summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--Dockerfile26
-rw-r--r--openshift-ansible.spec35
-rw-r--r--playbooks/adhoc/uninstall.yml8
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml14
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml2
-rw-r--r--roles/docker/defaults/main.yml2
-rw-r--r--roles/docker/tasks/main.yml41
-rw-r--r--roles/docker/vars/main.yml2
-rwxr-xr-xroles/docker_storage_setup/tasks/main.yml2
-rw-r--r--roles/lib_openshift_api/build/ansible/edit.py84
-rw-r--r--roles/lib_openshift_api/build/ansible/obj.py7
-rwxr-xr-xroles/lib_openshift_api/build/generate.py12
-rw-r--r--roles/lib_openshift_api/build/src/base.py55
-rw-r--r--roles/lib_openshift_api/build/src/edit.py49
-rwxr-xr-xroles/lib_openshift_api/build/test/edit.yml53
-rw-r--r--roles/lib_openshift_api/build/test/files/dc.yml9
-rw-r--r--roles/lib_openshift_api/library/oc_edit.py619
-rw-r--r--roles/lib_openshift_api/library/oc_obj.py219
-rw-r--r--roles/lib_openshift_api/library/oc_secret.py212
-rw-r--r--roles/lib_yaml_editor/build/ansible/yedit.py9
-rwxr-xr-xroles/lib_yaml_editor/build/generate.py9
-rw-r--r--roles/lib_yaml_editor/build/src/base.py8
-rw-r--r--roles/lib_yaml_editor/build/src/yedit.py157
-rw-r--r--roles/lib_yaml_editor/build/test/foo.yml2
-rw-r--r--roles/lib_yaml_editor/library/yedit.py174
-rw-r--r--roles/lib_zabbix/library/zbx_user.py2
-rw-r--r--roles/openshift_cli/defaults/main.yml (renamed from roles/openshift_cli/vars/main.yml)0
-rw-r--r--roles/openshift_cli/meta/main.yml1
-rw-r--r--roles/openshift_common/defaults/main.yml1
-rw-r--r--roles/openshift_common/vars/main.yml1
-rw-r--r--roles/openshift_docker/meta/main.yml1
-rw-r--r--roles/openshift_docker_facts/tasks/main.yml16
-rw-r--r--roles/openshift_docker_facts/vars/main.yml2
-rwxr-xr-xroles/openshift_examples/examples-sync.sh4
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json4
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json4
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-sso-s2i.json663
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-basic-s2i.json (renamed from roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-basic-s2i.json)97
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-https-s2i.json499
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-persistent-s2i.json755
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-persistent-s2i.json (renamed from roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-persistent-s2i.json)254
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-s2i.json (renamed from roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-s2i.json)254
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-persistent-s2i.json (renamed from roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-persistent-s2i.json)254
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-s2i.json (renamed from roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-s2i.json)254
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-basic.json446
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql-persistent.json658
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql.json627
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql-persistent.json631
-rw-r--r--roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql.json600
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-streams/jboss-image-streams.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-persistent-ssl.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-ssl.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-https.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-amq-s2i.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-basic-s2i.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-https-s2i.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-sso-s2i.json663
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-basic-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-https-s2i.json4
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-persistent-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-persistent-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-persistent-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-s2i.json6
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-https-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-s2i.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-persistent-s2i.json982
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-s2i.json942
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-persistent-s2i.json955
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-s2i.json915
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-basic.json446
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql-persistent.json658
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql.json627
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql-persistent.json631
-rw-r--r--roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql.json600
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py31
-rw-r--r--roles/openshift_facts/tasks/main.yml2
-rw-r--r--roles/openshift_master/defaults/main.yml2
-rw-r--r--roles/openshift_master/meta/main.yml1
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j222
-rw-r--r--roles/openshift_master/vars/main.yml1
-rw-r--r--roles/openshift_master_cluster/tasks/main.yml4
-rw-r--r--roles/openshift_master_facts/tasks/main.yml7
-rw-r--r--roles/openshift_node/defaults/main.yml1
-rw-r--r--roles/openshift_node/vars/main.yml1
-rw-r--r--roles/os_zabbix/vars/template_heartbeat.yml5
-rw-r--r--test/env-setup2
-rwxr-xr-xtest/units/yedit_test.py68
-rw-r--r--utils/src/ooinstall/cli_installer.py20
-rw-r--r--utils/src/ooinstall/oo_config.py2
-rw-r--r--utils/src/ooinstall/openshift_ansible.py3
-rw-r--r--utils/test/cli_installer_tests.py148
-rw-r--r--utils/test/fixture.py10
153 files changed, 11783 insertions, 4883 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index 7f350f435..653c6bab7 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.0.70-1 ./
+3.0.74-1 ./
diff --git a/Dockerfile b/Dockerfile
index 02ab51680..70f6f8a18 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,23 @@
FROM rhel7
-MAINTAINER Aaron Weitekamp <aweiteka@redhat.com>
+MAINTAINER Troy Dawson <tdawson@redhat.com>
-RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+LABEL Name="openshift3/installer"
+LABEL Vendor="Red Hat" License=GPLv2+
+LABEL Version="v3.1.1.901"
+LABEL Release="6"
+LABEL BZComponent="aos3-installation-docker"
+LABEL Architecture="x86_64"
-# Not sure if all of these packages are necessary
-# only git and ansible are known requirements
-RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils git ansible pyOpenSSL
+RUN INSTALL_PKGS="atomic-openshift-utils" && \
+ yum install -y --enablerepo=rhel-7-server-ose-3.2-rpms $INSTALL_PKGS && \
+ rpm -V $INSTALL_PKGS && \
+ yum clean all
-ADD ./ /opt/openshift-ansible/
+# Expect user to mount a workdir for container output (installer.cfg, hosts inventory, ansible log)
+VOLUME /var/lib/openshift-installer/
+WORKDIR /var/lib/openshift-installer/
-ENTRYPOINT ["/usr/bin/ansible-playbook"]
+RUN mkdir -p /var/lib/openshift-installer/
-CMD ["/opt/openshift-ansible/playbooks/byo/config.yml"]
-
-LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE
+ENTRYPOINT ["/usr/bin/atomic-openshift-installer", "-c", "/var/lib/openshift-installer/installer.cfg", "--ansible-log-path", "/var/lib/openshift-installer/ansible.log"]
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index 0ce628dfa..225321aa2 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -5,7 +5,7 @@
}
Name: openshift-ansible
-Version: 3.0.70
+Version: 3.0.74
Release: 1%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
@@ -279,6 +279,39 @@ Atomic OpenShift Utilities includes
%changelog
+* Wed Apr 06 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.74-1
+- Add support for configuring oauth templates. (dgoodwin@redhat.com)
+- Add support for templating master admissionConfig. (dgoodwin@redhat.com)
+
+* Wed Apr 06 2016 Troy Dawson <tdawson@redhat.com> 3.0.73-1
+- Replace unused Dockerfile with one used for official builds.
+ (dgoodwin@redhat.com)
+- Update for zbx_user refresh (kwoodson@redhat.com)
+- Docker 1.9 is actually cool starting in origin 1.1.4 (sdodson@redhat.com)
+- Unmask services (bleanhar@redhat.com)
+- XPAAS v1.3 for OSE 3.2 (sdodson@redhat.com)
+- XPAAS 1.3 content for OSE 3.1 (sdodson@redhat.com)
+- Bug 1322788 - The IMAGE_VERSION wasn't added to atomic-openshift-master-api
+ and atomic-openshift-master-controllers (bleanhar@redhat.com)
+- Bug 1323123 - upgrade failed to containerized OSE on RHEL Host without ose3.2
+ repo (bleanhar@redhat.com)
+- Write inventory to same directory as quick install config.
+ (dgoodwin@redhat.com)
+- Add --gen-inventory command to atomic-openshift-installer.
+ (dgoodwin@redhat.com)
+
+* Tue Apr 05 2016 Troy Dawson <tdawson@redhat.com> 3.0.72-1
+- when docker is installed, make it 1.8.2 to avoid issues (mwoodson@redhat.com)
+- Downgrade to docker 1.8.2 if installing OSE < 3.2 (sdodson@redhat.com)
+- Pacemaker is unsupported for 3.2 (bleanhar@redhat.com)
+- Fixing regexp. Periods are no longer allowed (kwoodson@redhat.com)
+- We require docker 1.9 for the 3.2 upgrade (bleanhar@redhat.com)
+
+* Mon Apr 04 2016 Troy Dawson <tdawson@redhat.com> 3.0.71-1
+- Fixed oc_edit by requiring name and content (kwoodson@redhat.com)
+- add higher severity trigger if no heartbeat for 1 hour (jdiaz@redhat.com)
+- Yedit enhancements (kwoodson@redhat.com)
+
* Fri Apr 01 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.70-1
- Enable Ansible ssh pipelining to speedup deployment (lhuard@amadeus.com)
- Allow for overriding scheduler config (jdetiber@redhat.com)
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index 680964d80..8fb515982 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -53,6 +53,14 @@
- pcsd
failed_when: false
+ - name: unmask services
+ command: systemctl unmask "{{ item }}"
+ changed_when: False
+ failed_when: False
+ with_items:
+ - etcd
+ - firewalld
+
- name: Stop additional atomic services
service: name={{ item }} state=stopped
when: is_containerized | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
index cc587bfa1..2bd625257 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
@@ -1,7 +1,7 @@
- include_vars: ../../../../../roles/openshift_node/vars/main.yml
- name: Update systemd units
- include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=g_aos_versions.avail_version
+ include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=v{{ g_aos_versions.avail_version }}
- name: Verifying the correct version was configured
shell: grep {{ verify_upgrade_version }} {{ item }}
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
index 6804de992..6e6f31195 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
@@ -25,6 +25,7 @@
hosts: oo_first_master
vars:
target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}"
+ g_pacemaker_upgrade_url_segment: "{{ 'org/latest' if deployment_type =='origin' else '.com/enterprise/3.1' }}"
gather_facts: no
tasks:
- fail:
@@ -35,6 +36,12 @@
- fail:
msg: >
+ This upgrade does not support Pacemaker:
+ https://docs.openshift.{{ g_pacemaker_upgrade_url_segment }}/install_config/upgrading/pacemaker_to_native_ha.html
+ when: openshift.master.cluster_method == 'pacemaker'
+
+ - fail:
+ msg: >
openshift_pkg_version is {{ openshift_pkg_version }} which is not a
valid version for a {{ target_version }} upgrade
when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<')
@@ -146,14 +153,14 @@
when: inventory_hostname in groups.oo_masters_to_config
- name: Update systemd units
- include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=g_aos_versions.curr_version
+ include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=v{{ g_aos_versions.curr_version }}
when: inventory_hostname in groups.oo_masters_to_config
- include_vars: ../../../../../roles/openshift_node/vars/main.yml
when: inventory_hostname in groups.oo_nodes_to_config
- name: Update systemd units
- include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=g_aos_versions.curr_version
+ include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=v{{g_aos_versions.curr_version}}
when: inventory_hostname in groups.oo_nodes_to_config
# Note: the version number is hardcoded here in hopes of catching potential
@@ -204,8 +211,7 @@
- fail:
msg: This playbook requires access to Docker 1.9 or later
- when: not openshift.common.is_atomic | bool
- and (g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.9','<'))
+ when: g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.9','<')
# TODO: add check to upgrade ostree to get latest Docker
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
index b393b64fe..041ad5a9a 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
@@ -56,7 +56,7 @@
- include_vars: ../../../../../roles/openshift_master/vars/main.yml
- name: Update systemd units
- include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=g_aos_versions.avail_version
+ include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=v{{ g_aos_versions.avail_version }}
# - name: Upgrade master configuration
# openshift_upgrade_config:
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
new file mode 100644
index 000000000..1b26af0dd
--- /dev/null
+++ b/roles/docker/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+docker_version: '' \ No newline at end of file
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 9709c5014..9cf949d65 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,32 +1,29 @@
---
# tasks file for docker
-# Avoid docker 1.9 when installing origin < 1.2 or OSE < 3.2 on RHEL/Centos and
-# See: https://bugzilla.redhat.com/show_bug.cgi?id=1304038
+- name: Get current installed version if docker_version is specified
+ command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
+ when: not openshift.common.is_atomic | bool and docker_version != ''
+ register: docker_version_result
+ changed_when: false
-- name: Default to latest docker for 1.2/3.2 or Fedora
- set_fact:
- docker_version: ''
- when: openshift.common.version_gte_3_2_or_1_2 | bool or ansible_distribution == 'Fedora'
+- name: Downgrade docker if necessary
+ command: "{{ ansible_pkg_mgr }} downgrade -y docker-{{ docker_version }}"
+ register: docker_downgrade_result
+ when: not docker_version_result | skipped and docker_version_result | default('0.0', True) | version_compare(docker_version, 'gt')
-- name: Gather latest version of docker
- shell: >
- yum list available -e 0 -q "docker" 2>&1 | tail -n +2 | awk '{ print $2 }' | sort -r | tr '\n' ' ' | tail -n 1
- register: latest_docker
- when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora'
-
-- name: Check if Docker 1.9 is the latest
- set_fact:
- docker19_is_latest: "{{ True if '1.9' in latest_docker.stdout else False }}"
- when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora'
+- name: Install docker
+ action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version != '' else '' }} state=present"
+ when: not openshift.common.is_atomic | bool and not docker_downgrade_result | changed
-- set_fact:
- docker_version: "{{ '-1.8.2' if docker19_is_latest | bool else ''}}"
- when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora'
+- stat: path=/etc/sysconfig/docker
+ register: docker_check
+ when: docker_downgrade_result | changed
-- name: Install docker
- action: "{{ ansible_pkg_mgr }} name=docker{{ docker_version }} state=present"
- when: not openshift.common.is_atomic | bool
+- name: Remove deferred deletion for downgrades from 1.9
+ command: >
+ sed -i 's/--storage-opt dm.use_deferred_deletion=true//' /etc/sysconfig/docker-storage
+ when: docker_downgrade_result | changed and docker_check.stat.exists | bool and docker_version_result | default('0.0', True) | version_compare('1.9', '>=') and docker_version | version_compare('1.9', '<')
- name: enable and start the docker service
service:
diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml
index 162487545..606cdb9b9 100644
--- a/roles/docker/vars/main.yml
+++ b/roles/docker/vars/main.yml
@@ -1,3 +1,3 @@
---
-
+repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d
diff --git a/roles/docker_storage_setup/tasks/main.yml b/roles/docker_storage_setup/tasks/main.yml
index 8af9bbe1e..21c80e36e 100755
--- a/roles/docker_storage_setup/tasks/main.yml
+++ b/roles/docker_storage_setup/tasks/main.yml
@@ -2,7 +2,7 @@
- name: Ensure docker is installed
action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
with_items:
- - docker
+ - docker-1.8.2
# Docker doesn't seem to start cleanly the first time run
# when loopback (not directlvm) is configured. Putting in an
diff --git a/roles/lib_openshift_api/build/ansible/edit.py b/roles/lib_openshift_api/build/ansible/edit.py
new file mode 100644
index 000000000..943fa47a6
--- /dev/null
+++ b/roles/lib_openshift_api/build/ansible/edit.py
@@ -0,0 +1,84 @@
+# pylint: skip-file
+
+def main():
+ '''
+ ansible oc module for services
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
+ state=dict(default='present', type='str',
+ choices=['present']),
+ debug=dict(default=False, type='bool'),
+ namespace=dict(default='default', type='str'),
+ name=dict(default=None, required=True, type='str'),
+ kind=dict(required=True,
+ type='str',
+ choices=['dc', 'deploymentconfig',
+ 'svc', 'service',
+ 'scc', 'securitycontextconstraints',
+ 'ns', 'namespace', 'project', 'projects',
+ 'is', 'imagestream',
+ 'istag', 'imagestreamtag',
+ 'bc', 'buildconfig',
+ 'routes',
+ 'node',
+ 'secret',
+ ]),
+ file_name=dict(default=None, type='str'),
+ file_format=dict(default='yaml', type='str'),
+ content=dict(default=None, required=True, type='dict'),
+ force=dict(default=False, type='bool'),
+ ),
+ supports_check_mode=True,
+ )
+ ocedit = Edit(module.params['kind'],
+ module.params['namespace'],
+ module.params['name'],
+ kubeconfig=module.params['kubeconfig'],
+ verbose=module.params['debug'])
+
+ state = module.params['state']
+
+ api_rval = ocedit.get()
+
+ ########
+ # Create
+ ########
+ if not Utils.exists(api_rval['results'], module.params['name']):
+ module.fail_json(msg=api_rval)
+
+ ########
+ # Update
+ ########
+ api_rval = ocedit.update(module.params['file_name'],
+ module.params['content'],
+ module.params['force'],
+ module.params['file_format'])
+
+
+ if api_rval['returncode'] != 0:
+ module.fail_json(msg=api_rval)
+
+ if api_rval.has_key('updated') and not api_rval['updated']:
+ module.exit_json(changed=False, results=api_rval, state="present")
+
+ # return the created object
+ api_rval = ocedit.get()
+
+ if api_rval['returncode'] != 0:
+ module.fail_json(msg=api_rval)
+
+ module.exit_json(changed=True, results=api_rval, state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/lib_openshift_api/build/ansible/obj.py b/roles/lib_openshift_api/build/ansible/obj.py
index 0796d807e..a14ac0e43 100644
--- a/roles/lib_openshift_api/build/ansible/obj.py
+++ b/roles/lib_openshift_api/build/ansible/obj.py
@@ -19,6 +19,13 @@ def main():
type='str',
choices=['dc', 'deploymentconfig',
'svc', 'service',
+ 'scc', 'securitycontextconstraints',
+ 'ns', 'namespace', 'project', 'projects',
+ 'is', 'imagestream',
+ 'istag', 'imagestreamtag',
+ 'bc', 'buildconfig',
+ 'routes',
+ 'node',
'secret',
]),
delete_after=dict(default=False, type='bool'),
diff --git a/roles/lib_openshift_api/build/generate.py b/roles/lib_openshift_api/build/generate.py
index 877ca1766..cf3f61d2c 100755
--- a/roles/lib_openshift_api/build/generate.py
+++ b/roles/lib_openshift_api/build/generate.py
@@ -15,6 +15,7 @@ GEN_STR = "#!/usr/bin/env python\n" + \
"# | |) | (_) | | .` | (_) || | | _|| |) | | | |\n" + \
"# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_|\n"
+OPENSHIFT_ANSIBLE_PATH = os.path.dirname(os.path.realpath(__file__))
FILES = {'oc_obj.py': ['src/base.py',
@@ -27,18 +28,23 @@ FILES = {'oc_obj.py': ['src/base.py',
'src/secret.py',
'ansible/secret.py',
],
+ 'oc_edit.py': ['src/base.py',
+ '../../lib_yaml_editor/build/src/yedit.py',
+ 'src/edit.py',
+ 'ansible/edit.py',
+ ],
}
def main():
''' combine the necessary files to create the ansible module '''
- openshift_ansible = ('../library/')
+ library = os.path.join(OPENSHIFT_ANSIBLE_PATH, '..', 'library/')
for fname, parts in FILES.items():
- with open(os.path.join(openshift_ansible, fname), 'w') as afd:
+ with open(os.path.join(library, fname), 'w') as afd:
afd.seek(0)
afd.write(GEN_STR)
for fpart in parts:
- with open(fpart) as pfd:
+ with open(os.path.join(OPENSHIFT_ANSIBLE_PATH, fpart)) as pfd:
# first line is pylint disable so skip it
for idx, line in enumerate(pfd):
if idx == 0 and 'skip-file' in line:
diff --git a/roles/lib_openshift_api/build/src/base.py b/roles/lib_openshift_api/build/src/base.py
index 31c102e5d..66831c4e2 100644
--- a/roles/lib_openshift_api/build/src/base.py
+++ b/roles/lib_openshift_api/build/src/base.py
@@ -8,7 +8,15 @@ import json
import os
import shutil
import subprocess
+import re
+
import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ '''return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
# pylint: disable=too-few-public-methods
class OpenShiftCLI(object):
@@ -32,8 +40,14 @@ class OpenShiftCLI(object):
fname = '/tmp/%s' % rname
yed = Yedit(fname, res['results'][0])
+ changes = []
for key, value in content.items():
- yed.put(key, value)
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
atexit.register(Utils.cleanup, [fname])
@@ -76,7 +90,9 @@ class OpenShiftCLI(object):
cmds = ['/usr/bin/oc']
cmds.extend(cmd)
+ rval = {}
results = ''
+ err = None
if self.verbose:
print ' '.join(cmds)
@@ -85,27 +101,42 @@ class OpenShiftCLI(object):
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env={'KUBECONFIG': self.kubeconfig})
+
proc.wait()
+ stdout = proc.stdout.read()
+ stderr = proc.stderr.read()
+
+ rval = {"returncode": proc.returncode,
+ "results": results,
+ }
+
if proc.returncode == 0:
if output:
try:
- results = json.loads(proc.stdout.read())
+ rval['results'] = json.loads(stdout)
except ValueError as err:
if "No JSON object could be decoded" in err.message:
- results = err.message
+ err = err.message
if self.verbose:
- print proc.stderr.read()
- print results
+ print stdout
+ print stderr
print
- return {"returncode": proc.returncode, "results": results}
+ if err:
+ rval.update({"err": err,
+ "stderr": stderr,
+ "stdout": stdout,
+ "cmd": cmds
+ })
- return {"returncode": proc.returncode,
- "stderr": proc.stderr.read(),
- "stdout": proc.stdout.read(),
- "results": {}
- }
+ else:
+ rval.update({"stderr": stderr,
+ "stdout": stdout,
+ "results": {},
+ })
+
+ return rval
class Utils(object):
''' utilities for openshiftcli modules '''
@@ -179,7 +210,7 @@ class Utils(object):
contents = sfd.read()
if sfile_type == 'yaml':
- contents = yaml.load(contents)
+ contents = yaml.safe_load(contents)
elif sfile_type == 'json':
contents = json.loads(contents)
diff --git a/roles/lib_openshift_api/build/src/edit.py b/roles/lib_openshift_api/build/src/edit.py
new file mode 100644
index 000000000..7020ace47
--- /dev/null
+++ b/roles/lib_openshift_api/build/src/edit.py
@@ -0,0 +1,49 @@
+# pylint: skip-file
+
+class Edit(OpenShiftCLI):
+ ''' Class to wrap the oc command line tools
+ '''
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ kind,
+ namespace,
+ resource_name=None,
+ kubeconfig='/etc/origin/master/admin.kubeconfig',
+ verbose=False):
+ ''' Constructor for OpenshiftOC '''
+ super(Edit, self).__init__(namespace, kubeconfig)
+ self.namespace = namespace
+ self.kind = kind
+ self.name = resource_name
+ self.kubeconfig = kubeconfig
+ self.verbose = verbose
+
+ def get(self):
+ '''return a secret by name '''
+ return self._get(self.kind, self.name)
+
+ def update(self, file_name, content, force=False, content_type='yaml'):
+ '''run update '''
+ if file_name:
+ if content_type == 'yaml':
+ data = yaml.load(open(file_name))
+ elif content_type == 'json':
+ data = json.loads(open(file_name).read())
+
+ changes = []
+ yed = Yedit(file_name, data)
+ for key, value in content.items():
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
+
+ atexit.register(Utils.cleanup, [file_name])
+
+ return self._replace(file_name, force=force)
+
+ return self._replace_content(self.kind, self.name, content, force=force)
+
+
diff --git a/roles/lib_openshift_api/build/test/edit.yml b/roles/lib_openshift_api/build/test/edit.yml
new file mode 100755
index 000000000..9aa01303a
--- /dev/null
+++ b/roles/lib_openshift_api/build/test/edit.yml
@@ -0,0 +1,53 @@
+#!/usr/bin/ansible-playbook
+---
+- hosts: "oo_clusterid_mwoodson:&oo_version_3:&oo_master_primary"
+ gather_facts: no
+ user: root
+
+ post_tasks:
+ - copy:
+ dest: "/tmp/{{ item }}"
+ src: "files/{{ item }}"
+ with_items:
+ - dc.yml
+
+ - name: present dc
+ oc_edit:
+ kind: dc
+ namespace: default
+ name: router
+ content:
+ spec.template.spec.containers[0].ports[0].containerPort: 80
+ spec.template.spec.containers[0].ports[0].hostPort: 80
+ register: dcout
+
+ - debug:
+ var: dcout
+
+ - name: present dc
+ oc_edit:
+ kind: dc
+ namespace: default
+ name: router
+ content:
+ spec.template.spec.containers[0].ports[0].containerPort: 81
+ spec.template.spec.containers[0].ports[0].hostPort: 81
+ file_format: yaml
+ register: dcout
+
+ - debug:
+ var: dcout
+
+ - name: present dc
+ oc_edit:
+ kind: dc
+ namespace: default
+ name: router
+ content:
+ spec.template.spec.containers[0].ports[0].containerPort: 80
+ spec.template.spec.containers[0].ports[0].hostPort: 80
+ file_format: yaml
+ register: dcout
+
+ - debug:
+ var: dcout
diff --git a/roles/lib_openshift_api/build/test/files/dc.yml b/roles/lib_openshift_api/build/test/files/dc.yml
index 7992c90dd..24f690ef4 100644
--- a/roles/lib_openshift_api/build/test/files/dc.yml
+++ b/roles/lib_openshift_api/build/test/files/dc.yml
@@ -1,14 +1,14 @@
apiVersion: v1
kind: DeploymentConfig
metadata:
- creationTimestamp: 2016-03-18T19:47:45Z
+ creationTimestamp: 2016-04-01T15:23:29Z
labels:
router: router
name: router
namespace: default
- resourceVersion: "84016"
+ resourceVersion: "1338477"
selfLink: /oapi/v1/namespaces/default/deploymentconfigs/router
- uid: 48f8b9d9-ed42-11e5-9903-0a9a9d4e7f2b
+ uid: b00c7eba-f81d-11e5-809b-0a581f893e3f
spec:
replicas: 2
selector:
@@ -117,5 +117,4 @@ status:
details:
causes:
- type: ConfigChange
- latestVersion: 1
-
+ latestVersion: 12
diff --git a/roles/lib_openshift_api/library/oc_edit.py b/roles/lib_openshift_api/library/oc_edit.py
new file mode 100644
index 000000000..44e77331d
--- /dev/null
+++ b/roles/lib_openshift_api/library/oc_edit.py
@@ -0,0 +1,619 @@
+#!/usr/bin/env python
+# ___ ___ _ _ ___ ___ _ _____ ___ ___
+# / __| __| \| | __| _ \ /_\_ _| __| \
+# | (_ | _|| .` | _|| / / _ \| | | _|| |) |
+# \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
+# | \ / _ \ | \| |/ _ \_ _| | __| \_ _|_ _|
+# | |) | (_) | | .` | (_) || | | _|| |) | | | |
+# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_|
+'''
+ OpenShiftCLI class that wraps the oc commands in a subprocess
+'''
+
+import atexit
+import json
+import os
+import shutil
+import subprocess
+import re
+
+import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ '''return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
+
+# pylint: disable=too-few-public-methods
+class OpenShiftCLI(object):
+ ''' Class to wrap the oc command line tools '''
+ def __init__(self,
+ namespace,
+ kubeconfig='/etc/origin/master/admin.kubeconfig',
+ verbose=False):
+ ''' Constructor for OpenshiftOC '''
+ self.namespace = namespace
+ self.verbose = verbose
+ self.kubeconfig = kubeconfig
+
+ # Pylint allows only 5 arguments to be passed.
+ # pylint: disable=too-many-arguments
+ def _replace_content(self, resource, rname, content, force=False):
+ ''' replace the current object with the content '''
+ res = self._get(resource, rname)
+ if not res['results']:
+ return res
+
+ fname = '/tmp/%s' % rname
+ yed = Yedit(fname, res['results'][0])
+ changes = []
+ for key, value in content.items():
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
+
+ atexit.register(Utils.cleanup, [fname])
+
+ return self._replace(fname, force)
+
+ def _replace(self, fname, force=False):
+ '''return all pods '''
+ cmd = ['-n', self.namespace, 'replace', '-f', fname]
+ if force:
+ cmd.append('--force')
+ return self.oc_cmd(cmd)
+
+ def _create(self, fname):
+ '''return all pods '''
+ return self.oc_cmd(['create', '-f', fname, '-n', self.namespace])
+
+ def _delete(self, resource, rname):
+ '''return all pods '''
+ return self.oc_cmd(['delete', resource, rname, '-n', self.namespace])
+
+ def _get(self, resource, rname=None):
+ '''return a secret by name '''
+ cmd = ['get', resource, '-o', 'json', '-n', self.namespace]
+ if rname:
+ cmd.append(rname)
+
+ rval = self.oc_cmd(cmd, output=True)
+
+ # Ensure results are retuned in an array
+ if rval.has_key('items'):
+ rval['results'] = rval['items']
+ elif not isinstance(rval['results'], list):
+ rval['results'] = [rval['results']]
+
+ return rval
+
+ def oc_cmd(self, cmd, output=False):
+ '''Base command for oc '''
+ #cmds = ['/usr/bin/oc', '--config', self.kubeconfig]
+ cmds = ['/usr/bin/oc']
+ cmds.extend(cmd)
+
+ rval = {}
+ results = ''
+ err = None
+
+ if self.verbose:
+ print ' '.join(cmds)
+
+ proc = subprocess.Popen(cmds,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE,
+ env={'KUBECONFIG': self.kubeconfig})
+
+ proc.wait()
+ stdout = proc.stdout.read()
+ stderr = proc.stderr.read()
+
+ rval = {"returncode": proc.returncode,
+ "results": results,
+ }
+
+ if proc.returncode == 0:
+ if output:
+ try:
+ rval['results'] = json.loads(stdout)
+ except ValueError as err:
+ if "No JSON object could be decoded" in err.message:
+ err = err.message
+
+ if self.verbose:
+ print stdout
+ print stderr
+ print
+
+ if err:
+ rval.update({"err": err,
+ "stderr": stderr,
+ "stdout": stdout,
+ "cmd": cmds
+ })
+
+ else:
+ rval.update({"stderr": stderr,
+ "stdout": stdout,
+ "results": {},
+ })
+
+ return rval
+
+class Utils(object):
+ ''' utilities for openshiftcli modules '''
+ @staticmethod
+ def create_file(rname, data, ftype=None):
+ ''' create a file in tmp with name and contents'''
+ path = os.path.join('/tmp', rname)
+ with open(path, 'w') as fds:
+ if ftype == 'yaml':
+ fds.write(yaml.safe_dump(data, default_flow_style=False))
+
+ elif ftype == 'json':
+ fds.write(json.dumps(data))
+ else:
+ fds.write(data)
+
+ # Register cleanup when module is done
+ atexit.register(Utils.cleanup, [path])
+ return path
+
+ @staticmethod
+ def create_files_from_contents(data):
+ '''Turn an array of dict: filename, content into a files array'''
+ files = []
+
+ for sfile in data:
+ path = Utils.create_file(sfile['path'], sfile['content'])
+ files.append(path)
+
+ return files
+
+ @staticmethod
+ def cleanup(files):
+ '''Clean up on exit '''
+ for sfile in files:
+ if os.path.exists(sfile):
+ if os.path.isdir(sfile):
+ shutil.rmtree(sfile)
+ elif os.path.isfile(sfile):
+ os.remove(sfile)
+
+
+ @staticmethod
+ def exists(results, _name):
+ ''' Check to see if the results include the name '''
+ if not results:
+ return False
+
+
+ if Utils.find_result(results, _name):
+ return True
+
+ return False
+
+ @staticmethod
+ def find_result(results, _name):
+ ''' Find the specified result by name'''
+ rval = None
+ for result in results:
+ if result.has_key('metadata') and result['metadata']['name'] == _name:
+ rval = result
+ break
+
+ return rval
+
+ @staticmethod
+ def get_resource_file(sfile, sfile_type='yaml'):
+ ''' return the service file '''
+ contents = None
+ with open(sfile) as sfd:
+ contents = sfd.read()
+
+ if sfile_type == 'yaml':
+ contents = yaml.safe_load(contents)
+ elif sfile_type == 'json':
+ contents = json.loads(contents)
+
+ return contents
+
+ # Disabling too-many-branches. This is a yaml dictionary comparison function
+ # pylint: disable=too-many-branches,too-many-return-statements
+ @staticmethod
+ def check_def_equal(user_def, result_def, debug=False):
+ ''' Given a user defined definition, compare it with the results given back by our query. '''
+
+ # Currently these values are autogenerated and we do not need to check them
+ skip = ['metadata', 'status']
+
+ for key, value in result_def.items():
+ if key in skip:
+ continue
+
+ # Both are lists
+ if isinstance(value, list):
+ if not isinstance(user_def[key], list):
+ return False
+
+ # lists should be identical
+ if value != user_def[key]:
+ return False
+
+ # recurse on a dictionary
+ elif isinstance(value, dict):
+ if not isinstance(user_def[key], dict):
+ if debug:
+ print "dict returned false not instance of dict"
+ return False
+
+ # before passing ensure keys match
+ api_values = set(value.keys()) - set(skip)
+ user_values = set(user_def[key].keys()) - set(skip)
+ if api_values != user_values:
+ if debug:
+ print api_values
+ print user_values
+ print "keys are not equal in dict"
+ return False
+
+ result = Utils.check_def_equal(user_def[key], value, debug=debug)
+ if not result:
+ if debug:
+ print "dict returned false"
+ return False
+
+ # Verify each key, value pair is the same
+ else:
+ if not user_def.has_key(key) or value != user_def[key]:
+ if debug:
+ print "value not equal; user_def does not have key"
+ print value
+ print user_def[key]
+ return False
+
+ return True
+
+class YeditException(Exception):
+ ''' Exception class for Yedit '''
+ pass
+
+class Yedit(object):
+ ''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([a-zA-Z-./]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([a-zA-Z-./]+)"
+
+ def __init__(self, filename=None, content=None, content_type='yaml'):
+ self.content = content
+ self.filename = filename
+ self.__yaml_dict = content
+ self.content_type = content_type
+ if self.filename and not self.content:
+ self.load(content_type=self.content_type)
+
+ @property
+ def yaml_dict(self):
+ ''' getter method for yaml_dict '''
+ return self.__yaml_dict
+
+ @yaml_dict.setter
+ def yaml_dict(self, value):
+ ''' setter method for yaml_dict '''
+ self.__yaml_dict = value
+
+ @staticmethod
+ def remove_entry(data, key):
+ ''' remove data at location key '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
+
+ @staticmethod
+ def add_entry(data, key, item=None):
+ ''' Get an item from a dictionary with key notation a.b.c
+ d = {'a': {'b': 'c'}}}
+ key = a.b
+ return c
+ '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ curr_data = data
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and data.has_key(dict_key):
+ data = data[dict_key]
+ continue
+
+ data[dict_key] = {}
+ data = data[dict_key]
+
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for add
+ # expected list entry
+ if key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ data[int(key_indexes[-1][0])] = item
+
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ return curr_data
+
+ @staticmethod
+ def get_entry(data, key):
+ ''' Get an item from a dictionary with key notation a.b.c
+ d = {'a': {'b': 'c'}}}
+ key = a.b
+ return c
+ '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ return data
+
+ def write(self):
+ ''' write to file '''
+ if not self.filename:
+ raise YeditException('Please specify a filename.')
+
+ with open(self.filename, 'w') as yfd:
+ yfd.write(yaml.safe_dump(self.yaml_dict, default_flow_style=False))
+
+ def read(self):
+ ''' write to file '''
+ # check if it exists
+ if not self.exists():
+ return None
+
+ contents = None
+ with open(self.filename) as yfd:
+ contents = yfd.read()
+
+ return contents
+
+ def exists(self):
+ ''' return whether file exists '''
+ if os.path.exists(self.filename):
+ return True
+
+ return False
+
+ def load(self, content_type='yaml'):
+ ''' return yaml file '''
+ contents = self.read()
+
+ if not contents:
+ return None
+
+ # check if it is yaml
+ try:
+ if content_type == 'yaml':
+ self.yaml_dict = yaml.load(contents)
+ elif content_type == 'json':
+ self.yaml_dict = json.loads(contents)
+ except yaml.YAMLError as _:
+ # Error loading yaml or json
+ return None
+
+ return self.yaml_dict
+
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ return entry
+
+ def delete(self, key):
+ ''' remove key from a dict'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+ if not entry:
+ return (False, self.yaml_dict)
+
+ result = Yedit.remove_entry(self.yaml_dict, key)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
+
+ def put(self, key, value):
+ ''' put key, value into a dict '''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ if entry == value:
+ return (False, self.yaml_dict)
+
+ result = Yedit.add_entry(self.yaml_dict, key, value)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
+
+ def create(self, key, value):
+ ''' create a yaml file '''
+ if not self.exists():
+ self.yaml_dict = {key: value}
+ return (True, self.yaml_dict)
+
+ return (False, self.yaml_dict)
+
+class Edit(OpenShiftCLI):
+ ''' Class to wrap the oc command line tools
+ '''
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ kind,
+ namespace,
+ resource_name=None,
+ kubeconfig='/etc/origin/master/admin.kubeconfig',
+ verbose=False):
+ ''' Constructor for OpenshiftOC '''
+ super(Edit, self).__init__(namespace, kubeconfig)
+ self.namespace = namespace
+ self.kind = kind
+ self.name = resource_name
+ self.kubeconfig = kubeconfig
+ self.verbose = verbose
+
+ def get(self):
+ '''return a secret by name '''
+ return self._get(self.kind, self.name)
+
+ def update(self, file_name, content, force=False, content_type='yaml'):
+ '''run update '''
+ if file_name:
+ if content_type == 'yaml':
+ data = yaml.load(open(file_name))
+ elif content_type == 'json':
+ data = json.loads(open(file_name).read())
+
+ changes = []
+ yed = Yedit(file_name, data)
+ for key, value in content.items():
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
+
+ atexit.register(Utils.cleanup, [file_name])
+
+ return self._replace(file_name, force=force)
+
+ return self._replace_content(self.kind, self.name, content, force=force)
+
+
+
+def main():
+ '''
+ ansible oc module for services
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
+ state=dict(default='present', type='str',
+ choices=['present']),
+ debug=dict(default=False, type='bool'),
+ namespace=dict(default='default', type='str'),
+ name=dict(default=None, required=True, type='str'),
+ kind=dict(required=True,
+ type='str',
+ choices=['dc', 'deploymentconfig',
+ 'svc', 'service',
+ 'scc', 'securitycontextconstraints',
+ 'ns', 'namespace', 'project', 'projects',
+ 'is', 'imagestream',
+ 'istag', 'imagestreamtag',
+ 'bc', 'buildconfig',
+ 'routes',
+ 'node',
+ 'secret',
+ ]),
+ file_name=dict(default=None, type='str'),
+ file_format=dict(default='yaml', type='str'),
+ content=dict(default=None, required=True, type='dict'),
+ force=dict(default=False, type='bool'),
+ ),
+ supports_check_mode=True,
+ )
+ ocedit = Edit(module.params['kind'],
+ module.params['namespace'],
+ module.params['name'],
+ kubeconfig=module.params['kubeconfig'],
+ verbose=module.params['debug'])
+
+ state = module.params['state']
+
+ api_rval = ocedit.get()
+
+ ########
+ # Create
+ ########
+ if not Utils.exists(api_rval['results'], module.params['name']):
+ module.fail_json(msg=api_rval)
+
+ ########
+ # Update
+ ########
+ api_rval = ocedit.update(module.params['file_name'],
+ module.params['content'],
+ module.params['force'],
+ module.params['file_format'])
+
+
+ if api_rval['returncode'] != 0:
+ module.fail_json(msg=api_rval)
+
+ if api_rval.has_key('updated') and not api_rval['updated']:
+ module.exit_json(changed=False, results=api_rval, state="present")
+
+ # return the created object
+ api_rval = ocedit.get()
+
+ if api_rval['returncode'] != 0:
+ module.fail_json(msg=api_rval)
+
+ module.exit_json(changed=True, results=api_rval, state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/lib_openshift_api/library/oc_obj.py b/roles/lib_openshift_api/library/oc_obj.py
index fa31416c0..c058072e3 100644
--- a/roles/lib_openshift_api/library/oc_obj.py
+++ b/roles/lib_openshift_api/library/oc_obj.py
@@ -15,7 +15,15 @@ import json
import os
import shutil
import subprocess
+import re
+
import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ '''return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
# pylint: disable=too-few-public-methods
class OpenShiftCLI(object):
@@ -39,8 +47,14 @@ class OpenShiftCLI(object):
fname = '/tmp/%s' % rname
yed = Yedit(fname, res['results'][0])
+ changes = []
for key, value in content.items():
- yed.put(key, value)
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
atexit.register(Utils.cleanup, [fname])
@@ -83,7 +97,9 @@ class OpenShiftCLI(object):
cmds = ['/usr/bin/oc']
cmds.extend(cmd)
+ rval = {}
results = ''
+ err = None
if self.verbose:
print ' '.join(cmds)
@@ -92,27 +108,42 @@ class OpenShiftCLI(object):
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env={'KUBECONFIG': self.kubeconfig})
+
proc.wait()
+ stdout = proc.stdout.read()
+ stderr = proc.stderr.read()
+
+ rval = {"returncode": proc.returncode,
+ "results": results,
+ }
+
if proc.returncode == 0:
if output:
try:
- results = json.loads(proc.stdout.read())
+ rval['results'] = json.loads(stdout)
except ValueError as err:
if "No JSON object could be decoded" in err.message:
- results = err.message
+ err = err.message
if self.verbose:
- print proc.stderr.read()
- print results
+ print stdout
+ print stderr
print
- return {"returncode": proc.returncode, "results": results}
+ if err:
+ rval.update({"err": err,
+ "stderr": stderr,
+ "stdout": stdout,
+ "cmd": cmds
+ })
- return {"returncode": proc.returncode,
- "stderr": proc.stderr.read(),
- "stdout": proc.stdout.read(),
- "results": {}
- }
+ else:
+ rval.update({"stderr": stderr,
+ "stdout": stdout,
+ "results": {},
+ })
+
+ return rval
class Utils(object):
''' utilities for openshiftcli modules '''
@@ -186,7 +217,7 @@ class Utils(object):
contents = sfd.read()
if sfile_type == 'yaml':
- contents = yaml.load(contents)
+ contents = yaml.safe_load(contents)
elif sfile_type == 'json':
contents = json.loads(contents)
@@ -254,15 +285,16 @@ class YeditException(Exception):
class Yedit(object):
''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([a-zA-Z-./]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([a-zA-Z-./]+)"
- def __init__(self, filename=None, content=None):
+ def __init__(self, filename=None, content=None, content_type='yaml'):
self.content = content
self.filename = filename
self.__yaml_dict = content
+ self.content_type = content_type
if self.filename and not self.content:
- self.get()
- elif self.filename and self.content:
- self.write()
+ self.load(content_type=self.content_type)
@property
def yaml_dict(self):
@@ -275,58 +307,91 @@ class Yedit(object):
self.__yaml_dict = value
@staticmethod
- def remove_entry(data, keys):
- ''' remove an item from a dictionary with key notation a.b.c
- d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
- '''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key in data.keys():
- Yedit.remove_entry(data[key], rest)
- else:
- del data[keys]
+ def remove_entry(data, key):
+ ''' remove data at location key '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
@staticmethod
- def add_entry(data, keys, item):
- ''' Add an item to a dictionary with key notation a.b.c
+ def add_entry(data, key, item=None):
+ ''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
+ key = a.b
+ return c
'''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key not in data:
- data[key] = {}
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ curr_data = data
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and data.has_key(dict_key):
+ data = data[dict_key]
+ continue
+
+ data[dict_key] = {}
+ data = data[dict_key]
- if not isinstance(data, dict):
- raise YeditException('Invalid add_entry called on a [%s] of type [%s].' % (data, type(data)))
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- Yedit.add_entry(data[key], rest, item)
+ return None
- else:
- data[keys] = item
+ # process last index for add
+ # expected list entry
+ if key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ data[int(key_indexes[-1][0])] = item
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ return curr_data
@staticmethod
- def get_entry(data, keys):
+ def get_entry(data, key):
''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
+ key = a.b
return c
'''
- if keys and "." in keys:
- key, rest = keys.split(".", 1)
- if not isinstance(data[key], dict):
- raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data)))
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- return Yedit.get_entry(data[key], rest)
-
- else:
- return data.get(keys, None)
+ return None
+ return data
def write(self):
''' write to file '''
@@ -355,7 +420,7 @@ class Yedit(object):
return False
- def get(self):
+ def load(self, content_type='yaml'):
''' return yaml file '''
contents = self.read()
@@ -364,15 +429,27 @@ class Yedit(object):
# check if it is yaml
try:
- self.yaml_dict = yaml.load(contents)
+ if content_type == 'yaml':
+ self.yaml_dict = yaml.load(contents)
+ elif content_type == 'json':
+ self.yaml_dict = json.loads(contents)
except yaml.YAMLError as _:
- # Error loading yaml
+ # Error loading yaml or json
return None
return self.yaml_dict
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ return entry
+
def delete(self, key):
- ''' put key, value into a yaml file '''
+ ''' remove key from a dict'''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -380,12 +457,14 @@ class Yedit(object):
if not entry:
return (False, self.yaml_dict)
- Yedit.remove_entry(self.yaml_dict, key)
- self.write()
- return (True, self.get())
+ result = Yedit.remove_entry(self.yaml_dict, key)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def put(self, key, value):
- ''' put key, value into a yaml file '''
+ ''' put key, value into a dict '''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -394,18 +473,19 @@ class Yedit(object):
if entry == value:
return (False, self.yaml_dict)
- Yedit.add_entry(self.yaml_dict, key, value)
- self.write()
- return (True, self.get())
+ result = Yedit.add_entry(self.yaml_dict, key, value)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def create(self, key, value):
- ''' create the file '''
+ ''' create a yaml file '''
if not self.exists():
self.yaml_dict = {key: value}
- self.write()
- return (True, self.get())
+ return (True, self.yaml_dict)
- return (False, self.get())
+ return (False, self.yaml_dict)
class OCObject(OpenShiftCLI):
''' Class to wrap the oc command line tools '''
@@ -503,6 +583,13 @@ def main():
type='str',
choices=['dc', 'deploymentconfig',
'svc', 'service',
+ 'scc', 'securitycontextconstraints',
+ 'ns', 'namespace', 'project', 'projects',
+ 'is', 'imagestream',
+ 'istag', 'imagestreamtag',
+ 'bc', 'buildconfig',
+ 'routes',
+ 'node',
'secret',
]),
delete_after=dict(default=False, type='bool'),
diff --git a/roles/lib_openshift_api/library/oc_secret.py b/roles/lib_openshift_api/library/oc_secret.py
index 8253fd4ad..a03022e35 100644
--- a/roles/lib_openshift_api/library/oc_secret.py
+++ b/roles/lib_openshift_api/library/oc_secret.py
@@ -15,7 +15,15 @@ import json
import os
import shutil
import subprocess
+import re
+
import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ '''return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
# pylint: disable=too-few-public-methods
class OpenShiftCLI(object):
@@ -39,8 +47,14 @@ class OpenShiftCLI(object):
fname = '/tmp/%s' % rname
yed = Yedit(fname, res['results'][0])
+ changes = []
for key, value in content.items():
- yed.put(key, value)
+ changes.append(yed.put(key, value))
+
+ if any([not change[0] for change in changes]):
+ return {'returncode': 0, 'updated': False}
+
+ yed.write()
atexit.register(Utils.cleanup, [fname])
@@ -83,7 +97,9 @@ class OpenShiftCLI(object):
cmds = ['/usr/bin/oc']
cmds.extend(cmd)
+ rval = {}
results = ''
+ err = None
if self.verbose:
print ' '.join(cmds)
@@ -92,27 +108,42 @@ class OpenShiftCLI(object):
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
env={'KUBECONFIG': self.kubeconfig})
+
proc.wait()
+ stdout = proc.stdout.read()
+ stderr = proc.stderr.read()
+
+ rval = {"returncode": proc.returncode,
+ "results": results,
+ }
+
if proc.returncode == 0:
if output:
try:
- results = json.loads(proc.stdout.read())
+ rval['results'] = json.loads(stdout)
except ValueError as err:
if "No JSON object could be decoded" in err.message:
- results = err.message
+ err = err.message
if self.verbose:
- print proc.stderr.read()
- print results
+ print stdout
+ print stderr
print
- return {"returncode": proc.returncode, "results": results}
+ if err:
+ rval.update({"err": err,
+ "stderr": stderr,
+ "stdout": stdout,
+ "cmd": cmds
+ })
- return {"returncode": proc.returncode,
- "stderr": proc.stderr.read(),
- "stdout": proc.stdout.read(),
- "results": {}
- }
+ else:
+ rval.update({"stderr": stderr,
+ "stdout": stdout,
+ "results": {},
+ })
+
+ return rval
class Utils(object):
''' utilities for openshiftcli modules '''
@@ -186,7 +217,7 @@ class Utils(object):
contents = sfd.read()
if sfile_type == 'yaml':
- contents = yaml.load(contents)
+ contents = yaml.safe_load(contents)
elif sfile_type == 'json':
contents = json.loads(contents)
@@ -254,15 +285,16 @@ class YeditException(Exception):
class Yedit(object):
''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([a-zA-Z-./]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([a-zA-Z-./]+)"
- def __init__(self, filename=None, content=None):
+ def __init__(self, filename=None, content=None, content_type='yaml'):
self.content = content
self.filename = filename
self.__yaml_dict = content
+ self.content_type = content_type
if self.filename and not self.content:
- self.get()
- elif self.filename and self.content:
- self.write()
+ self.load(content_type=self.content_type)
@property
def yaml_dict(self):
@@ -275,58 +307,91 @@ class Yedit(object):
self.__yaml_dict = value
@staticmethod
- def remove_entry(data, keys):
- ''' remove an item from a dictionary with key notation a.b.c
- d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
- '''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key in data.keys():
- Yedit.remove_entry(data[key], rest)
- else:
- del data[keys]
+ def remove_entry(data, key):
+ ''' remove data at location key '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
@staticmethod
- def add_entry(data, keys, item):
- ''' Add an item to a dictionary with key notation a.b.c
+ def add_entry(data, key, item=None):
+ ''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
+ key = a.b
+ return c
'''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key not in data:
- data[key] = {}
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ curr_data = data
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and data.has_key(dict_key):
+ data = data[dict_key]
+ continue
- if not isinstance(data, dict):
- raise YeditException('Invalid add_entry called on a [%s] of type [%s].' % (data, type(data)))
+ data[dict_key] = {}
+ data = data[dict_key]
+
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- Yedit.add_entry(data[key], rest, item)
+ return None
- else:
- data[keys] = item
+ # process last index for add
+ # expected list entry
+ if key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ data[int(key_indexes[-1][0])] = item
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ return curr_data
@staticmethod
- def get_entry(data, keys):
+ def get_entry(data, key):
''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
+ key = a.b
return c
'''
- if keys and "." in keys:
- key, rest = keys.split(".", 1)
- if not isinstance(data[key], dict):
- raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data)))
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- return Yedit.get_entry(data[key], rest)
-
- else:
- return data.get(keys, None)
+ return None
+ return data
def write(self):
''' write to file '''
@@ -355,7 +420,7 @@ class Yedit(object):
return False
- def get(self):
+ def load(self, content_type='yaml'):
''' return yaml file '''
contents = self.read()
@@ -364,15 +429,27 @@ class Yedit(object):
# check if it is yaml
try:
- self.yaml_dict = yaml.load(contents)
+ if content_type == 'yaml':
+ self.yaml_dict = yaml.load(contents)
+ elif content_type == 'json':
+ self.yaml_dict = json.loads(contents)
except yaml.YAMLError as _:
- # Error loading yaml
+ # Error loading yaml or json
return None
return self.yaml_dict
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ return entry
+
def delete(self, key):
- ''' put key, value into a yaml file '''
+ ''' remove key from a dict'''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -380,12 +457,14 @@ class Yedit(object):
if not entry:
return (False, self.yaml_dict)
- Yedit.remove_entry(self.yaml_dict, key)
- self.write()
- return (True, self.get())
+ result = Yedit.remove_entry(self.yaml_dict, key)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def put(self, key, value):
- ''' put key, value into a yaml file '''
+ ''' put key, value into a dict '''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -394,18 +473,19 @@ class Yedit(object):
if entry == value:
return (False, self.yaml_dict)
- Yedit.add_entry(self.yaml_dict, key, value)
- self.write()
- return (True, self.get())
+ result = Yedit.add_entry(self.yaml_dict, key, value)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def create(self, key, value):
- ''' create the file '''
+ ''' create a yaml file '''
if not self.exists():
self.yaml_dict = {key: value}
- self.write()
- return (True, self.get())
+ return (True, self.yaml_dict)
- return (False, self.get())
+ return (False, self.yaml_dict)
class Secret(OpenShiftCLI):
''' Class to wrap the oc command line tools
diff --git a/roles/lib_yaml_editor/build/ansible/yedit.py b/roles/lib_yaml_editor/build/ansible/yedit.py
index bf868fb71..dab3d6347 100644
--- a/roles/lib_yaml_editor/build/ansible/yedit.py
+++ b/roles/lib_yaml_editor/build/ansible/yedit.py
@@ -24,7 +24,7 @@ def main():
yamlfile = Yedit(module.params['src'], module.params['content'])
- rval = yamlfile.get()
+ rval = yamlfile.load()
if not rval and state != 'present':
module.fail_json(msg='Error opening file [%s]. Verify that the' + \
' file exists, that it is has correct permissions, and is valid yaml.')
@@ -45,13 +45,16 @@ def main():
if rval:
rval = yamlfile.put(module.params['key'], value)
+ if rval[0]:
+ yamlfile.write()
module.exit_json(changed=rval[0], results=rval[1], state="present")
if not module.params['content']:
rval = yamlfile.create(module.params['key'], value)
else:
- yamlfile.write()
- rval = yamlfile.get()
+ rval = yamlfile.load()
+ yamlfile.write()
+
module.exit_json(changed=rval[0], results=rval[1], state="present")
module.exit_json(failed=True,
diff --git a/roles/lib_yaml_editor/build/generate.py b/roles/lib_yaml_editor/build/generate.py
index 0df4efb92..312e4d0ee 100755
--- a/roles/lib_yaml_editor/build/generate.py
+++ b/roles/lib_yaml_editor/build/generate.py
@@ -15,19 +15,20 @@ GEN_STR = "#!/usr/bin/env python\n" + \
"# | |) | (_) | | .` | (_) || | | _|| |) | | | |\n" + \
"# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_|\n"
+OPENSHIFT_ANSIBLE_PATH = os.path.dirname(os.path.realpath(__file__))
+
FILES = {'yedit.py': ['src/base.py', 'src/yedit.py', 'ansible/yedit.py'],
}
-
def main():
''' combine the necessary files to create the ansible module '''
- openshift_ansible = ('../library/')
+ library = os.path.join(OPENSHIFT_ANSIBLE_PATH, '..', 'library/')
for fname, parts in FILES.items():
- with open(os.path.join(openshift_ansible, fname), 'w') as afd:
+ with open(os.path.join(library, fname), 'w') as afd:
afd.seek(0)
afd.write(GEN_STR)
for fpart in parts:
- with open(fpart) as pfd:
+ with open(os.path.join(OPENSHIFT_ANSIBLE_PATH, fpart)) as pfd:
# first line is pylint disable so skip it
for idx, line in enumerate(pfd):
if idx == 0 and 'skip-file' in line:
diff --git a/roles/lib_yaml_editor/build/src/base.py b/roles/lib_yaml_editor/build/src/base.py
index ad8b041cf..9e43d45dc 100644
--- a/roles/lib_yaml_editor/build/src/base.py
+++ b/roles/lib_yaml_editor/build/src/base.py
@@ -5,5 +5,13 @@ module for managing yaml files
'''
import os
+import re
+
import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ ''' return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
diff --git a/roles/lib_yaml_editor/build/src/yedit.py b/roles/lib_yaml_editor/build/src/yedit.py
index 4f6a91d8b..642733914 100644
--- a/roles/lib_yaml_editor/build/src/yedit.py
+++ b/roles/lib_yaml_editor/build/src/yedit.py
@@ -6,15 +6,16 @@ class YeditException(Exception):
class Yedit(object):
''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([a-zA-Z-./]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([a-zA-Z-./]+)"
- def __init__(self, filename=None, content=None):
+ def __init__(self, filename=None, content=None, content_type='yaml'):
self.content = content
self.filename = filename
self.__yaml_dict = content
+ self.content_type = content_type
if self.filename and not self.content:
- self.get()
- elif self.filename and self.content:
- self.write()
+ self.load(content_type=self.content_type)
@property
def yaml_dict(self):
@@ -27,58 +28,91 @@ class Yedit(object):
self.__yaml_dict = value
@staticmethod
- def remove_entry(data, keys):
- ''' remove an item from a dictionary with key notation a.b.c
- d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
- '''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key in data.keys():
- Yedit.remove_entry(data[key], rest)
- else:
- del data[keys]
+ def remove_entry(data, key):
+ ''' remove data at location key '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
@staticmethod
- def add_entry(data, keys, item):
- ''' Add an item to a dictionary with key notation a.b.c
+ def add_entry(data, key, item=None):
+ ''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
+ key = a.b
+ return c
'''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key not in data:
- data[key] = {}
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ curr_data = data
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and data.has_key(dict_key):
+ data = data[dict_key]
+ continue
+
+ data[dict_key] = {}
+ data = data[dict_key]
- if not isinstance(data, dict):
- raise YeditException('Invalid add_entry called on a [%s] of type [%s].' % (data, type(data)))
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- Yedit.add_entry(data[key], rest, item)
+ return None
- else:
- data[keys] = item
+ # process last index for add
+ # expected list entry
+ if key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ data[int(key_indexes[-1][0])] = item
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ return curr_data
@staticmethod
- def get_entry(data, keys):
+ def get_entry(data, key):
''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
+ key = a.b
return c
'''
- if keys and "." in keys:
- key, rest = keys.split(".", 1)
- if not isinstance(data[key], dict):
- raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data)))
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- return Yedit.get_entry(data[key], rest)
-
- else:
- return data.get(keys, None)
+ return None
+ return data
def write(self):
''' write to file '''
@@ -107,7 +141,7 @@ class Yedit(object):
return False
- def get(self):
+ def load(self, content_type='yaml'):
''' return yaml file '''
contents = self.read()
@@ -116,15 +150,27 @@ class Yedit(object):
# check if it is yaml
try:
- self.yaml_dict = yaml.load(contents)
+ if content_type == 'yaml':
+ self.yaml_dict = yaml.load(contents)
+ elif content_type == 'json':
+ self.yaml_dict = json.loads(contents)
except yaml.YAMLError as _:
- # Error loading yaml
+ # Error loading yaml or json
return None
return self.yaml_dict
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ return entry
+
def delete(self, key):
- ''' put key, value into a yaml file '''
+ ''' remove key from a dict'''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -132,12 +178,14 @@ class Yedit(object):
if not entry:
return (False, self.yaml_dict)
- Yedit.remove_entry(self.yaml_dict, key)
- self.write()
- return (True, self.get())
+ result = Yedit.remove_entry(self.yaml_dict, key)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def put(self, key, value):
- ''' put key, value into a yaml file '''
+ ''' put key, value into a dict '''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -146,15 +194,16 @@ class Yedit(object):
if entry == value:
return (False, self.yaml_dict)
- Yedit.add_entry(self.yaml_dict, key, value)
- self.write()
- return (True, self.get())
+ result = Yedit.add_entry(self.yaml_dict, key, value)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def create(self, key, value):
- ''' create the file '''
+ ''' create a yaml file '''
if not self.exists():
self.yaml_dict = {key: value}
- self.write()
- return (True, self.get())
+ return (True, self.yaml_dict)
- return (False, self.get())
+ return (False, self.yaml_dict)
diff --git a/roles/lib_yaml_editor/build/test/foo.yml b/roles/lib_yaml_editor/build/test/foo.yml
index 2a7a89ce2..20e9ff3fe 100644
--- a/roles/lib_yaml_editor/build/test/foo.yml
+++ b/roles/lib_yaml_editor/build/test/foo.yml
@@ -1 +1 @@
-foo: barplus
+foo: bar
diff --git a/roles/lib_yaml_editor/library/yedit.py b/roles/lib_yaml_editor/library/yedit.py
index f375fd8e2..b7ae45b31 100644
--- a/roles/lib_yaml_editor/library/yedit.py
+++ b/roles/lib_yaml_editor/library/yedit.py
@@ -12,7 +12,15 @@ module for managing yaml files
'''
import os
+import re
+
import yaml
+# This is here because of a bug that causes yaml
+# to incorrectly handle timezone info on timestamps
+def timestamp_constructor(_, node):
+ ''' return timestamps as strings'''
+ return str(node.value)
+yaml.add_constructor(u'tag:yaml.org,2002:timestamp', timestamp_constructor)
class YeditException(Exception):
@@ -21,15 +29,16 @@ class YeditException(Exception):
class Yedit(object):
''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([a-zA-Z-./]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([a-zA-Z-./]+)"
- def __init__(self, filename=None, content=None):
+ def __init__(self, filename=None, content=None, content_type='yaml'):
self.content = content
self.filename = filename
self.__yaml_dict = content
+ self.content_type = content_type
if self.filename and not self.content:
- self.get()
- elif self.filename and self.content:
- self.write()
+ self.load(content_type=self.content_type)
@property
def yaml_dict(self):
@@ -42,58 +51,91 @@ class Yedit(object):
self.__yaml_dict = value
@staticmethod
- def remove_entry(data, keys):
- ''' remove an item from a dictionary with key notation a.b.c
- d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
- '''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key in data.keys():
- Yedit.remove_entry(data[key], rest)
- else:
- del data[keys]
+ def remove_entry(data, key):
+ ''' remove data at location key '''
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
@staticmethod
- def add_entry(data, keys, item):
- ''' Add an item to a dictionary with key notation a.b.c
+ def add_entry(data, key, item=None):
+ ''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
- item = c
+ key = a.b
+ return c
'''
- if "." in keys:
- key, rest = keys.split(".", 1)
- if key not in data:
- data[key] = {}
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
- if not isinstance(data, dict):
- raise YeditException('Invalid add_entry called on a [%s] of type [%s].' % (data, type(data)))
+ curr_data = data
+
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and data.has_key(dict_key):
+ data = data[dict_key]
+ continue
+
+ data[dict_key] = {}
+ data = data[dict_key]
+
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- Yedit.add_entry(data[key], rest, item)
+ return None
- else:
- data[keys] = item
+ # process last index for add
+ # expected list entry
+ if key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:
+ data[int(key_indexes[-1][0])] = item
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ return curr_data
@staticmethod
- def get_entry(data, keys):
+ def get_entry(data, key):
''' Get an item from a dictionary with key notation a.b.c
d = {'a': {'b': 'c'}}}
- keys = a.b
+ key = a.b
return c
'''
- if keys and "." in keys:
- key, rest = keys.split(".", 1)
- if not isinstance(data[key], dict):
- raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data)))
+ if not (key and re.match(Yedit.re_valid_key, key) and isinstance(data, (list, dict))):
+ return None
+ key_indexes = re.findall(Yedit.re_key, key)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key, None)
+ elif arr_ind and isinstance(data, list) and int(arr_ind) <= len(data) - 1:
+ data = data[int(arr_ind)]
else:
- return Yedit.get_entry(data[key], rest)
-
- else:
- return data.get(keys, None)
+ return None
+ return data
def write(self):
''' write to file '''
@@ -122,7 +164,7 @@ class Yedit(object):
return False
- def get(self):
+ def load(self, content_type='yaml'):
''' return yaml file '''
contents = self.read()
@@ -131,15 +173,27 @@ class Yedit(object):
# check if it is yaml
try:
- self.yaml_dict = yaml.load(contents)
+ if content_type == 'yaml':
+ self.yaml_dict = yaml.load(contents)
+ elif content_type == 'json':
+ self.yaml_dict = json.loads(contents)
except yaml.YAMLError as _:
- # Error loading yaml
+ # Error loading yaml or json
return None
return self.yaml_dict
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key)
+ except KeyError as _:
+ entry = None
+
+ return entry
+
def delete(self, key):
- ''' put key, value into a yaml file '''
+ ''' remove key from a dict'''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -147,12 +201,14 @@ class Yedit(object):
if not entry:
return (False, self.yaml_dict)
- Yedit.remove_entry(self.yaml_dict, key)
- self.write()
- return (True, self.get())
+ result = Yedit.remove_entry(self.yaml_dict, key)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def put(self, key, value):
- ''' put key, value into a yaml file '''
+ ''' put key, value into a dict '''
try:
entry = Yedit.get_entry(self.yaml_dict, key)
except KeyError as _:
@@ -161,18 +217,19 @@ class Yedit(object):
if entry == value:
return (False, self.yaml_dict)
- Yedit.add_entry(self.yaml_dict, key, value)
- self.write()
- return (True, self.get())
+ result = Yedit.add_entry(self.yaml_dict, key, value)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
def create(self, key, value):
- ''' create the file '''
+ ''' create a yaml file '''
if not self.exists():
self.yaml_dict = {key: value}
- self.write()
- return (True, self.get())
+ return (True, self.yaml_dict)
- return (False, self.get())
+ return (False, self.yaml_dict)
def main():
'''
@@ -198,7 +255,7 @@ def main():
yamlfile = Yedit(module.params['src'], module.params['content'])
- rval = yamlfile.get()
+ rval = yamlfile.load()
if not rval and state != 'present':
module.fail_json(msg='Error opening file [%s]. Verify that the' + \
' file exists, that it is has correct permissions, and is valid yaml.')
@@ -219,13 +276,16 @@ def main():
if rval:
rval = yamlfile.put(module.params['key'], value)
+ if rval[0]:
+ yamlfile.write()
module.exit_json(changed=rval[0], results=rval[1], state="present")
if not module.params['content']:
rval = yamlfile.create(module.params['key'], value)
else:
- yamlfile.write()
- rval = yamlfile.get()
+ rval = yamlfile.load()
+ yamlfile.write()
+
module.exit_json(changed=rval[0], results=rval[1], state="present")
module.exit_json(failed=True,
diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py
index d10ffb9ff..68c5cfbfe 100644
--- a/roles/lib_zabbix/library/zbx_user.py
+++ b/roles/lib_zabbix/library/zbx_user.py
@@ -97,6 +97,7 @@ def main():
last_name=dict(default=None, type='str'),
user_type=dict(default=None, type='str'),
password=dict(default=None, type='str'),
+ refresh=dict(default=None, type='int'),
update_password=dict(default=False, type='bool'),
user_groups=dict(default=[], type='list'),
state=dict(default='present', type='str'),
@@ -137,6 +138,7 @@ def main():
'usrgrps': get_usergroups(zapi, module.params['user_groups']),
'name': module.params['first_name'],
'surname': module.params['last_name'],
+ 'refresh': module.params['refresh'],
'type': get_usertype(module.params['user_type']),
}
diff --git a/roles/openshift_cli/vars/main.yml b/roles/openshift_cli/defaults/main.yml
index 4d0c87497..4d0c87497 100644
--- a/roles/openshift_cli/vars/main.yml
+++ b/roles/openshift_cli/defaults/main.yml
diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml
index 2c982e278..223cb768d 100644
--- a/roles/openshift_cli/meta/main.yml
+++ b/roles/openshift_cli/meta/main.yml
@@ -13,6 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_docker
- when: openshift.common.is_containerized | bool
- role: openshift_common
- role: openshift_cli_facts
diff --git a/roles/openshift_common/defaults/main.yml b/roles/openshift_common/defaults/main.yml
index 267c03605..e46af70c7 100644
--- a/roles/openshift_common/defaults/main.yml
+++ b/roles/openshift_common/defaults/main.yml
@@ -1,3 +1,4 @@
---
openshift_cluster_id: 'default'
openshift_debug_level: 2
+openshift_version: "{{ openshift_pkg_version | default('') }}"
diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml
index b163f8aae..50816d319 100644
--- a/roles/openshift_common/vars/main.yml
+++ b/roles/openshift_common/vars/main.yml
@@ -5,4 +5,3 @@
# chains with the public zone (or the zone associated with the correct
# interfaces)
os_firewall_use_firewalld: False
-openshift_version: "{{ openshift_pkg_version | default('') }}"
diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml
index 60efd4e45..d98f953ea 100644
--- a/roles/openshift_docker/meta/main.yml
+++ b/roles/openshift_docker/meta/main.yml
@@ -12,5 +12,6 @@ galaxy_info:
categories:
- cloud
dependencies:
+- role: openshift_repos
- role: openshift_docker_facts
- role: docker
diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml
index 26b46aa94..eb762e33f 100644
--- a/roles/openshift_docker_facts/tasks/main.yml
+++ b/roles/openshift_docker_facts/tasks/main.yml
@@ -37,3 +37,19 @@
- set_fact:
docker_options: "{{ openshift.docker.options | default(omit) }}"
when: not openshift.docker.hosted_registry_insecure | default(False) | bool
+
+# Avoid docker 1.9 when installing origin < 1.2 or OSE < 3.2 on RHEL/Centos and
+# See: https://bugzilla.redhat.com/show_bug.cgi?id=1304038
+- name: Gather common package version
+ command: >
+ {{ repoquery_cmd }} --qf '%{version}' "{{ openshift.common.service_type}}"
+ register: common_version
+ failed_when: false
+ changed_when: false
+ when: not openshift.common.is_atomic | bool
+
+- name: Set docker version to be installed
+ set_fact:
+ docker_version: "{{ '1.8.2' }}"
+ when: " ( common_version.stdout | default('0.0', True) | version_compare('3.2','<') and openshift.common.service_type == 'atomic-openshift' ) or
+ ( common_version.stdout | default('0.0', True) | version_compare('1.1.4','<') and openshift.common.service_type == 'origin' )"
diff --git a/roles/openshift_docker_facts/vars/main.yml b/roles/openshift_docker_facts/vars/main.yml
new file mode 100644
index 000000000..f7ad1b329
--- /dev/null
+++ b/roles/openshift_docker_facts/vars/main.yml
@@ -0,0 +1,2 @@
+---
+repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index 6108a1485..af388f6cf 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -5,7 +5,7 @@
#
# This script should be run from openshift-ansible/roles/openshift_examples
-XPAAS_VERSION=ose-v1.2.0-1
+XPAAS_VERSION=ose-v1.3.0
ORIGIN_VERSION=${1:-v1.2}
EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION}
find ${EXAMPLES_BASE} -name '*.json' -delete
@@ -36,7 +36,7 @@ cp nodejs-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
mv application-templates-${XPAAS_VERSION}/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/
-find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \;
+find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' ! -wholename '*demo*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \;
wget https://raw.githubusercontent.com/jboss-fuse/application-templates/master/fis-image-streams.json -O ${EXAMPLES_BASE}/xpaas-streams/fis-image-streams.json
wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json
index 64b435205..6ad192d9a 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json
@@ -114,6 +114,47 @@
"sampleRef": "6.4.x",
"version": "1.2"
}
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap70-openshift"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3-Beta",
+ "annotations": {
+ "description": "JBoss EAP 7.0 Beta S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.x",
+ "version": "1.3"
+ },
+ "from": {
+ "Kind": "DockerImage",
+ "Name": "registry.access.redhat.com/jboss-eap-7-beta/eap70-openshift:1.3"
+ }
}
]
}
@@ -136,7 +177,7 @@
"supports":"decisionserver:6.2,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
- "sampleRef": "master",
+ "sampleRef": "1.2",
"version": "1.2"
}
}
@@ -196,6 +237,34 @@
}
]
}
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso70-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.0"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3-TP",
+ "annotations": {
+ "description": "Red Hat SSO 7.0 Tech Preview",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports":"sso:7.0,xpaas:1.3",
+ "version": "1.3"
+ },
+ "from": {
+ "Kind": "DockerImage",
+ "Name": "registry.access.redhat.com/redhat-sso-7-tech-preview/sso70-openshift:1.3"
+ }
+ }
+ ]
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json
index 0755fef45..9759ed7c7 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json
@@ -340,7 +340,7 @@
}
},
"spec": {
- "serviceAccount": "amq-service-account",
+ "serviceAccountName": "amq-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json
index ced360b09..fdf0da9c3 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json
@@ -340,7 +340,7 @@
}
},
"spec": {
- "serviceAccount": "amq-service-account",
+ "serviceAccountName": "amq-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json
index 033e70063..639ac2e11 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json
@@ -322,7 +322,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json
index 05bc7c236..22ca3f0a0 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json
@@ -418,7 +418,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json
index 1856c8dc2..e1a585d24 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json
@@ -412,7 +412,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json
index 10d0f77ce..d0e272a8d 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -403,7 +403,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json
index 9dd378f92..55a68db40 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json
@@ -397,7 +397,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json
index 0c82eaa61..2e8276adb 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json
@@ -413,7 +413,7 @@
}
},
"spec": {
- "serviceAccount": "decisionserver-service-account",
+ "serviceAccountName": "decisionserver-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json
index d0505fc5f..e5e2dee63 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json
@@ -356,7 +356,7 @@
}
},
"spec": {
- "serviceAccount": "decisionserver-service-account",
+ "serviceAccountName": "decisionserver-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json
index 4b38dade3..4485fd264 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -413,7 +413,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json
index d321af9c9..72d8c061b 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json
index 54514cb6b..2517be3ca 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json
@@ -350,7 +350,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 2c0f21ae3..97cc465d2 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -3,7 +3,7 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MongDB applications with persistent storage built using S2I.",
+ "description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
"tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
"version": "1.2.0"
@@ -443,7 +443,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json
index 6f604d29e..8bdd85546 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json
@@ -3,7 +3,7 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MongDB applications built using S2I.",
+ "description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
"tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
"version": "1.2.0"
@@ -437,7 +437,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json
index d2631580b..dcc591836 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -446,7 +446,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json
index ba6a32fec..372802eea 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json
@@ -440,7 +440,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 670260769..1ba00e3b5 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -431,7 +431,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json
index 822731335..860374d3c 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json
@@ -425,7 +425,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-sso-s2i.json
new file mode 100644
index 000000000..6c644553e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-sso-s2i.json
@@ -0,0 +1,663 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-jboss",
+ "description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
+ "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
+ "version": "1.3.0"
+ },
+ "name": "eap64-sso-s2i"
+ },
+ "labels": {
+ "template": "eap64-sso-s2i",
+ "xpaas": "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/keycloak/keycloak-examples",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "0.4-openshift",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "SSO Location",
+ "name": "SSO_URI",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "description": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "demo",
+ "required": false
+ },
+ {
+ "description": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Routes",
+ "name": "APPLICATION_ROUTES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Artifacts",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee/target,service-jaxrs/target,app-profile-jee/target,app-profile-jee-saml/target",
+ "required": false
+ },
+ {
+ "description": "maven",
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "/etc/sso-saml-secret-volume/keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "eap-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_URI",
+ "value": "${SSO_URI}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "APPLICATION_ROUTES",
+ "value": "${APPLICATION_ROUTES}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-basic-s2i.json
index edf316021..7dbf0eefa 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-basic-s2i.json
@@ -3,47 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
+ "description": "Application template for EAP 7 applications built using S2I.",
+ "tags": "eap,javaee,java,jboss,xpaas",
"version": "1.3.0"
},
- "name": "processserver62-basic-s2i"
+ "name": "eap70-basic-s2i"
},
"labels": {
- "template": "processserver62-basic-s2i",
+ "template": "eap70-basic-s2i",
"xpaas": "1.3.0"
},
"parameters": [
{
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.H2Dialect",
- "required": false
- },
- {
"description": "The name for the application.",
"name": "APPLICATION_NAME",
- "value": "kie-app",
+ "value": "eap-app",
"required": true
},
{
@@ -55,36 +30,36 @@
{
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "7.0.x-develop",
"required": false
},
{
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
- "value": "processserver/library",
+ "value": "kitchensink",
"required": false
},
{
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
@@ -108,6 +83,13 @@
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
}
],
"objects": [
@@ -186,17 +168,11 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -307,32 +283,41 @@
"name": "http",
"containerPort": 8080,
"protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
}
],
"env": [
{
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
},
{
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
},
{
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-https-s2i.json
new file mode 100644
index 000000000..19ef56ca6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-https-s2i.json
@@ -0,0 +1,499 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 applications built using S2I.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.3.0"
+ },
+ "name": "eap70-https-s2i"
+ },
+ "labels": {
+ "template": "eap70-https-s2i",
+ "xpaas": "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-develop",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.3-Beta"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "eap7-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..c48dcbd91
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -0,0 +1,755 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
+ "version": "1.3.0"
+ },
+ "name": "eap70-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-persistent-s2i",
+ "xpaas": "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.3-Beta"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "eap7-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-s2i.json
new file mode 100644
index 000000000..b499f3132
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mongodb-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for EAP 7 MongoDB applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
+ "version": "1.3.0"
+ },
+ "name": "eap70-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-s2i",
+ "xpaas": "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.3-Beta"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "eap7-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-persistent-s2i.json
index 4c1edc936..8eefa7855 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -3,71 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 MySQL applications with persistent storage built using S2I.",
+ "description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
+ "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
"version": "1.3.0"
},
- "name": "processserver62-mysql-persistent-s2i"
+ "name": "eap70-mysql-persistent-s2i"
},
"labels": {
- "template": "processserver62-mysql-persistent-s2i",
+ "template": "eap70-mysql-persistent-s2i",
"xpaas": "1.3.0"
},
"parameters": [
{
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
"description": "The name for the application.",
"name": "APPLICATION_NAME",
- "value": "kie-app",
+ "value": "eap-app",
"required": true
},
{
@@ -91,19 +42,19 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.3",
"required": false
},
{
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
- "value": "processserver/library",
+ "value": "todolist/todolist-jdbc",
"required": false
},
{
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
+ "value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
@@ -120,20 +71,20 @@
},
{
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
+ "value": "eap7-app-secret",
"required": false
},
{
@@ -145,30 +96,16 @@
{
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
- "value": "jboss",
+ "value": "",
"required": false
},
{
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
+ "value": "",
"required": false
},
{
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
@@ -209,8 +146,22 @@
"required": false
},
{
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
@@ -234,6 +185,37 @@
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
}
],
"objects": [
@@ -383,17 +365,11 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -470,7 +446,7 @@
}
},
"spec": {
- "serviceAccount": "processserver-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
@@ -479,8 +455,13 @@
"imagePullPolicy": "Always",
"volumeMounts": [
{
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
"readOnly": true
}
],
@@ -517,42 +498,15 @@
"name": "https",
"containerPort": 8443,
"protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
}
],
"env": [
{
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
"name": "DB_SERVICE_PREFIX_MAPPING",
"value": "${APPLICATION_NAME}-mysql=DB"
},
@@ -589,8 +543,20 @@
"value": "${DB_TX_ISOLATION}"
},
{
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
+ "value": "/etc/eap-secret-volume"
},
{
"name": "HTTPS_KEYSTORE",
@@ -605,26 +571,56 @@
"value": "${HTTPS_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
}
]
}
],
"volumes": [
{
- "name": "processserver-keystore-volume",
+ "name": "eap-keystore-volume",
"secret": {
"secretName": "${HTTPS_SECRET}"
}
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-s2i.json
index 91ffa0f52..47aed69c9 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-mysql-s2i.json
@@ -3,71 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 MySQL applications built using S2I.",
+ "description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
+ "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
"version": "1.3.0"
},
- "name": "processserver62-mysql-s2i"
+ "name": "eap70-mysql-s2i"
},
"labels": {
- "template": "processserver62-mysql-s2i",
+ "template": "eap70-mysql-s2i",
"xpaas": "1.3.0"
},
"parameters": [
{
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
"description": "The name for the application.",
"name": "APPLICATION_NAME",
- "value": "kie-app",
+ "value": "eap-app",
"required": true
},
{
@@ -91,19 +42,19 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.3",
"required": false
},
{
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
- "value": "processserver/library",
+ "value": "todolist/todolist-jdbc",
"required": false
},
{
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
+ "value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
@@ -114,20 +65,20 @@
},
{
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
+ "value": "eap7-app-secret",
"required": false
},
{
@@ -139,30 +90,16 @@
{
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
- "value": "jboss",
+ "value": "",
"required": false
},
{
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
+ "value": "",
"required": false
},
{
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
@@ -203,8 +140,22 @@
"required": false
},
{
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
@@ -228,6 +179,37 @@
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
}
],
"objects": [
@@ -377,17 +359,11 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -464,7 +440,7 @@
}
},
"spec": {
- "serviceAccount": "processserver-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
@@ -473,8 +449,13 @@
"imagePullPolicy": "Always",
"volumeMounts": [
{
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
"readOnly": true
}
],
@@ -511,42 +492,15 @@
"name": "https",
"containerPort": 8443,
"protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
}
],
"env": [
{
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
"name": "DB_SERVICE_PREFIX_MAPPING",
"value": "${APPLICATION_NAME}-mysql=DB"
},
@@ -583,8 +537,20 @@
"value": "${DB_TX_ISOLATION}"
},
{
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
+ "value": "/etc/eap-secret-volume"
},
{
"name": "HTTPS_KEYSTORE",
@@ -599,26 +565,56 @@
"value": "${HTTPS_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
}
]
}
],
"volumes": [
{
- "name": "processserver-keystore-volume",
+ "name": "eap-keystore-volume",
"secret": {
"secretName": "${HTTPS_SECRET}"
}
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-persistent-s2i.json
index cc747030a..8c74255bf 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -3,71 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 PostgreSQL applications with persistent storage built using S2I.",
+ "description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
+ "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
"version": "1.3.0"
},
- "name": "processserver62-postgresql-persistent-s2i"
+ "name": "eap70-postgresql-persistent-s2i"
},
"labels": {
- "template": "processserver62-postgresql-persistent-s2i",
+ "template": "eap70-postgresql-persistent-s2i",
"xpaas": "1.3.0"
},
"parameters": [
{
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
"description": "The name for the application.",
"name": "APPLICATION_NAME",
- "value": "kie-app",
+ "value": "eap-app",
"required": true
},
{
@@ -91,19 +42,19 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.3",
"required": false
},
{
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
- "value": "processserver/library",
+ "value": "todolist/todolist-jdbc",
"required": false
},
{
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
+ "value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
@@ -120,20 +71,20 @@
},
{
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
+ "value": "eap7-app-secret",
"required": false
},
{
@@ -145,30 +96,16 @@
{
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
- "value": "jboss",
+ "value": "",
"required": false
},
{
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
+ "value": "",
"required": false
},
{
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
@@ -194,8 +131,22 @@
"required": false
},
{
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
@@ -219,6 +170,37 @@
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
}
],
"objects": [
@@ -368,17 +350,11 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -455,7 +431,7 @@
}
},
"spec": {
- "serviceAccount": "processserver-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
@@ -464,8 +440,13 @@
"imagePullPolicy": "Always",
"volumeMounts": [
{
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
"readOnly": true
}
],
@@ -502,42 +483,15 @@
"name": "https",
"containerPort": 8443,
"protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
}
],
"env": [
{
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
"name": "DB_SERVICE_PREFIX_MAPPING",
"value": "${APPLICATION_NAME}-postgresql=DB"
},
@@ -574,8 +528,20 @@
"value": "${DB_TX_ISOLATION}"
},
{
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
+ "value": "/etc/eap-secret-volume"
},
{
"name": "HTTPS_KEYSTORE",
@@ -590,26 +556,56 @@
"value": "${HTTPS_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
}
]
}
],
"volumes": [
{
- "name": "processserver-keystore-volume",
+ "name": "eap-keystore-volume",
"secret": {
"secretName": "${HTTPS_SECRET}"
}
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-s2i.json
index f62358ad8..2ba4aef14 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap70-postgresql-s2i.json
@@ -3,71 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 PostgreSQL applications built using S2I.",
+ "description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
+ "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
"version": "1.3.0"
},
- "name": "processserver62-postgresql-s2i"
+ "name": "eap70-postgresql-s2i"
},
"labels": {
- "template": "processserver62-postgresql-s2i",
+ "template": "eap70-postgresql-s2i",
"xpaas": "1.3.0"
},
"parameters": [
{
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
"description": "The name for the application.",
"name": "APPLICATION_NAME",
- "value": "kie-app",
+ "value": "eap-app",
"required": true
},
{
@@ -91,19 +42,19 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.3",
"required": false
},
{
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
- "value": "processserver/library",
+ "value": "todolist/todolist-jdbc",
"required": false
},
{
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
+ "value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
@@ -114,20 +65,20 @@
},
{
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
+ "value": "eap7-app-secret",
"required": false
},
{
@@ -139,30 +90,16 @@
{
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
- "value": "jboss",
+ "value": "",
"required": false
},
{
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
+ "value": "",
"required": false
},
{
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
@@ -188,8 +125,22 @@
"required": false
},
{
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
+ "description": "ActiveMQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
@@ -213,6 +164,37 @@
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
}
],
"objects": [
@@ -362,17 +344,11 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -449,7 +425,7 @@
}
},
"spec": {
- "serviceAccount": "processserver-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
@@ -458,8 +434,13 @@
"imagePullPolicy": "Always",
"volumeMounts": [
{
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
"readOnly": true
}
],
@@ -496,42 +477,15 @@
"name": "https",
"containerPort": 8443,
"protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
}
],
"env": [
{
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
"name": "DB_SERVICE_PREFIX_MAPPING",
"value": "${APPLICATION_NAME}-postgresql=DB"
},
@@ -568,8 +522,20 @@
"value": "${DB_TX_ISOLATION}"
},
{
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
+ "value": "/etc/eap-secret-volume"
},
{
"name": "HTTPS_KEYSTORE",
@@ -584,26 +550,56 @@
"value": "${HTTPS_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
}
]
}
],
"volumes": [
{
- "name": "processserver-keystore-volume",
+ "name": "eap-keystore-volume",
"secret": {
"secretName": "${HTTPS_SECRET}"
}
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json
index e7bbd1154..0090d4090 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -314,7 +314,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 3a3ca8e24..f0abc9b24 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index b3fd295b9..dc43fbea3 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -401,7 +401,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index b0b2f5ec4..6d02c7487 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -410,7 +410,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index e48276f1b..cb23d32a7 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -404,7 +404,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index d7876d066..82096ab12 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -395,7 +395,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index 5c1bdf6d5..6c2e42564 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -389,7 +389,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json
index a20518cbc..7a5414fd7 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -314,7 +314,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 46b99593d..020c32d31 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index c01b6888a..48371db95 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -401,7 +401,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index ebe1dc6af..b1e847c60 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -410,7 +410,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index fe068842a..ca501102f 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -404,7 +404,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 302a55315..9050874ab 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -395,7 +395,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index af2415905..dba4d8b26 100644
--- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -389,7 +389,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"containers": [
{
"name": "${APPLICATION_NAME}",
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-basic.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-basic.json
new file mode 100644
index 000000000..7f320bace
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-basic.json
@@ -0,0 +1,446 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,java,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-basic"
+ },
+ "labels": {
+ "template": "sso70-basic",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-basic"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-basic",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql-persistent.json
new file mode 100644
index 000000000..dc8bd740e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql-persistent.json
@@ -0,0 +1,658 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso70-mysql-persistent",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql.json
new file mode 100644
index 000000000..029dcee54
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-mysql.json
@@ -0,0 +1,627 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-mysql"
+ },
+ "labels": {
+ "template": "sso70-mysql",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql-persistent.json
new file mode 100644
index 000000000..bad7e49b2
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql-persistent.json
@@ -0,0 +1,631 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso70-postgresql-persistent",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql.json
new file mode 100644
index 000000000..08257d192
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/sso70-postgresql.json
@@ -0,0 +1,600 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-postgresql"
+ },
+ "labels": {
+ "template": "sso70-postgresql",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.2/xpaas-streams/jboss-image-streams.json
index 26e4ef6d8..6ad192d9a 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-streams/jboss-image-streams.json
@@ -114,6 +114,19 @@
"sampleRef": "6.4.x",
"version": "1.2"
}
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.3"
+ }
}
]
}
@@ -122,35 +135,25 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-eap70-openshift"
},
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
"tags": [
{
- "name": "1.2",
+ "name": "1.3-Beta",
"annotations": {
- "description": "Decision Server 6.2 S2I images.",
+ "description": "JBoss EAP 7.0 Beta S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
- "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "sampleContextDir": "decisionserver/hellorules",
- "sampleRef": "1.2",
- "version": "1.2"
- }
- },
- {
- "name": "1.3",
- "annotations": {
- "description": "Decision Server 6.2 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.3",
- "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "sampleContextDir": "decisionserver/hellorules",
- "sampleRef": "master",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.x",
"version": "1.3"
+ },
+ "from": {
+ "Kind": "DockerImage",
+ "Name": "registry.access.redhat.com/jboss-eap-7-beta/eap70-openshift:1.3"
}
}
]
@@ -160,22 +163,22 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver62-openshift"
+ "name": "jboss-decisionserver62-openshift"
},
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver62-openshift",
+ "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
"tags": [
{
- "name": "1.3",
+ "name": "1.2",
"annotations": {
- "description": "Intelligent Process Server 6.2 S2I images.",
+ "description": "Decision Server 6.2 S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.2,java:8,xpaas:1.3",
+ "tags": "builder,decisionserver,java,xpaas",
+ "supports":"decisionserver:6.2,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "sampleContextDir": "processserver/library",
- "sampleRef": "master",
- "version": "1.3"
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.2",
+ "version": "1.2"
}
}
]
@@ -234,6 +237,34 @@
}
]
}
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso70-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.0"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3-TP",
+ "annotations": {
+ "description": "Red Hat SSO 7.0 Tech Preview",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports":"sso:7.0,xpaas:1.3",
+ "version": "1.3"
+ },
+ "from": {
+ "Kind": "DockerImage",
+ "Name": "registry.access.redhat.com/redhat-sso-7-tech-preview/sso70-openshift:1.3"
+ }
+ }
+ ]
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-persistent-ssl.json
index 0755fef45..9759ed7c7 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-persistent-ssl.json
@@ -340,7 +340,7 @@
}
},
"spec": {
- "serviceAccount": "amq-service-account",
+ "serviceAccountName": "amq-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-ssl.json
index ced360b09..fdf0da9c3 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/amq62-ssl.json
@@ -340,7 +340,7 @@
}
},
"spec": {
- "serviceAccount": "amq-service-account",
+ "serviceAccountName": "amq-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-https.json
index 033e70063..639ac2e11 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-https.json
@@ -322,7 +322,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql-persistent.json
index 05bc7c236..22ca3f0a0 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql-persistent.json
@@ -418,7 +418,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql.json
index 1856c8dc2..e1a585d24 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-mysql.json
@@ -412,7 +412,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql-persistent.json
index 10d0f77ce..d0e272a8d 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -403,7 +403,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql.json
index 9dd378f92..55a68db40 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/datagrid65-postgresql.json
@@ -397,7 +397,7 @@
}
},
"spec": {
- "serviceAccount": "datagrid-service-account",
+ "serviceAccountName": "datagrid-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-amq-s2i.json
index 432fa9ebb..2e8276adb 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-amq-s2i.json
@@ -6,19 +6,19 @@
"description": "Application template for BRMS Realtime Decision Server 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
"tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.0"
+ "version": "1.2.0"
},
"name": "decisionserver62-amq-s2i"
},
"labels": {
"template": "decisionserver62-amq-s2i",
- "xpaas": "1.3.0"
+ "xpaas": "1.2.0"
},
"parameters": [
{
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.3.0-SNAPSHOT",
+ "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
@@ -73,7 +73,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.2",
"required": false
},
{
@@ -336,7 +336,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.3"
+ "name": "jboss-decisionserver62-openshift:1.2"
}
}
},
@@ -413,7 +413,7 @@
}
},
"spec": {
- "serviceAccount": "decisionserver-service-account",
+ "serviceAccountName": "decisionserver-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-basic-s2i.json
index a4dc1e302..097720375 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-basic-s2i.json
@@ -6,19 +6,19 @@
"description": "Application template for BRMS Realtime Decision Server 6 applications built using S2I.",
"iconClass": "icon-jboss",
"tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.0"
+ "version": "1.2.0"
},
"name": "decisionserver62-basic-s2i"
},
"labels": {
"template": "decisionserver62-basic-s2i",
- "xpaas": "1.3.0"
+ "xpaas": "1.2.0"
},
"parameters": [
{
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.3.0-SNAPSHOT",
+ "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
@@ -55,7 +55,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.2",
"required": false
},
{
@@ -190,7 +190,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.3"
+ "name": "jboss-decisionserver62-openshift:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-https-s2i.json
index c6910ae18..e5e2dee63 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/decisionserver62-https-s2i.json
@@ -6,19 +6,19 @@
"description": "Application template for BRMS Realtime Decision Server 6 HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
"tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.0"
+ "version": "1.2.0"
},
"name": "decisionserver62-https-s2i"
},
"labels": {
"template": "decisionserver62-https-s2i",
- "xpaas": "1.3.0"
+ "xpaas": "1.2.0"
},
"parameters": [
{
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.3.0-SNAPSHOT",
+ "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
@@ -73,7 +73,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "master",
+ "value": "1.2",
"required": false
},
{
@@ -279,7 +279,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.3"
+ "name": "jboss-decisionserver62-openshift:1.2"
}
}
},
@@ -356,7 +356,7 @@
}
},
"spec": {
- "serviceAccount": "decisionserver-service-account",
+ "serviceAccountName": "decisionserver-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-persistent-s2i.json
index 4b38dade3..4485fd264 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -413,7 +413,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-s2i.json
index d321af9c9..72d8c061b 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-amq-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-https-s2i.json
index 54514cb6b..2517be3ca 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-https-s2i.json
@@ -350,7 +350,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-persistent-s2i.json
index c958bb1c4..97cc465d2 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -443,7 +443,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-s2i.json
index 6c14dfaa0..8bdd85546 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mongodb-s2i.json
@@ -437,7 +437,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-persistent-s2i.json
index d2631580b..dcc591836 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -446,7 +446,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-s2i.json
index ba6a32fec..372802eea 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-mysql-s2i.json
@@ -440,7 +440,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 670260769..1ba00e3b5 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -431,7 +431,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-s2i.json
index 822731335..860374d3c 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-postgresql-s2i.json
@@ -425,7 +425,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-sso-s2i.json
new file mode 100644
index 000000000..6c644553e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap64-sso-s2i.json
@@ -0,0 +1,663 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-jboss",
+ "description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
+ "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
+ "version": "1.3.0"
+ },
+ "name": "eap64-sso-s2i"
+ },
+ "labels": {
+ "template": "eap64-sso-s2i",
+ "xpaas": "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/keycloak/keycloak-examples",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "0.4-openshift",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "SSO Location",
+ "name": "SSO_URI",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "description": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "demo",
+ "required": false
+ },
+ {
+ "description": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Routes",
+ "name": "APPLICATION_ROUTES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Artifacts",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee/target,service-jaxrs/target,app-profile-jee/target,app-profile-jee-saml/target",
+ "required": false
+ },
+ {
+ "description": "maven",
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "/etc/sso-saml-secret-volume/keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "eap-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_URI",
+ "value": "${SSO_URI}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "APPLICATION_ROUTES",
+ "value": "${APPLICATION_ROUTES}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-basic-s2i.json
index f704adce9..7dbf0eefa 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-basic-s2i.json
@@ -172,7 +172,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-https-s2i.json
index ca3d7146f..19ef56ca6 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-https-s2i.json
@@ -273,7 +273,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -350,7 +350,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 00ddf7472..c48dcbd91 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -366,7 +366,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -443,7 +443,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-s2i.json
index cf2b1a86c..b499f3132 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mongodb-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -360,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -437,7 +437,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-persistent-s2i.json
index a12fec8fb..8eefa7855 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -369,7 +369,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -446,7 +446,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-s2i.json
index 02721375a..47aed69c9 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-mysql-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -363,7 +363,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -440,7 +440,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-persistent-s2i.json
index 7a9530355..8c74255bf 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -354,7 +354,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -431,7 +431,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-s2i.json
index 4e85853f6..2ba4aef14 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/eap70-postgresql-s2i.json
@@ -42,7 +42,7 @@
{
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
+ "value": "1.3",
"required": false
},
{
@@ -348,7 +348,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.2"
+ "name": "jboss-eap70-openshift:1.3-Beta"
}
}
},
@@ -425,7 +425,7 @@
}
},
"spec": {
- "serviceAccount": "eap-service-account",
+ "serviceAccountName": "eap7-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-https-s2i.json
index e7bbd1154..0090d4090 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -314,7 +314,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 3a3ca8e24..f0abc9b24 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index b3fd295b9..dc43fbea3 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -401,7 +401,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index b0b2f5ec4..6d02c7487 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -410,7 +410,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index e48276f1b..cb23d32a7 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -404,7 +404,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index d7876d066..82096ab12 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -395,7 +395,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index 5c1bdf6d5..6c2e42564 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -389,7 +389,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-https-s2i.json
index a20518cbc..7a5414fd7 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -314,7 +314,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 46b99593d..020c32d31 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -407,7 +407,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index c01b6888a..48371db95 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -401,7 +401,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index ebe1dc6af..b1e847c60 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -410,7 +410,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index fe068842a..ca501102f 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -404,7 +404,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 302a55315..9050874ab 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -395,7 +395,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"terminationGracePeriodSeconds": 60,
"containers": [
{
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index af2415905..dba4d8b26 100644
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -389,7 +389,7 @@
}
},
"spec": {
- "serviceAccount": "jws-service-account",
+ "serviceAccountName": "jws-service-account",
"containers": [
{
"name": "${APPLICATION_NAME}",
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-persistent-s2i.json
deleted file mode 100644
index 348b2a201..000000000
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-persistent-s2i.json
+++ /dev/null
@@ -1,982 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 AMQ and MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.0"
- },
- "name": "processserver62-amq-mysql-persistent-s2i"
- },
- "labels": {
- "template": "processserver62-amq-mysql-persistent-s2i",
- "xpaas": "1.3.0"
- },
- "parameters": [
- {
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "master",
- "required": false
- },
- {
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "User name for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Password for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccount": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.2"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "AMQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "AMQ_ADMIN_USERNAME",
- "value": "${AMQ_ADMIN_USERNAME}"
- },
- {
- "name": "AMQ_ADMIN_PASSWORD",
- "value": "${AMQ_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-s2i.json
deleted file mode 100644
index e694f726d..000000000
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-mysql-s2i.json
+++ /dev/null
@@ -1,942 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 AMQ and MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.0"
- },
- "name": "processserver62-amq-mysql-s2i"
- },
- "labels": {
- "template": "processserver62-amq-mysql-s2i",
- "xpaas": "1.3.0"
- },
- "parameters": [
- {
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "master",
- "required": false
- },
- {
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "User name for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Password for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccount": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.2"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "AMQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "AMQ_ADMIN_USERNAME",
- "value": "${AMQ_ADMIN_USERNAME}"
- },
- {
- "name": "AMQ_ADMIN_PASSWORD",
- "value": "${AMQ_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-persistent-s2i.json
deleted file mode 100644
index b0e365df2..000000000
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-persistent-s2i.json
+++ /dev/null
@@ -1,955 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 AMQ and PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.0"
- },
- "name": "processserver62-amq-postgresql-persistent-s2i"
- },
- "labels": {
- "template": "processserver62-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.0"
- },
- "parameters": [
- {
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "master",
- "required": false
- },
- {
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "User name for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Password for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccount": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.2"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "AMQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "AMQ_ADMIN_USERNAME",
- "value": "${AMQ_ADMIN_USERNAME}"
- },
- {
- "name": "AMQ_ADMIN_PASSWORD",
- "value": "${AMQ_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-s2i.json
deleted file mode 100644
index 2cfb84650..000000000
--- a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/processserver62-amq-postgresql-s2i.json
+++ /dev/null
@@ -1,915 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for BPMS Intelligent Process Server 6 AMQ and PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.0"
- },
- "name": "processserver62-amq-postgresql-s2i"
- },
- "labels": {
- "template": "processserver62-amq-postgresql-s2i",
- "xpaas": "1.3.0"
- },
- "parameters": [
- {
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "LibraryContainer=org.openshift.quickstarts:processserver-library:1.3.0-SNAPSHOT",
- "required": false
- },
- {
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "master",
- "required": false
- },
- {
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.EXECUTOR",
- "required": false
- },
- {
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "description": "User name for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Password for broker admin. If left empty, it will be generated.",
- "name": "AMQ_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver62-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccount": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.2"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "AMQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "AMQ_ADMIN_USERNAME",
- "value": "${AMQ_ADMIN_USERNAME}"
- },
- {
- "name": "AMQ_ADMIN_PASSWORD",
- "value": "${AMQ_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-basic.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-basic.json
new file mode 100644
index 000000000..7f320bace
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-basic.json
@@ -0,0 +1,446 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,java,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-basic"
+ },
+ "labels": {
+ "template": "sso70-basic",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-basic"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-basic",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql-persistent.json
new file mode 100644
index 000000000..dc8bd740e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql-persistent.json
@@ -0,0 +1,658 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso70-mysql-persistent",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql.json
new file mode 100644
index 000000000..029dcee54
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-mysql.json
@@ -0,0 +1,627 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-mysql"
+ },
+ "labels": {
+ "template": "sso70-mysql",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql-persistent.json
new file mode 100644
index 000000000..bad7e49b2
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql-persistent.json
@@ -0,0 +1,631 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso70-postgresql-persistent",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql.json
new file mode 100644
index 000000000..08257d192
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.2/xpaas-templates/sso70-postgresql.json
@@ -0,0 +1,600 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.0 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
+ "version" : "1.3"
+ },
+ "name": "sso70-postgresql"
+ },
+ "labels": {
+ "template": "sso70-postgresql",
+ "xpaas" : "1.3.0"
+ },
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso70-openshift:1.3-TP"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "sso-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "EAP_HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "EAP_HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "EAP_HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index e8dd09a30..32e608e86 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -837,6 +837,25 @@ def set_sdn_facts_if_unset(facts, system_facts):
return facts
+def migrate_oauth_template_facts(facts):
+ """
+ Migrate an old oauth template fact to a newer format if it's present.
+
+ The legacy 'oauth_template' fact was just a filename, and assumed you were
+ setting the 'login' template.
+
+ The new pluralized 'oauth_templates' fact is a dict mapping the template
+ name to a filename.
+
+ Simplify the code after this by merging the old fact into the new.
+ """
+ if 'master' in facts and 'oauth_template' in facts['master']:
+ if 'oauth_templates' not in facts['master']:
+ facts['master']['oauth_templates'] = {"login": facts['master']['oauth_template']}
+ elif 'login' not in facts['master']['oauth_templates']:
+ facts['master']['oauth_templates']['login'] = facts['master']['oauth_template']
+ return facts
+
def format_url(use_ssl, hostname, port, path=''):
""" Format url based on ssl flag, hostname, port and path
@@ -1121,12 +1140,21 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
"""
additive_facts = ['named_certificates']
protected_facts = ['ha', 'master_count']
+
+ # Facts we do not ever want to merge. These originate in inventory variables
+ # and typically contain JSON dicts. We don't ever want to trigger a merge
+ # here, just completely overwrite with the new if they are present there.
+ overwrite_facts = ['admission_plugin_config',
+ 'kube_admission_plugin_config']
+
facts = dict()
for key, value in orig.iteritems():
# Key exists in both old and new facts.
if key in new:
+ if key in overwrite_facts:
+ facts[key] = copy.deepcopy(new[key])
# Continue to recurse if old and new fact is a dictionary.
- if isinstance(value, dict) and isinstance(new[key], dict):
+ elif isinstance(value, dict) and isinstance(new[key], dict):
# Collect the subset of additive facts to overwrite if
# key matches. These will be passed to the subsequent
# merge_facts call.
@@ -1444,6 +1472,7 @@ class OpenShiftFacts(object):
local_facts,
additive_facts_to_overwrite,
protected_facts_to_overwrite)
+ facts = migrate_oauth_template_facts(facts)
facts['current_config'] = get_current_config(facts)
facts = set_url_facts_if_unset(facts)
facts = set_project_cfg_facts_if_unset(facts)
diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml
index a2eb27fbb..36def57c8 100644
--- a/roles/openshift_facts/tasks/main.yml
+++ b/roles/openshift_facts/tasks/main.yml
@@ -15,7 +15,7 @@
- set_fact:
l_is_atomic: "{{ ostree_output.rc == 0 }}"
- set_fact:
- l_is_containerized: "{{ l_is_atomic or containerized | default(false) | bool }}"
+ l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}"
- name: Ensure PyYaml is installed
action: "{{ ansible_pkg_mgr }} name=PyYAML state=present"
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 1f74d851a..afc81a414 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -28,3 +28,5 @@ os_firewall_deny:
port: 8080/tcp
- service: former etcd peer port
port: 7001/tcp
+
+openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}"
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index 8ae6bc371..7ab913eea 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -12,6 +12,7 @@ galaxy_info:
categories:
- cloud
dependencies:
+- role: openshift_docker
- role: openshift_cli
- role: openshift_cloud_provider
- role: openshift_master_facts
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 813a58d60..e89fdc0ce 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -1,3 +1,10 @@
+admissionConfig:
+{% if 'admission_plugin_order' in openshift.master %}
+ pluginOrderOverride:{{ openshift.master.admission_plugin_order | to_padded_yaml(level=2) }}
+{% endif %}
+{% if 'admission_plugin_config' in openshift.master %}
+ pluginConfig:{{ openshift.master.admission_plugin_config | to_padded_yaml(level=2) }}
+{% endif %}
apiLevels:
{% if not openshift.common.version_gte_3_1_or_1_1 | bool %}
- v1beta3
@@ -96,6 +103,13 @@ kubernetesMasterConfig:
- v1beta3
- v1
{% endif %}
+ admissionConfig:
+{% if 'kube_admission_plugin_order' in openshift.master %}
+ pluginOrderOverride:{{ openshift.master.kube_admission_plugin_order | to_padded_yaml(level=3) }}
+{% endif %}
+{% if 'kube_admission_plugin_config' in openshift.master %}
+ pluginConfig:{{ openshift.master.kube_admission_plugin_config | to_padded_yaml(level=3) }}
+{% endif %}
apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }}
controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }}
masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }}
@@ -123,9 +137,11 @@ networkConfig:
# serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet
serviceNetworkCIDR: {{ openshift.master.portal_net }}
oauthConfig:
-{% if 'oauth_template' in openshift.master %}
- templates:
- login: {{ openshift.master.oauth_template }}
+{% if 'oauth_always_show_provider_selection' in openshift.master %}
+ alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }}
+{% endif %}
+{% if 'oauth_templates' in openshift.master %}
+ templates:{{ openshift.master.oauth_templates | to_padded_yaml(level=2) }}
{% endif %}
assetPublicURL: {{ openshift.master.public_console_url }}/
grantConfig:
diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml
index 198f9235d..7c1d5a212 100644
--- a/roles/openshift_master/vars/main.yml
+++ b/roles/openshift_master/vars/main.yml
@@ -6,7 +6,6 @@ loopback_context_string: "current-context: {{ openshift.master.loopback_context_
openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json"
openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml"
openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
-openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}"
scheduler_config:
kind: Policy
diff --git a/roles/openshift_master_cluster/tasks/main.yml b/roles/openshift_master_cluster/tasks/main.yml
index 40705d357..0543872c9 100644
--- a/roles/openshift_master_cluster/tasks/main.yml
+++ b/roles/openshift_master_cluster/tasks/main.yml
@@ -3,6 +3,10 @@
msg: "Not possible on atomic hosts for now"
when: openshift.common.is_containerized | bool
+- fail:
+ msg: "Pacemaker HA is unsupported on OpenShift Enterprise 3.2 and Origin 1.2"
+ when: openshift.master.cluster_method == "pacemaker" and openshift.common.version_gte_3_2_or_1_2 | bool
+
- name: Test if cluster is already configured
command: pcs status
register: pcs_status
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index 2a3e38af4..f43b8c59d 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -65,3 +65,10 @@
master_image: "{{ osm_image | default(None) }}"
scheduler_predicates: "{{ openshift_master_scheduler_predicates | default(None) }}"
scheduler_priorities: "{{ openshift_master_scheduler_priorities | default(None) }}"
+ admission_plugin_order: "{{openshift_master_admission_plugin_order | default(None) }}"
+ admission_plugin_config: "{{openshift_master_admission_plugin_config | default(None) }}"
+ kube_admission_plugin_order: "{{openshift_master_kube_admission_plugin_order | default(None) }}"
+ kube_admission_plugin_config: "{{openshift_master_kube_admission_plugin_config | default(None) }}"
+ oauth_template: "{{ openshift_master_oauth_template | default(None) }}" # deprecated in origin 1.2 / OSE 3.2
+ oauth_templates: "{{ openshift_master_oauth_templates | default(None) }}"
+ oauth_always_show_provider_selection: "{{ openshift_master_oauth_always_show_provider_selection | default(None) }}"
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index fffbf2994..c4f718bfb 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -13,3 +13,4 @@ os_firewall_allow:
- service: OpenShift OVS sdn
port: 4789/udp
when: openshift.node.use_openshift_sdn | bool
+openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}"
diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml
index 28582baf1..77a9694de 100644
--- a/roles/openshift_node/vars/main.yml
+++ b/roles/openshift_node/vars/main.yml
@@ -1,4 +1,3 @@
---
openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml"
-openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}"
diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml
index 8dbe0d0d6..ec953c79b 100644
--- a/roles/os_zabbix/vars/template_heartbeat.yml
+++ b/roles/os_zabbix/vars/template_heartbeat.yml
@@ -11,3 +11,8 @@ g_template_heartbeat:
expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1'
priority: avg
url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc'
+
+ - name: 'Heartbeat.ping has failed (60 min) on {HOST.NAME}'
+ expression: '{Template Heartbeat:heartbeat.ping.nodata(60m)}=1'
+ priority: high
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc'
diff --git a/test/env-setup b/test/env-setup
index b05df0f9e..7456a641b 100644
--- a/test/env-setup
+++ b/test/env-setup
@@ -2,7 +2,7 @@
CUR_PATH=$(pwd)
-PREFIX_PYTHONPATH=$CUR_PATH/inventory/:$CUR_PATH/roles/lib_yaml_editor/build/src
+PREFIX_PYTHONPATH=$CUR_PATH/inventory/:$CUR_PATH/roles/lib_yaml_editor/library
export PYTHONPATH=$PREFIX_PYTHONPATH:$PYTHONPATH
diff --git a/test/units/yedit_test.py b/test/units/yedit_test.py
index e701cfa7c..09a65e888 100755
--- a/test/units/yedit_test.py
+++ b/test/units/yedit_test.py
@@ -16,7 +16,7 @@ class YeditTest(unittest.TestCase):
Test class for yedit
'''
data = {'a': 'a',
- 'b': {'c': {'d': ['e', 'f', 'g']}},
+ 'b': {'c': {'d': [{'e': 'x'}, 'f', 'g']}},
}
filename = 'yedit_test.yml'
@@ -27,10 +27,9 @@ class YeditTest(unittest.TestCase):
yed.yaml_dict = YeditTest.data
yed.write()
- def test_get(self):
+ def test_load(self):
''' Testing a get '''
yed = Yedit('yedit_test.yml')
-
self.assertEqual(yed.yaml_dict, self.data)
def test_write(self):
@@ -38,7 +37,6 @@ class YeditTest(unittest.TestCase):
yed = Yedit('yedit_test.yml')
yed.put('key1', 1)
yed.write()
- yed.get()
self.assertTrue(yed.yaml_dict.has_key('key1'))
self.assertEqual(yed.yaml_dict['key1'], 1)
@@ -47,14 +45,15 @@ class YeditTest(unittest.TestCase):
yed = Yedit('yedit_test.yml')
yed.put('x.y.z', 'modified')
yed.write()
- self.assertEqual(Yedit.get_entry(yed.get(), 'x.y.z'), 'modified')
+ yed.load()
+ self.assertEqual(yed.get('x.y.z'), 'modified')
def test_delete_a(self):
'''Testing a simple delete '''
yed = Yedit('yedit_test.yml')
yed.delete('a')
yed.write()
- yed.get()
+ yed.load()
self.assertTrue(not yed.yaml_dict.has_key('a'))
def test_delete_b_c(self):
@@ -62,7 +61,7 @@ class YeditTest(unittest.TestCase):
yed = Yedit('yedit_test.yml')
yed.delete('b.c')
yed.write()
- yed.get()
+ yed.load()
self.assertTrue(yed.yaml_dict.has_key('b'))
self.assertFalse(yed.yaml_dict['b'].has_key('c'))
@@ -72,7 +71,7 @@ class YeditTest(unittest.TestCase):
yed = Yedit('yedit_test.yml')
yed.create('foo', 'bar')
yed.write()
- yed.get()
+ yed.load()
self.assertTrue(yed.yaml_dict.has_key('foo'))
self.assertTrue(yed.yaml_dict['foo'] == 'bar')
@@ -81,10 +80,61 @@ class YeditTest(unittest.TestCase):
content = {"foo": "bar"}
yed = Yedit("yedit_test.yml", content)
yed.write()
- yed.get()
+ yed.load()
self.assertTrue(yed.yaml_dict.has_key('foo'))
self.assertTrue(yed.yaml_dict['foo'], 'bar')
+ def test_array_insert(self):
+ '''Testing a create with content '''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', 'inject')
+ self.assertTrue(yed.get('b.c.d[0]') == 'inject')
+
+ def test_array_insert_first_index(self):
+ '''Testing a create with content '''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', 'inject')
+ self.assertTrue(yed.get('b.c.d[1]') == 'f')
+
+ def test_array_insert_second_index(self):
+ '''Testing a create with content '''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', 'inject')
+ self.assertTrue(yed.get('b.c.d[2]') == 'g')
+
+ def test_dict_array_dict_access(self):
+ '''Testing a create with content'''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', [{'x': {'y': 'inject'}}])
+ self.assertTrue(yed.get('b.c.d[0].[0].x.y') == 'inject')
+
+ def test_dict_array_dict_replace(self):
+ '''Testing multilevel delete'''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', [{'x': {'y': 'inject'}}])
+ yed.put('b.c.d[0].[0].x.y', 'testing')
+ self.assertTrue(yed.yaml_dict.has_key('b'))
+ self.assertTrue(yed.yaml_dict['b'].has_key('c'))
+ self.assertTrue(yed.yaml_dict['b']['c'].has_key('d'))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'], list))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0], list))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0][0], dict))
+ self.assertTrue(yed.yaml_dict['b']['c']['d'][0][0]['x'].has_key('y'))
+ self.assertTrue(yed.yaml_dict['b']['c']['d'][0][0]['x']['y'], 'testing')
+
+ def test_dict_array_dict_remove(self):
+ '''Testing multilevel delete'''
+ yed = Yedit("yedit_test.yml")
+ yed.put('b.c.d[0]', [{'x': {'y': 'inject'}}])
+ yed.delete('b.c.d[0].[0].x.y')
+ self.assertTrue(yed.yaml_dict.has_key('b'))
+ self.assertTrue(yed.yaml_dict['b'].has_key('c'))
+ self.assertTrue(yed.yaml_dict['b']['c'].has_key('d'))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'], list))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0], list))
+ self.assertTrue(isinstance(yed.yaml_dict['b']['c']['d'][0][0], dict))
+ self.assertFalse(yed.yaml_dict['b']['c']['d'][0][0]['x'].has_key('y'))
+
def tearDown(self):
'''TearDown method'''
os.unlink(YeditTest.filename)
diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py
index 50a688eca..dd9d517f1 100644
--- a/utils/src/ooinstall/cli_installer.py
+++ b/utils/src/ooinstall/cli_installer.py
@@ -862,8 +862,10 @@ def upgrade(ctx, latest_minor, next_major):
@click.command()
@click.option('--force', '-f', is_flag=True, default=False)
+@click.option('--gen-inventory', is_flag=True, default=False,
+ help="Generate an ansible inventory file and exit.")
@click.pass_context
-def install(ctx, force):
+def install(ctx, force, gen_inventory):
oo_cfg = ctx.obj['oo_cfg']
verbose = ctx.obj['verbose']
@@ -886,7 +888,6 @@ def install(ctx, force):
hosts_to_run_on, callback_facts = get_hosts_to_run_on(
oo_cfg, callback_facts, ctx.obj['unattended'], force, verbose)
- click.echo('Writing config to: %s' % oo_cfg.config_path)
# We already verified this is not the case for unattended installs, so this can
# only trigger for live CLI users:
@@ -896,7 +897,18 @@ def install(ctx, force):
if len(oo_cfg.calc_missing_facts()) > 0:
confirm_hosts_facts(oo_cfg, callback_facts)
+ # Write quick installer config file to disk:
oo_cfg.save_to_disk()
+ # Write ansible inventory file to disk:
+ inventory_file = openshift_ansible.generate_inventory(hosts_to_run_on)
+
+ click.echo()
+ click.echo('Wrote atomic-openshift-installer config: %s' % oo_cfg.config_path)
+ click.echo("Wrote ansible inventory: %s" % inventory_file)
+ click.echo()
+
+ if gen_inventory:
+ sys.exit(0)
click.echo('Ready to run installation process.')
message = """
@@ -905,8 +917,8 @@ If changes are needed please edit the config file above and re-run.
if not ctx.obj['unattended']:
confirm_continue(message)
- error = openshift_ansible.run_main_playbook(oo_cfg.hosts,
- hosts_to_run_on, verbose)
+ error = openshift_ansible.run_main_playbook(inventory_file, oo_cfg.hosts,
+ hosts_to_run_on, verbose)
if error:
# The bootstrap script will print out the log location.
message = """
diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py
index c9498542f..0f1f5caf7 100644
--- a/utils/src/ooinstall/oo_config.py
+++ b/utils/src/ooinstall/oo_config.py
@@ -198,7 +198,7 @@ class OOConfig(object):
self.settings['ansible_ssh_user'] = ''
self.settings['ansible_inventory_path'] = \
- '{}/hosts'.format(self.settings['ansible_inventory_directory'])
+ '{}/hosts'.format(os.path.dirname(self.config_path))
# clean up any empty sets
for setting in self.settings.keys():
diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py
index 6e43eac9f..28b157e8e 100644
--- a/utils/src/ooinstall/openshift_ansible.py
+++ b/utils/src/ooinstall/openshift_ansible.py
@@ -213,9 +213,8 @@ def default_facts(hosts, verbose=False):
return load_system_facts(inventory_file, os_facts_path, facts_env, verbose)
-def run_main_playbook(hosts, hosts_to_run_on, verbose=False):
+def run_main_playbook(inventory_file, hosts, hosts_to_run_on, verbose=False):
global CFG
- inventory_file = generate_inventory(hosts_to_run_on)
if len(hosts_to_run_on) != len(hosts):
main_playbook_path = os.path.join(CFG.ansible_playbook_directory,
'playbooks/byo/openshift-node/scaleup.yml')
diff --git a/utils/test/cli_installer_tests.py b/utils/test/cli_installer_tests.py
index 784a30830..524df08c4 100644
--- a/utils/test/cli_installer_tests.py
+++ b/utils/test/cli_installer_tests.py
@@ -1,6 +1,6 @@
# TODO: Temporarily disabled due to importing old code into openshift-ansible
# repo. We will work on these over time.
-# pylint: disable=bad-continuation,missing-docstring,no-self-use,invalid-name
+# pylint: disable=bad-continuation,missing-docstring,no-self-use,invalid-name,too-many-lines
import copy
import os
@@ -403,7 +403,7 @@ class UnattendedCliTests(OOCliFixture):
self.assert_result(result, 0)
load_facts_args = load_facts_mock.call_args[0]
- self.assertEquals(os.path.join(self.work_dir, ".ansible/hosts"),
+ self.assertEquals(os.path.join(self.work_dir, "hosts"),
load_facts_args[0])
self.assertEquals(os.path.join(self.work_dir,
"playbooks/byo/openshift_facts.yml"), load_facts_args[1])
@@ -417,8 +417,8 @@ class UnattendedCliTests(OOCliFixture):
env_vars['ANSIBLE_CONFIG'] == cli.DEFAULT_ANSIBLE_CONFIG)
# Make sure we ran on the expected masters and nodes:
- hosts = run_playbook_mock.call_args[0][0]
- hosts_to_run_on = run_playbook_mock.call_args[0][1]
+ hosts = run_playbook_mock.call_args[0][1]
+ hosts_to_run_on = run_playbook_mock.call_args[0][2]
self.assertEquals(3, len(hosts))
self.assertEquals(3, len(hosts_to_run_on))
@@ -441,7 +441,7 @@ class UnattendedCliTests(OOCliFixture):
# Check the inventory file looks as we would expect:
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
self.assertEquals('bob',
inventory.get('OSEv3:vars', 'ansible_ssh_user'))
self.assertEquals('openshift-enterprise',
@@ -484,7 +484,7 @@ class UnattendedCliTests(OOCliFixture):
# Make sure the correct value was passed to ansible:
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
self.assertEquals('openshift-enterprise',
inventory.get('OSEv3:vars', 'deployment_type'))
@@ -512,7 +512,7 @@ class UnattendedCliTests(OOCliFixture):
self.assertEquals('3.0', written_config['variant_version'])
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
self.assertEquals('enterprise',
inventory.get('OSEv3:vars', 'deployment_type'))
@@ -625,8 +625,8 @@ class UnattendedCliTests(OOCliFixture):
self.assert_result(result, 0)
# Make sure we ran on the expected masters and nodes:
- hosts = run_playbook_mock.call_args[0][0]
- hosts_to_run_on = run_playbook_mock.call_args[0][1]
+ hosts = run_playbook_mock.call_args[0][1]
+ hosts_to_run_on = run_playbook_mock.call_args[0][2]
self.assertEquals(6, len(hosts))
self.assertEquals(6, len(hosts_to_run_on))
@@ -695,8 +695,8 @@ class UnattendedCliTests(OOCliFixture):
self.assert_result(result, 0)
# Make sure we ran on the expected masters and nodes:
- hosts = run_playbook_mock.call_args[0][0]
- hosts_to_run_on = run_playbook_mock.call_args[0][1]
+ hosts = run_playbook_mock.call_args[0][1]
+ hosts_to_run_on = run_playbook_mock.call_args[0][2]
self.assertEquals(6, len(hosts))
self.assertEquals(6, len(hosts_to_run_on))
@@ -733,13 +733,13 @@ class AttendedCliTests(OOCliFixture):
self._verify_config_hosts(written_config, 3)
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
- self.assertEquals('False',
- inventory.get('nodes', '10.0.0.1 openshift_schedulable'))
- self.assertEquals(None,
- inventory.get('nodes', '10.0.0.2'))
- self.assertEquals(None,
- inventory.get('nodes', '10.0.0.3'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.1',
+ 'openshift_schedulable=False')
+ self.assert_inventory_host_var_unset(inventory, 'nodes', '10.0.0.2',
+ 'openshift_schedulable')
+ self.assert_inventory_host_var_unset(inventory, 'nodes', '10.0.0.3',
+ 'openshift_schedulable')
# interactive with config file and some installed some uninstalled hosts
@patch('ooinstall.openshift_ansible.run_main_playbook')
@@ -851,15 +851,15 @@ class AttendedCliTests(OOCliFixture):
self._verify_config_hosts(written_config, 6)
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
- self.assertEquals('False',
- inventory.get('nodes', '10.0.0.1 openshift_schedulable'))
- self.assertEquals('False',
- inventory.get('nodes', '10.0.0.2 openshift_schedulable'))
- self.assertEquals('False',
- inventory.get('nodes', '10.0.0.3 openshift_schedulable'))
- self.assertEquals(None,
- inventory.get('nodes', '10.0.0.4'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.1',
+ 'openshift_schedulable=False')
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.2',
+ 'openshift_schedulable=False')
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.3',
+ 'openshift_schedulable=False')
+ self.assert_inventory_host_var_unset(inventory, 'nodes', '10.0.0.4',
+ 'openshift_schedulable')
self.assertTrue(inventory.has_section('etcd'))
self.assertEquals(3, len(inventory.items('etcd')))
@@ -892,13 +892,50 @@ class AttendedCliTests(OOCliFixture):
self._verify_config_hosts(written_config, 5)
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
- self.assertEquals('True',
- inventory.get('nodes', '10.0.0.1 openshift_schedulable'))
- self.assertEquals('True',
- inventory.get('nodes', '10.0.0.2 openshift_schedulable'))
- self.assertEquals('True',
- inventory.get('nodes', '10.0.0.3 openshift_schedulable'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.1',
+ 'openshift_schedulable=True')
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.2',
+ 'openshift_schedulable=True')
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.3',
+ 'openshift_schedulable=True')
+
+ # Checks the inventory (as a ConfigParser) for the given host, host
+ # variable, and expected value.
+ def assert_inventory_host_var(self, inventory, section, host, variable):
+ # Config parser splits on the first "=", so we end up with:
+ # 'hostname key1' -> 'val1 key2=val2 key3=val3'
+ #
+ # Convert to something easier to test:
+ for (a, b) in inventory.items(section):
+ full_line = "%s=%s" % (a, b)
+ tokens = full_line.split()
+ if tokens[0] == host:
+ found = False
+ for token in tokens:
+ if token == variable:
+ found = True
+ continue
+ self.assertTrue("Unable to find %s in line: %s" %
+ (variable, full_line), found)
+ return
+ self.fail("unable to find host %s in inventory" % host)
+
+ def assert_inventory_host_var_unset(self, inventory, section, host, variable):
+ # Config parser splits on the first "=", so we end up with:
+ # 'hostname key1' -> 'val1 key2=val2 key3=val3'
+ #
+ # Convert to something easier to test:
+ for (a, b) in inventory.items(section):
+ full_line = "%s=%s" % (a, b)
+ tokens = full_line.split()
+ if tokens[0] == host:
+ self.assertFalse(("%s=" % variable) in full_line,
+ msg='%s host variable was set: %s' %
+ (variable, full_line))
+ return
+ self.fail("unable to find host %s in inventory" % host)
+
#interactive multimaster: attempting to use a master as the load balancer should fail:
@patch('ooinstall.openshift_ansible.run_main_playbook')
@@ -946,9 +983,9 @@ class AttendedCliTests(OOCliFixture):
self._verify_config_hosts(written_config, 1)
inventory = ConfigParser.ConfigParser(allow_no_value=True)
- inventory.read(os.path.join(self.work_dir, '.ansible/hosts'))
- self.assertEquals('True',
- inventory.get('nodes', '10.0.0.1 openshift_schedulable'))
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.1',
+ 'openshift_schedulable=True')
#interactive 3.0 install confirm no HA hints
@patch('ooinstall.openshift_ansible.run_main_playbook')
@@ -970,6 +1007,43 @@ class AttendedCliTests(OOCliFixture):
self.assertTrue("NOTE: Add a total of 3 or more Masters to perform an HA installation."
not in result.output)
+ @patch('ooinstall.openshift_ansible.run_main_playbook')
+ @patch('ooinstall.openshift_ansible.load_system_facts')
+ def test_gen_inventory(self, load_facts_mock, run_playbook_mock):
+ load_facts_mock.return_value = (MOCK_FACTS, 0)
+ run_playbook_mock.return_value = 0
+
+ cli_input = build_input(hosts=[
+ ('10.0.0.1', True, False),
+ ('10.0.0.2', False, False),
+ ('10.0.0.3', False, False)],
+ ssh_user='root',
+ variant_num=1,
+ confirm_facts='y')
+ self.cli_args.append("install")
+ self.cli_args.append("--gen-inventory")
+ result = self.runner.invoke(cli.cli, self.cli_args,
+ input=cli_input)
+ self.assert_result(result, 0)
+
+ self._verify_load_facts(load_facts_mock)
+
+ # Make sure run playbook wasn't called:
+ self.assertEquals(0, len(run_playbook_mock.mock_calls))
+
+ written_config = read_yaml(self.config_file)
+ self._verify_config_hosts(written_config, 3)
+
+ inventory = ConfigParser.ConfigParser(allow_no_value=True)
+ inventory.read(os.path.join(self.work_dir, 'hosts'))
+ self.assert_inventory_host_var(inventory, 'nodes', '10.0.0.1',
+ 'openshift_schedulable=False')
+ self.assert_inventory_host_var_unset(inventory, 'nodes', '10.0.0.2',
+ 'openshift_schedulable')
+ self.assert_inventory_host_var_unset(inventory, 'nodes', '10.0.0.3',
+ 'openshift_schedulable')
+
+
# TODO: test with config file, attended add node
# TODO: test with config file, attended new node already in config file
# TODO: test with config file, attended new node already in config file, plus manually added nodes
diff --git a/utils/test/fixture.py b/utils/test/fixture.py
index d6222dfaa..1657d8f46 100644
--- a/utils/test/fixture.py
+++ b/utils/test/fixture.py
@@ -68,7 +68,7 @@ class OOCliFixture(OOInstallFixture):
def _verify_load_facts(self, load_facts_mock):
""" Check that we ran load facts with expected inputs. """
load_facts_args = load_facts_mock.call_args[0]
- self.assertEquals(os.path.join(self.work_dir, ".ansible/hosts"),
+ self.assertEquals(os.path.join(self.work_dir, "hosts"),
load_facts_args[0])
self.assertEquals(os.path.join(self.work_dir,
"playbooks/byo/openshift_facts.yml"),
@@ -81,8 +81,8 @@ class OOCliFixture(OOInstallFixture):
def _verify_run_playbook(self, run_playbook_mock, exp_hosts_len, exp_hosts_to_run_on_len):
""" Check that we ran playbook with expected inputs. """
- hosts = run_playbook_mock.call_args[0][0]
- hosts_to_run_on = run_playbook_mock.call_args[0][1]
+ hosts = run_playbook_mock.call_args[0][1]
+ hosts_to_run_on = run_playbook_mock.call_args[0][2]
self.assertEquals(exp_hosts_len, len(hosts))
self.assertEquals(exp_hosts_to_run_on_len, len(hosts_to_run_on))
@@ -133,8 +133,8 @@ class OOCliFixture(OOInstallFixture):
self._verify_run_playbook(run_playbook_mock, exp_hosts_len, exp_hosts_to_run_on_len)
# Make sure we ran on the expected masters and nodes:
- hosts = run_playbook_mock.call_args[0][0]
- hosts_to_run_on = run_playbook_mock.call_args[0][1]
+ hosts = run_playbook_mock.call_args[0][1]
+ hosts_to_run_on = run_playbook_mock.call_args[0][2]
self.assertEquals(exp_hosts_len, len(hosts))
self.assertEquals(exp_hosts_to_run_on_len, len(hosts_to_run_on))