Helm parses Golang template variables when rendering the Kubernetes
objects. For the ws-manager config (and potentially others), this
breaks as this includes Golang template variables which is interpolated
at runtime.
Helm allows for escaping of Golang template variables if wrapped in
"{{``}}". The sed command searches for any line containing "{{" and
escapes it.
With https://github.com/gitpod-io/gitpod/pull/8785, We expect users
to install their own `cert-manager` install. This PR adds a new
pre-flight check to verify the existence of the `cert-manager`.
As there is no general way to check for the existence of `cert-manager`,
We check for the `certificates.cert-manager.io` CRD instead.
Signed-off-by: Tarun Pothulapati <tarun@gitpod.io>
Currently, We include `cert-manager` instance into the
Gitpod kots package, and install it whenever Gitpod installation
is requested.
This causes the following problems:
- `cert-manager` is a separate beast on its own, There are numerous
configurations that might be needed to be set to make it run correctly.
- A lot users could have already have it installed, and have to
struggle to get Gitpod up and running in those cases.
To solve them, We could either provide all the configurations of
`cert-manager` into the Gitpod package to cater users with all
config needs or remove the package and expect `cert-manager` as a
pre-requisite and make sure its documented.
The latter feels better as it removes the maintaince of cert-manager for
us while also allowing users to have specific configuration. The install
path for `cert-manager` is [also pretty well documented](https://cert-manager.io/docs/installation/)
with all the [changes needed based on the cluster environment](https://cert-manager.io/docs/installation/compatibility/).
This PR also removes the cert-manager issuers and updates the config to allow
users to use pre-configured resources
Signed-off-by: Tarun Pothulapati <tarun@gitpod.io>
## Description
<!-- Describe your changes in detail -->
Updating the Installer README to include a small note on what each `InstallationKind` signifies
## Related Issue(s)
<!-- List the issue(s) this PR solves -->
NA
## How to test
NA
## Release Notes
<!--
Add entries for the CHANGELOG.md or "NONE" if there aren't any user facing changes.
Each line becomes a separate entry.
Format: [!<optional for breaking>] <description>
Example: !basic auth is no longer supported
See https://www.notion.so/gitpod/Release-Notes-513a74fdd23b4cb1b3b3aefb1d34a3e0
-->
```release-note
NONE
```
## Documentation
<!--
Does this PR require updates to the documentation at www.gitpod.io/docs?
* Yes
* 1. Please create a docs issue: https://github.com/gitpod-io/website/issues/new?labels=documentation&template=DOCS-NEW-FEATURE.yml&title=%5BDocs+-+New+Feature%5D%3A+%3Cyour+feature+name+here%3E
* 2. Paste the link to the docs issue below this comment
* No
* Are you sure? If so, nothing to do here.
-->
No
Prebuilds are rate-limited to N in the last S seconds on a rolling
window basis.
By default, 50 prebuilds are allowed in a 1 minute window.
A configuration property `prebuildLimiter` is added which controls
default rate limit but allows for explicit overrides by cloneURL.
The previous "in-cluster" naming still required the config to receive
LetsEncrypt variables. This has now been switched to a "select self-signed"
or "use a valid cert" flow
The Go library has a misconfiguration which adds in "replicas"
and "availableReplicas" to the OpenVSX Proxy StatefulSet. This
can cause validation issues dependent upon the version of Kubernetes
that's being used.
This removes the block from the rendered Kubernetes objects which
is the expected behaviour.
