-
Notifications
You must be signed in to change notification settings - Fork 0
/
image.yaml
146 lines (131 loc) · 5.51 KB
/
image.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
schema_version: 1
## Both name and description are overridden, see overrides/*
name: "rh-sso-7/sso74-openshift-rhel8"
description: "Red Hat Single Sign-On 7.4 OpenShift container image, based on the Red Hat Universal Base Image 8 Minimal container image"
version: "7.4"
from: "registry.redhat.io/ubi8/ubi-minimal"
labels:
- name: "com.redhat.component"
value: "redhat-sso-7-sso74-openshift-rhel8-container"
- name: "org.jboss.product"
value: &product "sso"
- name: "org.jboss.product.version"
value: &product_version "7.4.9.GA"
- name: "org.jboss.product.sso.version"
value: *product_version
- name: "io.k8s.description"
value: "Platform for running Red Hat SSO"
- name: "io.k8s.display-name"
value: "Red Hat SSO 7.4"
- name: "io.openshift.expose-services"
value: "8080:http"
- name: "io.openshift.tags"
value: "sso,sso74,keycloak"
- name: "io.openshift.s2i.scripts-url"
value: "image:///usr/local/s2i"
envs:
- name: "JBOSS_PRODUCT"
value: *product
- name: "JBOSS_SSO_VERSION"
value: *product_version
- name: "PRODUCT_VERSION"
value: *product_version
- name: "SSO_ADMIN_USERNAME"
example: "admin"
description: "Username of the administrator account for the 'master' realm of the SSO server. Required. If no value is specified, it is auto generated and displayed as an OpenShift Instructional message when the template is instantiated."
- name: "SSO_ADMIN_PASSWORD"
example: "hardtoguess"
description: "Password of the administrator account for the 'master' realm of the SSO server. Required. If no value is specified, it is auto generated and displayed as an OpenShift Instructional message when the template is instantiated."
- name: "SSO_REALM"
example: "demo"
description: "SSO Realm created if this ENV is provided"
- name: "SSO_SERVICE_USERNAME"
example: "username"
description: "SSO Server service username with rights to create Client configurations in SSO_REALM. This user is created if this ENV is provided"
- name: "SSO_SERVICE_PASSWORD"
example: "password"
description: "Password for SSO_SERVICE_USERNAME"
- name: "SSO_TRUSTSTORE"
example: "truststore.jks"
description: "The name of the truststore file within the secret"
- name: "SSO_TRUSTSTORE_DIR"
example: "/etc/sso-secret-volume"
description: "Truststore directory"
- name: "SSO_TRUSTSTORE_PASSWORD"
example: "mykeystorepass"
description: "The password for the truststore and certificate"
- name: "SSO_TRUSTSTORE_SECRET"
example: "truststore-secret"
description: "The name of the secret containing the truststore file. Used for volume secretName"
- name: "SSO_VAULT_DIR"
example: "/etc/sso-vault-secret-volume"
description: "Directory for the secret files."
- name: "SCRIPT_DEBUG"
description: "If set to true, ensurses that the bash scripts are executed with the -x option, printing the commands and their arguments as they are executed."
example: "true"
ports:
- value: 8443
modules:
repositories:
- name: jboss-eap-modules
git:
url: https://github.com/jboss-container-images/jboss-eap-modules.git
ref: EAP_739_CR2
- name: jboss-eap-image
git:
url: https://github.com/jboss-container-images/jboss-eap-7-image.git
ref: EAP_739_CR2
- name: cct_module
git:
url: https://github.com/jboss-openshift/cct_module.git
ref: 0.39.3
- name: sso-modules
path: modules
install:
- name: bz-1769831
version: '1.0'
- name: sso-jdk
version: &jdk_version '11'
- name: eap
version: '1.0'
# RH-SSO product specific modules from modules/ path in this repository
- name: sso
- name: keycloak.openshift.clients
version: '1.0'
- name: sso.config.launch.setup.74
- name: sso.db.drivers
version: '1.0'
- name: sso.python
version: '3'
# Other common modules from the main CE cct_module repository
- name: openshift-layer
- name: keycloak-layer
# Various SSO image pre-launch checks to prevent regressions
- name: sso-pre-launch-checks
# This needs to be the very last, after all updates to standalone-openshift.xml have been done. See eg. https://access.redhat.com/solutions/3402171 for use
- name: os-eap-extensions
- name: sso-cli-extensions
- name: sso-rm-openjdk
version: *jdk_version
packages:
manager: microdnf
content_sets_file: content_sets.yaml
install:
# "find" executable is required by various CCT & SSO modules
- findutils
# "which" tool is handy for debugging issues / troubleshooting
- which
artifacts:
- name: jboss-eap-7.3.zip
target: jboss-eap-7.3.zip
md5: 3dba80cc1be17b00cb901441111886f3
url: http://$DOWNLOAD_SERVER/released/JBoss-middleware/eap7/7.3.0/jboss-eap-7.3.0.zip
- name: jboss-eap-7.3.9.GA-CR2-patch
target: jboss-eap-7.3.9.GA-CR2-patch.zip
md5: 00779380dacdbfa01bfb3e62a307279a
url: http://$DOWNLOAD_SERVER/devel/candidates/JBEAP/JBEAP-7.3.9.GA-CR2/jboss-eap-7.3.9.GA-CR2-patch.zip
run:
cmd:
- "/opt/eap/bin/openshift-launch.sh"
user: 185
workdir: "/home/jboss"