Releases: eclipse-che/che
Eclipse Che 7.64.0
Major Enhancements
Che URL parameter to configure a specific container image
A new parameter, image, let developers specify the main Che workspace image in the workspace URL. It allows to specify a specific container without the need to add devfile in the git repository (a universal developer image container will be used instead). If a devfile is present the image parameter allows to replace the devfile first container component image.
Automatically set user and email in git configuration when Git service integration is configured
If Git service OAuth has been setup by Che administrator, or if a user has configured a Git service Personal Access Token secret in his namespace, then git is automatically configured with the right name and email. Developer can run git commit without the need to to configure git.
A warning is displayed in Git services preferences when revoking authorization to Eclipse Che OAuth from GUI is not supported
Revoking the authorization granted to the Eclipse Che OAuth appliction from the user preferences is only supported for GitHub. Authorization for other Git services is shown in the preferences panel but it's not possible to revoke it from there. A warning has been added to explain that to the users.
A new VS Code menu item to open a Terminal in a specific container has been added
It's now simpler to open a Terminal in a specific container. The command Create New Terminal to DevWorkspace Container has been renamed Create New Terminal (Select a Container) and the command has been added in the Terminal menu and in the Terminal's context menu.
Support the permission specification for files auto-mounted with ConfigMaps and Secrets
Eclipse Che automatically mounts as files in workspace containers ConfigMaps and Secrets having some specific annotations. The mounted file permissions was not configurable and was set to 0644. This new feature allows the specification of the file permission using the annotation controller.devfile.io/mount-access-mode. This is useful for example, to mount a ConfigMap as an executable script that can be run from within the container.
Set the developer namespace in workspaces .kube/config current context
A ~/.kube/config is generated at workspace startup with the developer credentials. The developer namespace was not specified in the current context of the configuration file. As a consequence tools in the development environment using the Kubernetes API may have unpredictable behaviors. This has been addressed in the release and the generated ~/.kube/config contain the namespace.
Support ServiceAccount token volume projection
The ServiceAccount token mounted in workspaces Pods can now be specified as a projected ServiceAccount token. This allows to set the audience, the mountPath and the expirationSeconds of the token and enable federation scenarios such as GCP workload identity federation. Projected tokens properties can be specified in a CheCluster CR:
spec:
devEnvironments:
serviceAccountTokens:
- name: <name>
mounthPath: <mount-path>
audience: <audience>
expirationSeconds: <expiration>
path: <path>Support multiple postStart events in Devfiles
Eclipse Che failed to load Devfiles that had more than one postStart event. This has been addressed in this release and multiple events are now supported. Specifying composites commands as postStart event is still not supported.
Here is a Devfile example with 2 commands used as postStart events:
schemaVersion: 2.1.0
metadata:
name: multi-post-start
components:
- name: tools
container:
image: quay.io/devfile/universal-developer-image
commands:
- id: first-command
exec:
component: tools
commandLine: "echo first command"
- id: second-command
exec:
component: tools
commandLine: "echo second command"
events:
postStart:
- first-command
- second-command Removed Functionalities
Removal of the Che-Theia editor
The definition of the Che-Theia editor has been removed from Eclipse Che plugin registry. As a consequence it's not visible from Eclipse Che dashboard and it's not possible to reference its ID (eclipse/che-theia/latest or eclipse/che-theia/next) in a .che-editor.yaml or as a URL parameter.
Major Bug Fixes
Fixed Eclipse Che server image vulnerabilities
Some Eclipse Che server dependencies have been updated to address the vulnerabilities found through Trivy image scan.
Eclipse Che 7.63.0
Blog Posts
Decommissioning PostgreSQL database by @ibuziuk
Major Enhancements
Enable Dockerfile build capabilities by default
The Linux capabilities SETUID and SETGID, required to build of a container image using podman in rootless mode, are now enabled by default. Administrators can still opt-out setting CheCluster CR .spec.devEnvironments.disableBuildCapabilities to true. This is the last step of the journey to allow building Dockerfile from withing an Eclipse Che cloud development environment. It started with a manual procedure described in this blog post, was exposed through one single property in Eclipse Che v7.56 and is now, after a months of feedbacks in real world Kubernetes clusters, enabled by default.
Allow starting a workspace from a repository with an invalid devfile
Eclipse Che uses the Devfile at the root of a repository, if any, to provision a cloud development environment. If a Devfile at the root of the project was invalid, Eclipse Che refused to provision the cloud development environment. With this enhancement Eclipse Che ask the user if a default cloud development environment, with a default and valid Devfile, should be provisioned instead. That allows to open the source code and fix the invalid Devfile.
Add a VS Code menu item to open the OpenShift when running on Red Hat OpenShift
A developer may need to have access to the logs, events or definition of Kubernetes objects. When the underlying platform is Red Hat OpenShift those information are available in the Console. To make it easy to jump to the console, the VS Code included with Eclipse Che uses a built-in extension that adds a menu item to open the OpenShift Console in a new browser tab.
VS Code and JetBrains IDEs are started using containers postStart handler. Containers entrypoints are not overridden anymore.
VS Code and Jet Brains IDEs (IntelliJ and PyCharm) executables are mounted in the first container of the Pod and started at the cloud development environment creation. This used to be done using the container entrypoint, overriding whatever command the user had specified. Now startup of the IDEs is done attaching a postStart lifecycle handler. As a result Eclipse Che is not modifying the user containers entrypoints anymore.
Major Bug Fixes
Failure to find devfiles in GitLab nested repositories
When attempting to create a workspace from a GitLab repository that is more than 2 levels deep (e.g. my.gitlab.com/group/subgrp1/subgrpN/repo.git), Che was failing to find the devfile. This has been addressed in this repository and Eclipse Che supports GitLab nested repositories.
Blank characters at the beginning or the end of a git personal access token secrets should be dropped off
Personal access token secrets are an alternative to setting up an OAuth Eclipse Che Application for authentication to git service providers. Creating a the secret is a manual procedure that requires to copy-paste and Base64-encode the token. During this procedure a blank char (a new line or a space) can creep in the secret data making it invalid. This problem is now mitigated because any spaces at the beginning or at the end of personal access tokens are automatically trimmed by Eclipse Che.
Starting a cloud development environment from a bitbucket.org repository is failing
The git URL provided by bitbucket.org to clone a repository included the username. When a user tried to use that same URL to start an Eclipse Che cloud development environment if failed. This behavior has been addressed in this release and BitBucket URLs including the username can be used to start a cloud development environment.
Contributors
Assets 2
Eclipse Che 7.62.0
Major Enhancements
Azure DevOps git repositories support (backported to 7.60)
It's now possible to start an Eclipse Che workspace from an Azure DevOps git repository URL, including URLs of private repositories. A Devfile included in the Azure DevOps git repository specifies the cloud development environment. Azure DevOps is the forth git service supported by Eclipse Che. Bitbucket, GitLab and GitHub (including GH enterprise) were already supported.
Lighter installation and less maintenance burden as Eclipse Che doesn't require PostgreSQL anymore
Starting from this release PostgreSQL is no part of Che installation anymore. The Eclipse Che server used to require a database to persist workspaces and users data but this is not the case anymore. The server is a stateless applications and HA with rolling update is now possible.
Use projected volumes for auto-mount configmaps/secrets when they use the same mount path
With Kubernetes Projected Volumes it's possible to mount multiple volume sources in the same folder. Eclipse Che uses Projected Volumes when two or more volume sources (ConfigMap, Secret, PersistentVolume) are annotated to be mounted in the same folder..
Allowing users to update the workspace if they edit the project devfile in VS Code
This new feature allows to update workspace from VS Code itself. If a file named devfile.yaml or .devfile.yaml exists at the root of the project, the new command "Eclipse Che: Restart from Local Devfile" is available and can be used to update the workspace definition using the Devfile content.
Support URLs with basic authentication when resolving a devfile (backported to 7.60)
HTTP basic authentication with URL in the format https://<token>@<git-host>/<git-repo-path> is now supported to start a workspace from a git repository that requires authentication.
Checking if the workspace number limit has been exceeded should be the very first validation step during workspace startup
With the intent to fail earlier when a developer tries to run a number of workspaces that exceeds the limit that has been configured by the administrator, the check is performed at the very beginning of the workspace is started.
Major Bug Fixes
Getting Started samples on the website are not processed correctly - 'session' and 'code' attributes are not dropped during startup
When an Eclipse Che developer is redirected to the authentication page, the original workspace URL may be updated with some extra parameters. Those were not filter out by Eclipse Che and caused workspace start failures. This has been fixed in current release.
Cannot see list of workspaces after clicking 'Return to dashboard'
A bug in the link return to dashboard in the workspace startup page has been fixed in this release. When a user followed the link the resulting page was missing Eclipse Che left menu.
Cannot create Kubernetes/OpenShift Components from Devfile (backported to 0.19)
A bug on the recently introduced support of Devfile components of type Kubernetes and OpenShift has been fixed in this release. The bug caused workspace startup failure when the developer is not a privileged Kubernetes user.
Eclipse Che 7.61.0
Major Enhancements
Introducing a new "Events" tab in the workspace startup screen
In addition to the "Progress" and "Logs" tabs we have introduced a new tab called "Events" the workspace starting page. Kubernetes events are streamed on this tab as soon as they happen. This tab can be useful for developers to troubleshoot workspaces startup problems.
Support OAuth v2 for Bitbucket Server
was supported). Eclipse Che now supports both OAuth v2.0 and v1.0 applications to automatically mount and configure developers Bitbucket personal access tokens.
Major Bug Fixes
High priority of container-build scc from dev-space operator causing OLM catalogSource pods to crash backported to 7.58
Before this update, legacy CatalogSource objects used by the Operator Lifecycle Manager (OLM) could enter a crashing state on OpenShift 4.12. This issue affected clusters with Eclipse Che 7.60 and below with container builds enabled. With this update, the issue is fixed.
Error "backend not available" when user logs-in for the first time (namespace provisioning returns error 500) backported to 7.60
Prior to this fix the automatic creation of a developer namespace in Eclipse Che 7.60 was failing when the developer login name contained invalid characters for the RFC 3986 such as @ or :. As a consequence, developers with those login names, would not be able to access to Eclipse Che. This in now fixed and the namespaces are created successfully even if the developer login name had invalid characters for RFC 3986.
Eclipse Che 7.60.0
Major Enhancements
Configuring remotes using a factory URL (backported to 7.58)
Workspaces remotes can be added using a URL parameter attached to the factory URL used to create a new workspace. Additional workspace remotes can be defined in two different formats:
- Explicit name and URL:
{CHE-HOST}/#{GIT_URL}?remotes={{origin,https://github/...},{upstream,https://github/...},...}
- URLs only, name is implicit: first is origin, second is upstream, subsequent are fork1, fork2 and onwards:
{CHE-HOST}/#{GIT_URL}?remotes={[https://github...,https://github...,](https://github...,https//github...,)...}
Add "Git Services" tab to the User Preferences
Eclipse Che User Preferences page includes a new tab: "Git Services" (before, the only tab was "Container Registries"). This tab shows the list of git services the user has granted access to. User can revoke access to any of the git services from this tab. Supported services are GitHub (github.com or Enterprise), GitLab (SaaS and Server) or Bitbucket (Cloud and Server).
Honor devfile volumes sizes when storage strategy is per-workspace
Eclipse Che now honors the volume size specified in a devfile. That's applied when the PersistentVolume is created per-workspace. When the PV is created per-user (i.e. one PV is shared across all the workspaces of a user) the volume size is ignored.
The maximum number of running workspace per user is configurable
A new CheCluster parameter allows administrators to specify the maximum number or running workspaces per user. It can be configured editing the value spec.devEnvironments.maxNumberOfRunningWorkspacesPerUser of CheCluster custom resource.
VS Code notification to inform a developer that his workspace has been stopped and why
When a VS Code workspace is stopped (voluntary or not) the user is informed with an explanation of the cause (inactivity, run timeout, error, stopped). The user is also prompted to restart the workspace or to go back to the dashboard.
Major Bug Fixes
Container build support doesn't work after upgrade from 7.58.0 to 7.59.0
A regression in the support for building containers has been fixed in this release.
Factory creation from public GitLab Server repository without OAuth fails
Starting a workspace from a public GitLab Server repository was failing and has been fixed in this release.
Eclipse Che 7.59.0
Major Enhancements
Add support for devfile kubernetes and openshift components (backported to v7.58)
Eclipse Che now supports devfile components of type kubernetes and openshift. That allow to reference Kubernetes and OpenShift manifests in a devfile and include them as part of the workspace. Devfile components of type volume and container were already supported, components of type image are not supported yet.
Allow configuring workspace start timeout via CheCluster spec
The timeout to consider workspaces startup as failed was hardcoded to 5 minutes and could not be changed by administrators. With this new feature Che administrators can specify the workspaces startup timeout in the CheCluster custom resource.
Allow specify workspace pods schedulerName via CheCluster spec
Before, the Kubernetes scheduler that managed Che workspaces was always the default one. Now Che administrators can specify an alternative Kubernetes scheduler using the CheCluster custom resource.
Backported to 7.58
Allow configuring ephemeral storage strategy in CheCluster
It's now possible to specify ephemeral as the default storage strategy for every workspace through the CheCluster custom resource.
Eclipse Che 7.58.0
Major Enhancements
Auto-install VS Code extensions specified in `.vscode/extensions.json`
Recommended extensions in file .vscode/extensions.json are automatically installed by che-code at workspace startup. Before the developer get prompted to install them. This is the behavior we had in che-theia as well.
Use a pre-created ServiceAccount for workspace Pods
Workspace Pods ServiceAccountes are created by the DevWorkspace controller at workspace creation. This behavior can be changed now using the CheCluster field devEnvironments.serviceAccount to specify a pre-existing SA that will be used be by the DevWorkspace operator when starting the workspaces.
New DevWorkspace specification tab added to the User Dashboard
It's possible to view the specification of the DevWorkspace object that defines a workspace from the User Dashbaord Workspace details menu, in a new tab in addition to the Devfile tab.
Upgrade Kamel CLI to 1.11.0 in Universal Developer Image
Kamel CLI has been upgraded from 1.9.2 to 1.11.0.
Major Bug Fixes
Unexpeted session expiration invalidation results in random logouts
Before this fix the developer could be logged out unexpectedly because the session expired for unknown reasons.
Cannot install Eclipse Che on minikube with chectl
Before this fix it was not possible to install Che on minikube due to an error during Minikube preflight checklist
Eclipse Che 7.57.0
Major Enhancements
Updating documentation section "Calculating Che resource requirements" with CPU and VS Code based workspaces details
Use Visual Studio Code in the example in Calculating Che resource requirements and add CPU details that were missing in previous version.
Feature ported to 7.56.x
Major Bug Fixes
Che ignores changes to devfile.yaml and che-editor.yaml after pushing to a git repository (because che-server URLFetcher sometimes caches its results)
Che ignores changes to devfile.yaml and che-editor.yaml after pushing to a git repository (because che-server URLFetcher sometimes caches its results)
Fix ported to 7.56.x
VS Code shows wrong commands and files (restored from a previous workspace)
When starting a new workspace VS Code may restore the state of a previous workspace showing commands and files that do not exist in the new workspace.
Getting Started Samples are failing with 'user is not permitted use the container-build SCC'
A regression has been introduced in Eclipse Che 7.56 so that when installing Che on OpenShift using operator hub, workspaces started from Getting Started section of User Dashboard would fail to start with the error 'user is not permitted use the container-build SCC'.
Fix ported to 7.56.x
Insufficient CPU and insufficient memory errors are not caught at workspaces startup
Eclipse Che 7.56.0
Major Enhancements
VS Code is the new default IDE, Theia is deprecated
This is our first step to discontinue the support of Che-Theia as Che editor. We have been packaging VS Code and JetBrains IDEs as editors for Eclipse Che for a long time now. With these new editors we have adopted a new workspace architecture that doesn't use sidecar containers anymore. The injection of the IDE and its extensions in one "universal development container" (see diagram below) has been preferred to the use of isolated sidecars based on numerous feedbacks.
Che-Theia still uses the old workspace sidecar architecture and today we should either start packaging a sidecar-less version of Che-Theia or discontinuing it. The team that is currently maintaining Eclipse Che (primarily composed by Red Hat employees) does not have the resources to implement and maintain the sidecar-less Che-Theia.
As a consequence, unless there are volunteers ready to take this work over, Che-Theia is going to be discontinued in Che v7.60.
Allow Che administrators to enable container build capabilities for developers workspaces
An administrator can enable container builds using devEnvironments.disableContainerBuildCapabilities: true in CheCluster configuration. This allow using podman build on any workspace (adding the attribute controller.devfile.io/scc: container-build in a Devfile is not required anymore) .
Handle gracefully when an invalid devfile is found in a git repository
Workspace creation doesn't fail anymore if the developer provides an invalid Devfile (or if an invalid Devfile is found in the git repository provided by the developer). Instead a warning is shown asking wether the workspace should be started anyway with a default Devfile. This is particularly useful when a developer is editing and testing a Devfile.
Allow to specify arbitrary fields of the workspace Pod and containers using a Devfile
Using a Devfile in the git repository, a developer can override any workspace Pod and containers fields. This includes runtimeClassName, schedulerName and kubernetes extended resources such as nvidia.com/gpu.
Removed a VS Code built-in extension results in faster workspace startup
The built-in extension che-on-start has been removed as it's primary feature is not needed anymore (see this PR). The result is a faster start of VS Code in a user browser. The side effect of this change is that the terminal isn't opened at startup anymore.
Don't show the problem matcher prompt for Devfile commands in Che-Code
Every time a user runs a Devfile command in Che-Code they need to choose a problem matcher for scanning an output. This extra step is annoying and it is redundant in 99% of cases so it has been removed.
Add options for configuring DevWorkspace ServiceAccount
Support running chectl on Apple M1
Support git repositories with names containing underscores and other characters not compliant with RFC-1123
Major Bug Fixes
VS Code loading twice at workspace startup
An extension was used to open the project folder at VS Code startup. The result was VS Code beeing loaded twice in the user browser. This is not necessary anymore as we use the VS Code startup parameter --default-folder that has been (re-)introduced recently.
Gitlab repository support problems 1 and 2
Starting a workspace using a GitLab link when OAuth had been enabled, or a Personal Access Token secret had been created by the developer, failed. This has been fixed in this release.
Fix ported to 7.52.x
Image Puller doesn't work outside of openshift-operators namespace
`chectl` should not delete CheCluster namespace if it is `openshift-operator`
Eclipse Che 7.55.0
Major Enhancements
Workspace startup identifies Kubernetes quota problems
If Eclipse Che is not able to create a workspace Pod because of insufficient quota in the developer namespace, Dashboard notifies the developer, during the workspace startup, as soon as the error happens.
Allow to configure subdomain isolation for GitHub Enterprise Server in CheCluster CR
In GitHub Enterprise Server subdomains can be isolated (as it's the case for github.com) and it's now supported by Eclipse Che.
VS Code for Eclipse Che works with images that include openssl 3
VS Code fails to start on images with openssl 3 (as in registry.access.redhat.com/ubi9/ubi). It's now possible to avoid that if in the image the user installs Node.js 16 and sets the environment variable VSCODE_NODEJS_RUNTIME_DIR as described here.
Reduce steps required to trust git repositories using self-signed certificates
Configuring Eclipse Che to trust git repositories using self-signed certificates required adding the certificate twice. Some changes to Che operator allows to do that in one step now.
Major Bug Fixes
It's not possible to run a Task in Che-Code if it's not che type
Tasks included in a tasks.json file of a type other than che were not loaded in a VS Code running in a Che workspace. This has been fixed in this release and tasks.json with tasks of any type are supported and loaded in a Che workspace.
Fail to clone git repository if githost is omitted in che-git-self-signed-cert ConfigMap
When a git service uses a self-signed TLS certificate and Eclipse Che is configured to trust that certificate but the che-git-self-signed-cert doesn't include a githost section, workspaces creation failed. This has been fixed in current release.