Introduction
JetBrains Qodana is a continuous code-quality platform and Qodana Self-Hosted is an On-Premises product that allows users to use Qodana in their own infrastructure.
The Self-Hosted edition already ships a Helm chart, but it requires manual value adjustment and offers no API-native way to express higher-level concepts such as SAML or OIDC identity providers, Backup and/or Restore policies, passwords and/or TLS keys rotation.
Kubernetes Operators encapsulate domain knowledge in code, extending the Kubernetes API through Custom Resource Definitions (CRDs) and a reconciliation loop. Building an Operator for Qodana will provide:
Git-Ops friendly, declarative management of Qodana instances and their advanced settings. Imperative administration procedures are automated in full by the controller.
Automated lifecycle operations (install, upgrade, scale, back-up, restore and install from a backup).
• Day-0/Day-2 configuration automation (e.g., enabling SAML by simply applying a QodanaSAML resource).
Goals
Design CRDs that model Qodana entities, for example as follows below:
• QodanaInstance – wraps the Helm release parameters;
• QodanaSAML – SAML identity provider configuration;
• QodanaOIDC – OIDC identity provider configuration;
• QodanaDataResources - stateful services that serve to host application data.
Implement an Operator with full reconciliation logic:
Translate CRD changes to application reconfiguration;
Patch the Qodana ConfigMaps/Secrets with SAML or OIDC settings;
Status reporting & error handling;
Export metrics.
Ship production-grade artefacts:
Container image of the Operator;
Helm Chart bundle to install the Operator;
Examples of deployment & documentation.
Testing & CI/CD
Kind-based e2e tests in CI;
Unit tests for reconciliation logic;
Static analysis (yes—run Qodana on the Operator itself).
Deliverables
Git repository with:
Operator source code;
CRD YAMLs (v1);
Sample manifests (samples/);
Automated tests & workflow files.
Container images;
Demo video (≤5 min) showing:
Update flow & status conditions.
Documentation:
Requirements Analysis Document;
Technological and Product Baseline Document;
User Manual Document.
Key Learning Outcomes
Fundamentals of Platform Engineering;
Deep understanding of Kubernetes control-plane mechanics (CRDs, reconciliation, events);
Kubernetes-native application development;
Practical experience with Go (or chosen language), Helm libraries, testing Kubernetes workloads;
Secure handling of secrets & identity federation protocols (SAML/OIDC) in cloud-native apps;
CI/CD automation and container image lifecycle;
• Writing developer-facing documentation and producing demos.
Example Resources
# qodana-instance.yaml
apiVersion: qodana.jetbrains.com/v1alpha1
kind: QodanaInstance
metadata:
name: qodana-prod
spec:
version: "2024.2.0"
ingress:
host: qodana.example.com
tlsSecret: qodana-tls
resources:
limits:
cpu: "4"
memory: "8Gi"
persistence:
size: 50Gi
# saml.yaml
apiVersion: qodana.jetbrains.com/v1alpha1
kind: QodanaSAML
metadata:
name: qodana-prod-saml
spec:
instanceRef: qodana-prod
idpMetadataURL: https://id.example.com/metadata
entityID: https://qodana.example.com
signatureAlgorithm: RSA_SHA512
groupsAttribute: "memberOf"
# oidc.yaml
apiVersion: qodana.jetbrains.com/v1alpha1
kind: QodanaOIDC
metadata:
name: qodana-prod-oidc
spec:
instanceRef: qodana-prod
issuerURL: https://login.example.com
clientIDSecretRef:
name: qodana-oidc-client
key: clientID
clientSecretSecretRef:
name: qodana-oidc-client
key: clientSecret
scopes:
- openid
- profile
- email
Notes
The mentor will provide an initialised environment for the development of the product: A Git repository, a Docker and Helm repository for storing the final artefacts. A local Kubernetes cluster where to deploy and test the Operator. There is also a Helm Chart for the Qodana Self-Hosted on Kubernetes.
It would be great if you:
are familiar with Docker;
had some exposure in the past to container orchestrators.
if not, it is fine too! You'll learn with us :)
A few soft skills:
Goal orientation;
Autonomy;
Great sense of humor.