 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "bitbucket.fullname" . -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ include "bitbucket.name" . }} + chart: {{ include "bitbucket.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: http + {{- end }} +{{- end }} diff --git a/bitbucket/templates/pvc-bit.yml b/bitbucket/templates/pvc-bit.yml new file mode 100644 index 0000000..70fe3ae --- /dev/null +++ b/bitbucket/templates/pvc-bit.yml @@ -0,0 +1,17 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bitbucket-data + namespace: {{ .Values.namespace }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + storageClassName: {{ .Values.persistence.storageClassName }} +{{- end -}} + diff --git a/bitbucket/templates/route.yaml b/bitbucket/templates/route.yaml new file mode 100644 index 0000000..f3159ec --- /dev/null +++ b/bitbucket/templates/route.yaml @@ -0,0 +1,22 @@ +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ include "bitbucket.fullname" . }} + labels: + app: {{ include "bitbucket.name" . }} + chart: {{ include "bitbucket.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + to: + kind: Service + name: {{ include "bitbucket.fullname" . }} + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + port: + targetPort: 7990 diff --git a/bitbucket/templates/service.yaml b/bitbucket/templates/service.yaml new file mode 100644 index 0000000..8ebbdc8 --- /dev/null +++ b/bitbucket/templates/service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + namespace: {{ .Values.namespace }} + name: {{ include "bitbucket.fullname" . }} + labels: + app: {{ include "bitbucket.name" . }} + chart: {{ include "bitbucket.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: 7990 + protocol: TCP + name: http + selector: + app: {{ include "bitbucket.name" . }} + release: {{ .Release.Name }} diff --git a/bitbucket/values.yaml b/bitbucket/values.yaml new file mode 100644 index 0000000..710dc97 --- /dev/null +++ b/bitbucket/values.yaml @@ -0,0 +1,61 @@ +# Default values for bitbucket. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +namespace: bitbucket + +replicaCount: 1 +proxyName: "" +image: + repository: atlassian/bitbucket-server + tag: 5.15.2 + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +service: + type: LoadBalancer + port: 7990 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +persistence: + enabled: true + storageClassName: gp2 + accessModes: + - ReadWriteOnce + size: 20Gi + # annotations: {} + # subPath: "" + # existingClaim: + + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/github/deploy_github.adoc b/github/deploy_github.adoc new file mode 100644 index 0000000..9d75562 --- /dev/null +++ b/github/deploy_github.adoc @@ -0,0 +1,16 @@ +. Download a GitHub server VHD image: https://enterprise.github.com/releases +. Create a virtual-box machine with next parameters: + * Type: Linux + * Version: Ubuntu 64-bit + * RAM options: minimum 26 Gb + * Virtual Hard Disc: minimum 20 Gb +. Go to the settings page of the created virtual machine: + * Go to the Storage tab + ** Change the predefined hard disc to SATA port 1 + ** Add the downloaded GitHub VHD as SATA port 0 + ** Add the downloaded GitHub VHD as SATA port 0 + * Go to the Network tab. + ** Select Bridged adapter with your fiscal network device +. Start the virtual machine and wait until it loads. +. See the GitHub IP and expose it to the public internet. +. Continue the setup in a browser. diff --git a/gitlab/1_deploy_gitlab.sh b/gitlab/1_deploy_gitlab.sh new file mode 100755 index 0000000..83650d4 --- /dev/null +++ b/gitlab/1_deploy_gitlab.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +wait-pod-running() { + [[ -z $1 ]] && { echo '[ERROR] SELECTOR not defined'; exit 1; } + [[ -z $2 ]] && { echo '[ERROR] NAMESPACE not defined'; exit 1; } + + while [ "$(kubectl get pod -l "$1" -n "$2" -o go-template='{{len .items}}')" -eq 0 ]; do + sleep 10 + done + kubectl wait --for=condition=ready pod -l "$1" -n "$2" --timeout=120s +} + +# Install cer-manager +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml +wait-pod-running "app.kubernetes.io/component=controller" "cert-manager" +wait-pod-running "app.kubernetes.io/component=cainjector" "cert-manager" +wait-pod-running "app.kubernetes.io/component=webhook" "cert-manager" + +# Install gitlab +kubectl create namespace gitlab-system +kubectl apply -f https://gitlab.com/api/v4/projects/18899486/packages/generic/gitlab-operator/0.13.3/gitlab-operator-openshift-0.13.3.yaml +wait-pod-running "control-plane=controller-manager" "gitlab-system" + +# Prepare gitlab instance +HOSTNAME="$(kubectl get route -n openshift-console console -ojsonpath='{.status.ingress[0].host}')" +TRIMMED_HOSTNAME="${HOSTNAME:26}" +DOMAIN="$TRIMMED_HOSTNAME" envsubst < gitlab_template.yaml > gitlab.yaml +kubectl -n gitlab-system apply -f gitlab.yaml +rm gitlab.yaml +printf "\n\nWaiting for Gitlab to start, it may take more than 10 minutes.\n\n" +wait-pod-running "app.kubernetes.io/component=webservice" "gitlab-system" + +# Apply gitlab route +oc create route edge gitlab --service=gitlab-webservice-default --port=http-workhorse -n gitlab-system +printf "Gitlab has started, visit https://gitlab-gitlab-system.%s.\n\n" "$TRIMMED_HOSTNAME" + +PASSWORD="$(kubectl get secret gitlab-gitlab-initial-root-password -n gitlab-system -o jsonpath="{.data.password}" | base64 --decode)" +printf "login: root\nPassword: %s\n\n" "$PASSWORD" diff --git a/gitlab/2_configure_oauth_app.sh b/gitlab/2_configure_oauth_app.sh new file mode 100755 index 0000000..cd8475f --- /dev/null +++ b/gitlab/2_configure_oauth_app.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi + +FORMATTED_NAMESPACE="$(echo "$NAMESPACE" | sed 's/.*-//')" +CHE_ROUTE="$(oc get route/"$FORMATTED_NAMESPACE" --namespace="$NAMESPACE" -o=jsonpath='{.spec.host}')" +GITLAB_ROUTE="$(oc get route/gitlab --namespace=gitlab-system -o=jsonpath='{.spec.host}')" +CHE_SERVER_URL="https://${CHE_ROUTE}" +GITLAB_APP_URL="https://$GITLAB_ROUTE/-/profile/applications" + +echo ' ' +echo ' ' +echo " Open $GITLAB_APP_URL" +echo ' ' +echo ' ' +echo " Fil in the next values:" +echo " Name: $FORMATTED_NAMESPACE" +echo " Redirect URI: $CHE_SERVER_URL/api/oauth/callback" +echo " Under Scopes, check the api, write_repository, and openid checkboxes." +echo ' ' +echo " Press the 'Save application' button." +echo " Save the 'Application ID' and 'Secret' values for the further actions." + diff --git a/gitlab/3_setup_oauth_secret.sh b/gitlab/3_setup_oauth_secret.sh new file mode 100755 index 0000000..6a3a54d --- /dev/null +++ b/gitlab/3_setup_oauth_secret.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash + +if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] +then + NAMESPACE="eclipse-che" +else + NAMESPACE="openshift-devspaces" +fi + +GITLAB_ROUTE="$(oc get route/gitlab --namespace=gitlab-system -o=jsonpath='{.spec.host}')" +unameOut="$(uname -s)" + +printf "\nInput the 'Application ID' value from the previous script\n" +read -r APPLICATION_ID +printf "\nInput the 'Secret' value from the previous script\n" +read -r SECRET + +case "${unameOut}" in + Linux*) BASE64_FUNC='base64 -w 0';; + Darwin*) BASE64_FUNC='base64';; + CYGWIN*) BASE64_FUNC='base64 -w 0';; + MINGW*) BASE64_FUNC='base64 -w 0';; + *) BASE64_FUNC='base64 -w 0' +esac + +oc project "$NAMESPACE" +#oc delete secret gitlab-oauth-config --ignore-not-found=false + +cat < Date: Thu, 17 Nov 2022 12:31:21 +0200 Subject: [PATCH 2/3] Update gitlab/2_configure_oauth_app.sh Co-authored-by: Valeriy Svydenko --- gitlab/2_configure_oauth_app.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitlab/2_configure_oauth_app.sh b/gitlab/2_configure_oauth_app.sh index cd8475f..91563bd 100755 --- a/gitlab/2_configure_oauth_app.sh +++ b/gitlab/2_configure_oauth_app.sh @@ -18,7 +18,7 @@ echo ' ' echo " Open $GITLAB_APP_URL" echo ' ' echo ' ' -echo " Fil in the next values:" +echo " Fill in the next values:" echo " Name: $FORMATTED_NAMESPACE" echo " Redirect URI: $CHE_SERVER_URL/api/oauth/callback" echo " Under Scopes, check the api, write_repository, and openid checkboxes." From 5cf372e21e41835c94b5219d34ccdc9a167959bc Mon Sep 17 00:00:00 2001 From: Igor Vinokur Date: Thu, 17 Nov 2022 12:31:26 +0200 Subject: [PATCH 3/3] Update gitlab/1_deploy_gitlab.sh Co-authored-by: Valeriy Svydenko --- bitbucket/1_deploy_bitbucket.sh | 8 +++ bitbucket/2_generate_keys.sh | 9 +++ bitbucket/3_configure_links.sh | 20 +++--- bitbucket/4_setupche.sh | 17 +++-- bitbucket/5_link_che_and_bitbucket.sh | 40 ------------ bitbucket/6_test_bitbucket_api.sh | 74 ---------------------- bitbucket/7_factory.sh | 32 ---------- bitbucket/8_test_post_bitbucket_api.sh | 80 ------------------------ bitbucket/9_test_delete_bitbucket_api.sh | 78 ----------------------- bitbucket/README.md | 2 - gitlab/1_deploy_gitlab.sh | 10 ++- gitlab/2_configure_oauth_app.sh | 16 +++-- gitlab/3_setup_oauth_secret.sh | 16 +++-- utils.sh | 22 +++++++ 14 files changed, 92 insertions(+), 332 deletions(-) delete mode 100755 bitbucket/5_link_che_and_bitbucket.sh delete mode 100755 bitbucket/6_test_bitbucket_api.sh delete mode 100755 bitbucket/7_factory.sh delete mode 100755 bitbucket/8_test_post_bitbucket_api.sh delete mode 100755 bitbucket/9_test_delete_bitbucket_api.sh create mode 100644 utils.sh diff --git a/bitbucket/1_deploy_bitbucket.sh b/bitbucket/1_deploy_bitbucket.sh index 397d64e..3846909 100755 --- a/bitbucket/1_deploy_bitbucket.sh +++ b/bitbucket/1_deploy_bitbucket.sh @@ -1,4 +1,12 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# helm install --create-namespace --namespace bitbucket bitbucket --values values.yaml . diff --git a/bitbucket/2_generate_keys.sh b/bitbucket/2_generate_keys.sh index 341d01e..a2796e1 100755 --- a/bitbucket/2_generate_keys.sh +++ b/bitbucket/2_generate_keys.sh @@ -1,4 +1,13 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# + rm -rf ./certs mkdir certs openssl genrsa -out ./certs/private.pem 2048 diff --git a/bitbucket/3_configure_links.sh b/bitbucket/3_configure_links.sh index 0581c70..85a519c 100755 --- a/bitbucket/3_configure_links.sh +++ b/bitbucket/3_configure_links.sh @@ -1,10 +1,16 @@ -#!/usr/bin/env bash -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi +#!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# + +source .././utils.sh +define_namespace + oc project $NAMESPACE CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) diff --git a/bitbucket/4_setupche.sh b/bitbucket/4_setupche.sh index 42a36f6..79b6ab5 100755 --- a/bitbucket/4_setupche.sh +++ b/bitbucket/4_setupche.sh @@ -1,11 +1,16 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# + +source .././utils.sh +define_namespace -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi CONSUMER_KEY=$(cat ./certs/bitbucket_server_consumer_key) SHARED_SECRET=$(cat ./certs/bitbucket_shared_secret) PRIVATE_KEY=$(cat ./certs/privatepkcs8.pem | sed 's/-----BEGIN PRIVATE KEY-----//g' | sed 's/-----END PRIVATE KEY-----//g' | tr -d '\n') diff --git a/bitbucket/5_link_che_and_bitbucket.sh b/bitbucket/5_link_che_and_bitbucket.sh deleted file mode 100755 index b177c7b..0000000 --- a/bitbucket/5_link_che_and_bitbucket.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi -oc project $NAMESPACE -CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -CHE_SERVER_URL='https://'${CHE_ROUTE} -KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} -OS_TOKEN=$(oc whoami --show-token) -echo 'Using Eclipse Che namespace: '$NAMESPACE -echo 'Using Eclipse Che route: '$CHE_SERVER_URL -echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE -echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL - -unameOut="$(uname -s)" -case "${unameOut}" in - Linux*) OPEN_FUNC=xdg-open;; - Darwin*) OPEN_FUNC=open;; - CYGWIN*) OPEN_FUNC=xdg-open;; - MINGW*) OPEN_FUNC=xdg-open;; - *) OPEN_FUNC=xdg-open -esac - -KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ - --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ - -d "subject_token=$OS_TOKEN" \ - -d "subject_issuer=openshift-v4" \ - --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ - $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) -#echo 'KC token: '$KEYCLOAK_TOKEN -echo '=======' -USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) -echo 'Click the link' -echo 'url: '$CHE_SERVER_URL'/api/oauth/1.0/authenticate?oauth_provider=bitbucket-server&request_method=POST&signature_method=rsa&redirect_after_login=/dashboard&token='$KEYCLOAK_TOKEN -$OPEN_FUNC $CHE_SERVER_URL'/api/oauth/1.0/authenticate?oauth_provider=bitbucket-server&request_method=POST&signature_method=rsa&redirect_after_login=/dashboard&token='$KEYCLOAK_TOKEN diff --git a/bitbucket/6_test_bitbucket_api.sh b/bitbucket/6_test_bitbucket_api.sh deleted file mode 100755 index 3368987..0000000 --- a/bitbucket/6_test_bitbucket_api.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash - -urlencode() { - # urlencode - - old_lc_collate=$LC_COLLATE - LC_COLLATE=C - - local length="${#1}" - for (( i = 0; i < length; i++ )); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE=$old_lc_collate -} - - -set -e -echo 'Logged in as ' $(oc whoami) - -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi -CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -CHE_SERVER_URL='https://'${CHE_ROUTE} -KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} -DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} -OS_TOKEN=$(oc whoami --show-token) -DEVFILE_ID='' -BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) -echo 'Using Eclipse Che namespace: '$NAMESPACE -echo 'Using Eclipse Che route: '$CHE_URL -echo 'Using Eclipse Che server url : '$CHE_SERVER_URL -echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE -echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL -echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE -echo 'Bitbucket route: '$BITBUCKET_ROUTE - - -KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ - --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ - -d "subject_token=$OS_TOKEN" \ - -d "subject_issuer=openshift-v4" \ - --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ - $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) -USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) -#echo 'KC token: '$KEYCLOAK_TOKEN -echo 'User ID : '$USER_ID -echo '=======' -echo '==REQUEST=' -#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/skabashn' -BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users' -BITBACKET_REQUEST_METHOD='GET' -BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) -SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&token='$KEYCLOAK_TOKEN -echo $BITBACKET_REQUEST_URL -echo $BITBACKET_REQUEST_URL_ENCODED -echo $BITBACKET_REQUEST_METHOD -#echo $SIGNATURE_REQUEST -echo '==Execute Signature=' -REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) -echo '--------SIG-------------' -echo $REQUEST_SIGNATURE -echo '--------SIG--------------' -curl -v -s -H "Authorization: $REQUEST_SIGNATURE" $BITBACKET_REQUEST_URL | jq . diff --git a/bitbucket/7_factory.sh b/bitbucket/7_factory.sh deleted file mode 100755 index 14281b9..0000000 --- a/bitbucket/7_factory.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env bash - -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi -oc project $NAMESPACE -CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -CHE_SERVER_URL='https://'${CHE_ROUTE} -KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} -BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) -echo 'Using Eclipse Che namespace: '$NAMESPACE -echo 'Using Eclipse Che route: '$CHE_SERVER_URL -echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE -echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL -echo 'Bitbucket url: '$BITBUCKET_ROUTE -#echo 'KC token: '$KEYCLOAK_TOKEN -echo '=======' - -unameOut="$(uname -s)" -case "${unameOut}" in - Linux*) OPEN_FUNC=xdg-open;; - Darwin*) OPEN_FUNC=open;; - CYGWIN*) OPEN_FUNC=xdg-open;; - MINGW*) OPEN_FUNC=xdg-open;; - *) OPEN_FUNC=xdg-open -esac - -$OPEN_FUNC $CHE_SERVER_URL'/f?url=https://'$BITBUCKET_ROUTE'/scm/che/che-server.git' diff --git a/bitbucket/8_test_post_bitbucket_api.sh b/bitbucket/8_test_post_bitbucket_api.sh deleted file mode 100755 index 3f57731..0000000 --- a/bitbucket/8_test_post_bitbucket_api.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -urlencode() { - # urlencode - - old_lc_collate=$LC_COLLATE - LC_COLLATE=C - - local length="${#1}" - for (( i = 0; i < length; i++ )); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE=$old_lc_collate -} - - -set -e -echo 'Logged in as ' $(oc whoami) - -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi -CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -CHE_SERVER_URL='https://'${CHE_ROUTE} -KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} -DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} -OS_TOKEN=$(oc whoami --show-token) -DEVFILE_ID='' -BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) -echo 'Using Eclipse Che namespace: '$NAMESPACE -echo 'Using Eclipse Che route: '$CHE_URL -echo 'Using Eclipse Che server url : '$CHE_SERVER_URL -echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE -echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL -echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE -echo 'Bitbucket route: '$BITBUCKET_ROUTE - - -KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ - --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ - -d "subject_token=$OS_TOKEN" \ - -d "subject_issuer=openshift-v4" \ - --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ - $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) -USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) -#echo 'KC token: '$KEYCLOAK_TOKEN -echo 'User ID : '$USER_ID -echo '=======' -echo '==REQUEST=' -#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users/ksmster?filter=ksmster' -BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/ksmster' -BITBACKET_REQUEST_METHOD='PUT' -BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) -SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&user_id='$USER_ID'&token='$KEYCLOAK_TOKEN -echo $BITBACKET_REQUEST_URL -echo $BITBACKET_REQUEST_URL_ENCODED -echo $BITBACKET_REQUEST_METHOD -#echo $SIGNATURE_REQUEST -echo '==Execute Signature=' -REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) -echo '--------SIG-------------' -echo $REQUEST_SIGNATURE -echo '--------SIG--------------' - - - -curl -X $BITBACKET_REQUEST_METHOD --header "Content-Type: application/json" \ - --header "Authorization: $REQUEST_SIGNATURE" \ - --data '{ "name": "che5", "permissions": [ "PROJECT_WRITE", "REPO_WRITE" ] }' \ -$BITBACKET_REQUEST_URL | jq diff --git a/bitbucket/9_test_delete_bitbucket_api.sh b/bitbucket/9_test_delete_bitbucket_api.sh deleted file mode 100755 index dd09464..0000000 --- a/bitbucket/9_test_delete_bitbucket_api.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/bin/bash - -urlencode() { - # urlencode - - old_lc_collate=$LC_COLLATE - LC_COLLATE=C - - local length="${#1}" - for (( i = 0; i < length; i++ )); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE=$old_lc_collate -} - - -set -e -echo 'Logged in as ' $(oc whoami) - -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi -CHE_ROUTE=$(oc get route/che --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -CHE_SERVER_URL='https://'${CHE_ROUTE} -KEYCLOAK_ROUTE=$(oc get route/keycloak --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -KEYCLOAK_URL='https://'${KEYCLOAK_ROUTE} -DEVFILE_REGISTRY_ROUTE=$(oc get route/devfile-registry --namespace=$NAMESPACE -o=jsonpath={'.spec.host'}) -DEVFILE_REGISTRY_URL='https://'${DEVFILE_REGISTRY_ROUTE} -OS_TOKEN=$(oc whoami --show-token) -DEVFILE_ID='' -BITBUCKET_ROUTE=$(oc get route/bitbucket --namespace=bitbucket -o=jsonpath={'.spec.host'}) -echo 'Using Eclipse Che namespace: '$NAMESPACE -echo 'Using Eclipse Che route: '$CHE_URL -echo 'Using Eclipse Che server url : '$CHE_SERVER_URL -echo 'Using Eclipse KEYCLOAK route: '$KEYCLOAK_ROUTE -echo 'Using Eclipse KEYCLOAK url: '$KEYCLOAK_URL -echo 'Using Eclipse Devfile registry route: '$DEVFILE_REGISTRY_ROUTE -echo 'Bitbucket route: '$BITBUCKET_ROUTE - - -KEYCLOAK_TOKEN=$(curl -s -X POST -d "client_id=che-public" \ - --data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \ - -d "subject_token=$OS_TOKEN" \ - -d "subject_issuer=openshift-v4" \ - --data-urlencode "subject_token_type=urn:ietf:params:oauth:token-type:access_token" \ - $KEYCLOAK_URL/auth/realms/che/protocol/openid-connect/token | jq -j .access_token) -USER_ID=$(curl -s $CHE_SERVER_URL/api/user -H 'Accept: application/json, text/plain' -H 'Authorization: Bearer '${KEYCLOAK_TOKEN} | jq -r .id) -#echo 'KC token: '$KEYCLOAK_TOKEN -echo 'User ID : '$USER_ID -echo '=======' -echo '==REQUEST=' -#BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/api/1.0/users/ksmster?filter=ksmster' -BITBACKET_REQUEST_URL='https://'$BITBUCKET_ROUTE'/rest/access-tokens/1.0/users/ksmster/718726209545' -BITBACKET_REQUEST_METHOD='DELETE' -BITBACKET_REQUEST_URL_ENCODED=$(urlencode $BITBACKET_REQUEST_URL) -SIGNATURE_REQUEST='https://'$CHE_ROUTE'/api/oauth/1.0/signature?oauth_provider=bitbucket-server&request_method='$BITBACKET_REQUEST_METHOD'&request_url='$BITBACKET_REQUEST_URL_ENCODED'&user_id='$USER_ID'&token='$KEYCLOAK_TOKEN -echo $BITBACKET_REQUEST_URL -echo $BITBACKET_REQUEST_URL_ENCODED -echo $BITBACKET_REQUEST_METHOD -#echo $SIGNATURE_REQUEST -echo '==Execute Signature=' -REQUEST_SIGNATURE=$(curl -s $SIGNATURE_REQUEST ) -echo '--------SIG-------------' -echo $REQUEST_SIGNATURE -echo '--------SIG--------------' - - -curl -v -X $BITBACKET_REQUEST_METHOD \ - --header "Authorization: $REQUEST_SIGNATURE" \ -$BITBACKET_REQUEST_URL | jq diff --git a/bitbucket/README.md b/bitbucket/README.md index d5ca1d4..1929032 100644 --- a/bitbucket/README.md +++ b/bitbucket/README.md @@ -4,8 +4,6 @@ Helm Chart For Bitbucket 2. 2_generate_keys.sh 3. 3_configure_links.sh 4. 4_setupche.sh -5. 5_link_che_and_bitbucket.sh -6. 6_test_bitbucket_api.sh Prerequisites: * kubectl, helm, oc diff --git a/gitlab/1_deploy_gitlab.sh b/gitlab/1_deploy_gitlab.sh index 83650d4..830f72d 100755 --- a/gitlab/1_deploy_gitlab.sh +++ b/gitlab/1_deploy_gitlab.sh @@ -1,4 +1,12 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# wait-pod-running() { [[ -z $1 ]] && { echo '[ERROR] SELECTOR not defined'; exit 1; } @@ -35,4 +43,4 @@ oc create route edge gitlab --service=gitlab-webservice-default --port=http-work printf "Gitlab has started, visit https://gitlab-gitlab-system.%s.\n\n" "$TRIMMED_HOSTNAME" PASSWORD="$(kubectl get secret gitlab-gitlab-initial-root-password -n gitlab-system -o jsonpath="{.data.password}" | base64 --decode)" -printf "login: root\nPassword: %s\n\n" "$PASSWORD" +printf "Login: root\nPassword: %s\n\n" "$PASSWORD" diff --git a/gitlab/2_configure_oauth_app.sh b/gitlab/2_configure_oauth_app.sh index 91563bd..b9cbd2e 100755 --- a/gitlab/2_configure_oauth_app.sh +++ b/gitlab/2_configure_oauth_app.sh @@ -1,11 +1,15 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi +source .././utils.sh +define_namespace FORMATTED_NAMESPACE="$(echo "$NAMESPACE" | sed 's/.*-//')" CHE_ROUTE="$(oc get route/"$FORMATTED_NAMESPACE" --namespace="$NAMESPACE" -o=jsonpath='{.spec.host}')" diff --git a/gitlab/3_setup_oauth_secret.sh b/gitlab/3_setup_oauth_secret.sh index 6a3a54d..cf21985 100755 --- a/gitlab/3_setup_oauth_secret.sh +++ b/gitlab/3_setup_oauth_secret.sh @@ -1,11 +1,15 @@ #!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# -if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] -then - NAMESPACE="eclipse-che" -else - NAMESPACE="openshift-devspaces" -fi +source .././utils.sh +define_namespace GITLAB_ROUTE="$(oc get route/gitlab --namespace=gitlab-system -o=jsonpath='{.spec.host}')" unameOut="$(uname -s)" diff --git a/utils.sh b/utils.sh new file mode 100644 index 0000000..5ed7690 --- /dev/null +++ b/utils.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2022 Red Hat, Inc. +# This program and the accompanying materials are made +# available under the terms of the Eclipse Public License 2.0 +# which is available at https://www.eclipse.org/legal/epl-2.0/ +# +# SPDX-License-Identifier: EPL-2.0 +# + +define_namespace() { + if [[ $(kubectl get pods -n eclipse-che 2> /dev/null | wc -l) -gt 0 ]] + then + export NAMESPACE="eclipse-che" + elif [[ $(kubectl get pods -n openshift-devspaces 2> /dev/null | wc -l) -gt 0 ]] + then + export NAMESPACE="openshift-devspaces" + else + echo "Che / devspaces not found in the Openshift cluster!" + exit 0 + fi +}