Release notes and known issues

OpenShift Dev Spaces runs on OpenShift 4.11–4.13 on the following CPU architectures:

For Red Hat OpenShift Dev Spaces 3.9, Red Hat will provide support for deployment, configuration, and use of the product.

There are some differences between Red Hat OpenShift Dev Spaces and the upstream project on which it is based, Eclipse Che:

Red Hat provides licensing and packaging to ensure enterprise-level support for OpenShift Dev Spaces.

With this update, ImagePullPolicy for DevWorkspace containers can be now set using the dedicated CheCluster CR field.

apiVersion: org.eclipse.che/v2
kind: CheCluster
spec:
  devEnvironments:
    imagePullPolicy: <Always|IfNotPresent>

With this update, kubedock is now a part of the UDI (OpenShift Dev Spaces default image). If the environment variable KUBEDOCK_ENABLED is set to true in a workspace (this can be done using a devfile), the kubedock server is started at startup.

When KUBEDOCK_ENABLED=true then the following commands will be executed with kubedock. The remaining commands, in particular, podman build, will be executed by the local Podman:

With this update, the following CheCluster CR fields are available: * spec.devEnvironments.security * spec.devEnvironments.security.containerSecurityContext * spec.devEnvironments.security.podSecurityContext

Use the spec.devEnvironments.security.containerSecurityContext and spec.devEnvironments.security.podSecurityContext`fields to configure the pod and security contexts used by workspaces by setting the corresponding `DevWorkspaceOperatorConfiguration fields.

With this release, you can configure the 'Getting Started' samples on the User Dashboard by using a dedicated ConfigMap object:

apiVersion: v1
kind: ConfigMap
metadata:
  name: getting-started-sample
  namespace: openshift-devspaces
  labels:
    app.kubernetes.io/part-of: che.eclipse.org
    app.kubernetes.io/component: getting-started-samples
data:
  my-samples: |-
    [
      {
        "displayName": "Eclipse Che Dashboard",
        "description": "Cloud Development Environment for the Eclipse Che Dashboard.",
        "tags": ["Eclipse Che", "Dashboard"],
        "url": "https://github.com/eclipse-che/che-dashboard"
      }
    ]

Now you can navigate from the Workspace Details → DevWorkspace view on the User Dashboard to the OpenShift Console to inspect or edit the DevWorkspace object.

With this update, you can change the OpenShift Dev Spaces logo using the dedicated CheCluster Custom Resource property:

apiVersion: org.eclipse.che/v2
kind: CheCluster
spec:
  components:
    dashboard:
      branding
        logo:
          base64data: <base64-encoded-data>
          mediatype: image/png

Before this update, including a Bitbucket Personal Access Token (PAT) in workspaces on a OpenShift Dev Spaces installation with Bitbucket OAuth integration resulted in a "Backend is not available" error message. With this update, the workspace starts without issues.

Before this update, OpenShift Dev Spaces failed to find devfiles at the root of GitLab private repositories. This update solves the issue.

Before this update, there was an issue with volume sizes in devfiles being ignored. With this update, if at least one volume in a DevWorkspace specifies its size, and the computed PVC size is greater than the default per-workspace PVC size, the computed PVC size will be used.

Before this update, OpenShift Dev Spaces failed to find the devfile.yaml in Azure DevOps Git repositories when the provided URL ended with the .git suffix. This behavior has been addressed in this release.

Before this update, you could experience the page blinking shortly when navigating to the "Existing Workspace" page on OpenShift Dev Spaces User Dashboard. This has been addressed in this release.

Before this update, the User Dashboard would sometimes create a workspace twice resulting in the "409 Conflict" error. This behavior has been addressed in this release.

Before this update, workspace startup failed when the file name of the raw devfile was not devfile.yaml or .devfile.yaml. With this update, the name of the raw devfile does not prevent a successful workspace startup.

Before this update, downloading a project zip file from an external devfile registry failed with an "x509: certificate signed by unknown authority" error. With this update, the project-clone init container reads any .crt or .pem files stored in /public-certs. These certificates are added to the HTTP client used for preparing zip-based projects in a DevWorkspace and allow you to download project zips from default-untrusted sources by e.g. auto-mounting certificates to /public-certs in the container.

Before this update, there were failures in route creation. With this update, the handling of routing in the DevWorkspace operator is improved.

Before this update, granting extra permissions to the Bitbucket OAuth application broke the workspace startup flow. With this update, the issue is fixed.

Before this update, it was not possible to start workspaces based on Devfiles that did not contain metadata. With this update, devfiles without .metadata.name are considered valid. This is consistent with the specification.

Before this update, OpenShift Dev Spaces was missing factory URL parameters after successful OAuth authentication. This resulted in the workspace not starting. With this update, the issue is fixed.

Before this update, GitLab OAuth tokens expired after 2 hours and were not refreshed after a workspace restart. With this update, the issue is fixed.

Before this update, the ephemeral mode was used for the 'Restart with default devfile' functionality. When restarted, any changes in the workspace were lost. With this update, restarting the workspace with the default devfile does not erase changes you made previously.

There is a known issue where automatic installation of the recommended Microsoft Visual Studio Code - Open Source extensions fails if you’re using a Java or Ansible sample.

There’s a known issue with FIPS compliance that results in certain cryptographic modules not being FIPS-validated. Below is a list of requirements and limitations for using FIPS with OpenShift Dev Spaces:

Once the cluster is up and running, install OpenShift Dev Spaces 3.7.1 (3.7-264) and verify that the latest DevWorkspace operator bundle 0.21.2 (0.21-7) or newer is also installed and updated. See https://catalog.redhat.com/software/containers/devworkspace/devworkspace-operator-bundle/60ec9f48744684587e2186a3

The resulting binaries can be scanned and should pass without error.

As they are not related to cryptography, they do not affect FIPS compliance.

There is currently a known issue for users who are using a Kubernetes Secret with their Git-provider credentials. The user name and email for Git operations in workspaces for those users are currently taken from the user-profile Secret of the <user>-devspaces namespace.

Currently, the debugger in Microsoft Visual Studio Code - Open Source does not work in the .NET sample.