From 0fb219932596b1824e526a078465ab94f56015f8 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Mon, 3 May 2021 13:52:05 +0530 Subject: [PATCH 01/34] Add single node init charts 4.0.x --- advanced/mysql-am/Chart.yaml | 2 +- advanced/mysql-am/values.yaml | 3468 +++++++++-------- simple/am-single/Chart.yaml | 20 + simple/am-single/README.md | 298 ++ simple/am-single/auth.json | 10 + simple/am-single/requirements.yaml | 23 + simple/am-single/templates/NOTES.txt | 41 + simple/am-single/templates/_helpers.tpl | 82 + .../am/instance/wso2am-deployment.yaml | 152 + .../templates/am/instance/wso2am-service.yaml | 50 + .../instance/wso2am-single-node-am-conf.yaml | 295 ++ .../templates/am/wso2am-conf-entrypoint.yaml | 71 + .../templates/am/wso2am-gateway-ingress.yaml | 35 + .../templates/am/wso2am-ingress.yaml | 35 + .../templates/am/wso2am-volume-claims.yaml | 43 + .../templates/am/wso2am-websub-ingress.yaml | 35 + .../am-single/templates/wso2am-secrets.yaml | 30 + .../templates/wso2am-service-account.yaml | 19 + simple/am-single/values.yaml | 134 + simple/create.sh | 8 +- simple/deployment-scripts/deployment.yaml | 3231 +++++++++++++++ simple/deployment-scripts/wso2am-ga.sh | 2073 +++------- simple/deployment-scripts/wso2am-latest.sh | 2071 +++------- simple/funcs | 1 - simple/funcs4opensource | 1 - ...am-pattern-1-analytics-dashboard-conf.yaml | 407 -- ...tern-1-analytics-dashboard-deployment.yaml | 91 - ...pattern-1-analytics-dashboard-service.yaml | 21 - .../wso2apim-analytics-worker-conf.yaml | 543 --- .../wso2apim-analytics-worker-deployment.yaml | 109 - .../wso2apim-analytics-worker-service.yaml | 38 - .../wso2apim-mysql-conf.yaml | 819 ++-- .../wso2apim-mysql-deployment.yaml | 3 +- simple/kubernetes-apim/wso2apim-conf.yaml | 35 +- .../kubernetes-apim/wso2apim-deployment.yaml | 6 +- 35 files changed, 8107 insertions(+), 6193 deletions(-) create mode 100644 simple/am-single/Chart.yaml create mode 100644 simple/am-single/README.md create mode 100644 simple/am-single/auth.json create mode 100644 simple/am-single/requirements.yaml create mode 100644 simple/am-single/templates/NOTES.txt create mode 100644 simple/am-single/templates/_helpers.tpl create mode 100644 simple/am-single/templates/am/instance/wso2am-deployment.yaml create mode 100644 simple/am-single/templates/am/instance/wso2am-service.yaml create mode 100644 simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml create mode 100644 simple/am-single/templates/am/wso2am-conf-entrypoint.yaml create mode 100644 simple/am-single/templates/am/wso2am-gateway-ingress.yaml create mode 100644 simple/am-single/templates/am/wso2am-ingress.yaml create mode 100644 simple/am-single/templates/am/wso2am-volume-claims.yaml create mode 100644 simple/am-single/templates/am/wso2am-websub-ingress.yaml create mode 100644 simple/am-single/templates/wso2am-secrets.yaml create mode 100644 simple/am-single/templates/wso2am-service-account.yaml create mode 100644 simple/am-single/values.yaml create mode 100644 simple/deployment-scripts/deployment.yaml mode change 100644 => 100755 simple/deployment-scripts/wso2am-ga.sh delete mode 100644 simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml delete mode 100644 simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml delete mode 100644 simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml delete mode 100644 simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml delete mode 100644 simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml delete mode 100644 simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml diff --git a/advanced/mysql-am/Chart.yaml b/advanced/mysql-am/Chart.yaml index c4d26fca..a01e332a 100644 --- a/advanced/mysql-am/Chart.yaml +++ b/advanced/mysql-am/Chart.yaml @@ -16,5 +16,5 @@ apiVersion: v1 appVersion: "5.7" description: A Helm chart for MySQL based deployment of WSO2 API Management Datasources name: mysql-am -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/mysql-am/values.yaml b/advanced/mysql-am/values.yaml index 37391ec4..afb0f4aa 100644 --- a/advanced/mysql-am/values.yaml +++ b/advanced/mysql-am/values.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. mysql: - imageTag: "5.7.31" + imageTag: "5.7.34" mysqlRootPassword: root mysqlUser: wso2carbon mysqlPassword: wso2carbon @@ -26,27 +26,6 @@ mysql: [mysqld] max_connections = 10000 initializationFiles: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_DASHBOARD_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - DROP DATABASE IF EXISTS WSO2_CLUSTER_DB; - DROP DATABASE IF EXISTS WSO2_PERSISTENCE_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_DASHBOARD_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - CREATE DATABASE WSO2_CLUSTER_DB; - CREATE DATABASE WSO2_PERSISTENCE_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_DASHBOARD_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2_CLUSTER_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2_PERSISTENCE_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; mysql_apim.sql: |- DROP DATABASE IF EXISTS WSO2AM_DB; CREATE DATABASE WSO2AM_DB; @@ -56,1008 +35,1130 @@ mysql: -- Start of IDENTITY Tables-- CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) + PRODUCT_NAME VARCHAR(20), + PRIMARY KEY (PRODUCT_NAME) )ENGINE INNODB; INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY VARCHAR(255), + CONSUMER_SECRET VARCHAR(2048), + USERNAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT 0, + USER_DOMAIN VARCHAR(50), + APP_NAME VARCHAR(255), + OAUTH_VERSION VARCHAR(128), + CALLBACK_URL VARCHAR(2048), + GRANT_TYPES VARCHAR (1024), + PKCE_MANDATORY CHAR(1) DEFAULT '0', + PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, + ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + REQUEST_TOKEN VARCHAR(255), + REQUEST_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHORIZED VARCHAR(128), + OAUTH_VERIFIER VARCHAR(512), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (REQUEST_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ACCESS_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + TOKEN_ID VARCHAR (255), + TOKEN_BINDING_TYPE VARCHAR (32), + TOKEN_BINDING_REF VARCHAR (32), + TOKEN_BINDING_VALUE VARCHAR (1024), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NULL, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25), + TOKEN_STATE_ID VARCHAR (128) , + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + INVALIDATED_TIME TIMESTAMP NULL, + IDP_ID INTEGER DEFAULT -1 NOT NULL ); CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + CODE_ID VARCHAR (255), + AUTHORIZATION_CODE VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + STATE VARCHAR (25) DEFAULT 'ACTIVE', + TOKEN_ID VARCHAR(255), + SUBJECT_IDENTIFIER VARCHAR(255), + PKCE_CODE_CHALLENGE VARCHAR(255), + PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + PRIMARY KEY (CODE_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE + CODE_ID VARCHAR(255), + SCOPE VARCHAR(60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (CODE_ID, SCOPE), + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + CODE_ID VARCHAR(255), + DEVICE_CODE VARCHAR(255), + USER_CODE VARCHAR(25), + CONSUMER_KEY_ID INTEGER, + LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLL_TIME BIGINT, + STATUS VARCHAR (25) DEFAULT 'PENDING', + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + IDP_ID INTEGER, + PRIMARY KEY (DEVICE_CODE), + UNIQUE (CODE_ID), + UNIQUE (USER_CODE), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID VARCHAR(255), + SCOPE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + RESOURCE_PATH VARCHAR(255) NOT NULL, + SCOPE_ID INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + ROLE_NAME VARCHAR(255) NOT NULL, + ATTR_NAME VARCHAR(1024) NOT NULL, + ATTR_VALUE VARCHAR(1024), + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + COOKIE_VALUE VARCHAR(1024), + CREATED_TIME TIMESTAMP, + PRIMARY KEY (USER_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + RP_URL VARCHAR(255) NOT NULL, + TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', + LAST_VISIT DATE NOT NULL, + VISIT_COUNT INTEGER DEFAULT 0, + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', + PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) + HANDLE VARCHAR(255) NOT NULL, + ASSOC_TYPE VARCHAR(255) NOT NULL, + EXPIRE_IN TIMESTAMP NOT NULL, + MAC_KEY VARCHAR(255) NOT NULL, + ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (HANDLE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + TOKEN_ID VARCHAR(255) NOT NULL, + TOKEN_CONTENT BLOB(1024) NOT NULL, + CREATE_DATE TIMESTAMP NOT NULL, + EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + STATE INTEGER DEFAULT 0, + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) + TENANT_ID INTEGER DEFAULT -1234, + USER_NAME VARCHAR(255) NOT NULL, + DATA_KEY VARCHAR(255) NOT NULL, + DATA_VALUE VARCHAR(2048), + PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + METADATA_TYPE VARCHAR(255) NOT NULL, + METADATA VARCHAR(255) NOT NULL, + VALID VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) + SESSION_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + CREATED_TIME VARCHAR(255) NOT NULL, + LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (SESSION_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + IDP_ID INTEGER NOT NULL, + PRIMARY KEY (USER_ID), + CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); + USER_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) + SESSION_ID VARCHAR (100) NOT NULL, + SUBJECT VARCHAR (100) NOT NULL, + APP_ID INTEGER NOT NULL, + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) + SESSION_ID VARCHAR (100) NOT NULL, + PROPERTY_TYPE VARCHAR (100) NOT NULL, + VALUE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + APP_NAME VARCHAR (255) NOT NULL , + USER_STORE VARCHAR (255) NOT NULL, + USERNAME VARCHAR (255) NOT NULL , + DESCRIPTION VARCHAR (1024), + ROLE_CLAIM VARCHAR (512), + AUTH_TYPE VARCHAR (255) NOT NULL, + PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), + IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', + IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', + IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', + IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', + SUBJECT_CLAIM_URI VARCHAR (512), + IS_SAAS_APP CHAR(1) DEFAULT '0', + IS_DUMB_MODE CHAR(1) DEFAULT '0', + UUID CHAR(36), + IMAGE_URL VARCHAR(1024), + ACCESS_URL VARCHAR(1024), + IS_DISCOVERABLE CHAR(1) DEFAULT '0', + + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + INBOUND_AUTH_KEY VARCHAR (255), + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, + PROP_NAME VARCHAR (255), + PROP_VALUE VARCHAR (1024) , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + STEP_ORDER INTEGER DEFAULT 1, + APP_ID INTEGER NOT NULL , + IS_SUBJECT_STEP CHAR(1) DEFAULT '0', + IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_ID INTEGER NOT NULL, + PRIMARY KEY (ID, AUTHENTICATOR_ID) )ENGINE INNODB; ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_CLAIM VARCHAR (512) NOT NULL , + SP_CLAIM VARCHAR (512) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', + DEFAULT_VALUE VARCHAR(255), + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_ROLE VARCHAR (255) NOT NULL , + SP_ROLE VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_NAME VARCHAR (255) NOT NULL , + CONNECTOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', + BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID) )ENGINE INNODB; ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)); CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (ID), + CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + LONG_WAIT_KEY VARCHAR(255) NOT NULL, + WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_CLAIM_ID INTEGER, + TENANT_ID INTEGER, + LOCAL_CLAIM VARCHAR(253), + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), + FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '1', + DISPLAY_NAME VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + AUTHENTICATOR_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047), + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), + FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '0', + IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + PROVISIONING_CONFIG_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2048), + PROPERTY_BLOB_VALUE BLOB, + PROPERTY_TYPE CHAR(32) NOT NULL, + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + PROVISIONING_CONFIG_ID INTEGER, + ENTITY_TYPE VARCHAR(255) NOT NULL, + ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, + ENTITY_NAME VARCHAR(255) NOT NULL, + ENTITY_VALUE VARCHAR(255), + TENANT_ID INTEGER, + ENTITY_LOCAL_ID VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), + UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + IDP_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + ASSOCIATION_ID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) + )ENGINE INNODB; CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + USER_HANDLE VARCHAR(64) NOT NULL, + CREDENTIAL_ID VARCHAR(200) NOT NULL, + PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, + SIGNATURE_COUNT BIGINT, + USER_IDENTITY VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(255), + IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', + PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(255), + HOST_URL_WORKER VARCHAR(255), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(1023), + CALLBACK_HOST VARCHAR (45), + CALLBACK_USERNAME VARCHAR (45), + CALLBACK_PASSWORD VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + ASSERTION BLOB , + PRIMARY KEY (ID) )ENGINE INNODB; CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) + ID INT(11) NOT NULL AUTO_INCREMENT, + SOURCE_ID VARCHAR(255) NOT NULL, + MESSAGE_HANDLER VARCHAR(255) NOT NULL, + AUTHN_REQ_DTO BLOB NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + EXP_TIMESTAMP TIMESTAMP NOT NULL, + INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + ASSERTION_ID VARCHAR(255), + PRIMARY KEY (`ID`) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID INTEGER NOT NULL, + EXTERNAL_CLAIM_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, + FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + AUTH_CODE_KEY CHAR (36), + AUTH_REQ_ID CHAR (36), + ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + CONSUMER_KEY VARCHAR(255), + LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLLING_INTERVAL INTEGER, + EXPIRES_IN INTEGER, + AUTHENTICATED_USER_NAME VARCHAR(255), + USER_STORE_DOMAIN VARCHAR(100), + TENANT_ID INTEGER, + AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', + IDP_ID INTEGER, + UNIQUE(AUTH_REQ_ID), + PRIMARY KEY (AUTH_CODE_KEY), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE + AUTH_CODE_KEY CHAR (36), + SCOPE VARCHAR (255), + FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- @@ -1133,130 +1234,140 @@ mysql: -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + -- End of IDENTITY Tables-- -- Start of CONSENT-MGT Tables -- CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) ); CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + PURPOSE_GROUP VARCHAR(255) NOT NULL, + GROUP_TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), + PRIMARY KEY (ID) ); CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) ); CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) ); CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + IS_MANDATORY INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) ); CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) ); CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) ); ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); @@ -1265,290 +1376,301 @@ mysql: -- Start of API-MGT Tables -- CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) + SUBSCRIBER_ID INTEGER AUTO_INCREMENT, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EMAIL_ADDRESS VARCHAR(256) NULL, + DATE_SUBSCRIBED TIMESTAMP NOT NULL, + PRIMARY KEY (SUBSCRIBER_ID), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE (TENANT_ID,USER_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) + APPLICATION_ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(100), + SUBSCRIBER_ID INTEGER, + APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', + CALLBACK_URL VARCHAR(512), + DESCRIPTION VARCHAR(512), + APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', + GROUP_ID VARCHAR(100), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + TOKEN_TYPE VARCHAR(10), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID), + UNIQUE (NAME,SUBSCRIBER_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) + API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), + API_PROVIDER VARCHAR(200), + API_NAME VARCHAR(200), + API_VERSION VARCHAR(30), + CONTEXT VARCHAR(256), + CONTEXT_TEMPLATE VARCHAR(256), + API_TIER VARCHAR(256), + API_TYPE VARCHAR(10), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, + PRIMARY KEY(API_ID), + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) + UUID VARCHAR(256), + API_ID INTEGER NOT NULL, + TYPE VARCHAR(256), + FIELD VARCHAR(256), + COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY(UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - PRIMARY KEY (URL_MAPPING_ID) + URL_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + HTTP_METHOD VARCHAR(20) NULL, + AUTH_SCHEME VARCHAR(50) NULL, + URL_PATTERN VARCHAR(512) NULL, + THROTTLING_TIER varchar(512) DEFAULT NULL, + MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), + PRIMARY KEY (URL_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) + SCOPE_NAME VARCHAR(255) NOT NULL, + URL_MAPPING_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) + API_ID INTEGER NOT NULL, + AUDIT_UUID VARCHAR(255) NOT NULL, + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (API_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) + SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, + TIER_ID VARCHAR(50), + TIER_ID_PENDING VARCHAR(50), + API_ID INTEGER, + LAST_ACCESSED TIMESTAMP NULL, + APPLICATION_ID INTEGER, + SUB_STATUS VARCHAR(50), + SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (SUBSCRIPTION_ID), + UNIQUE (UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) + UUID VARCHAR(100), + APPLICATION_ID INTEGER, + CONSUMER_KEY VARCHAR(255), + KEY_TYPE VARCHAR(512) NOT NULL, + STATE VARCHAR(30) NOT NULL, + CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', + KEY_MANAGER VARCHAR(100), + APP_INFO BLOB , + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) + EVENT_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + PREVIOUS_STATE VARCHAR(50), + NEW_STATE VARCHAR(50) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EVENT_DATE TIMESTAMP NOT NULL, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (EVENT_ID) )ENGINE INNODB; CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) + CONSUMER_KEY VARCHAR(255), + AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', + PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, - COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, - API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (COMMENT_ID) + COMMENT_ID VARCHAR(64) NOT NULL, + COMMENT_TEXT VARCHAR(512), + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + API_ID INTEGER, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), + PRIMARY KEY (COMMENT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + RATING_ID VARCHAR(255) NOT NULL, + API_ID INTEGER, + RATING INTEGER, + SUBSCRIBER_ID INTEGER, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY (RATING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) + TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, + TIER VARCHAR(50) NOT NULL, + PERMISSIONS_TYPE VARCHAR(50) NOT NULL, + ROLES VARCHAR(512) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY(TIER_PERMISSIONS_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + APISTORE_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + STORE_ID VARCHAR(255) NOT NULL, + STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, + STORE_ENDPOINT VARCHAR(255) NOT NULL, + STORE_TYPE VARCHAR(255) NOT NULL, + LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, PRIMARY KEY (APISTORE_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) + WF_ID INTEGER AUTO_INCREMENT, + WF_REFERENCE VARCHAR(255) NOT NULL, + WF_TYPE VARCHAR(255) NOT NULL, + WF_STATUS VARCHAR(255) NOT NULL, + WF_CREATED_TIME TIMESTAMP, + WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , + WF_STATUS_DESC VARCHAR(1000), + TENANT_ID INTEGER, + TENANT_DOMAIN VARCHAR(255), + WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, + WF_METADATA BLOB DEFAULT NULL, + WF_PROPERTIES BLOB DEFAULT NULL, + PRIMARY KEY (WF_ID), + UNIQUE (WF_EXTERNAL_REFERENCE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) + REG_ID INT AUTO_INCREMENT, + SUBSCRIBER_ID INT, + WF_REF VARCHAR(255) NOT NULL, + APP_ID INT, + TOKEN_TYPE VARCHAR(30), + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', + INPUTS VARCHAR(1000), + ALLOWED_DOMAINS VARCHAR(256), + VALIDITY_PERIOD BIGINT, + KEY_MANAGER VARCHAR(255) NOT NULL, + UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (REG_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) + NAME VARCHAR(255) NOT NULL, + UUID VARCHAR (256), + TENANT_ID INTEGER, + PRIMARY KEY (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) + DEFAULT_VERSION_ID INT AUTO_INCREMENT, + API_NAME VARCHAR(256) NOT NULL , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , + PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , + PRIMARY KEY (DEFAULT_VERSION_ID) )ENGINE = INNODB; CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL, + PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) + ALERT_TYPE_ID INTEGER, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) + EMAIL_LIST_ID INTEGER, + EMAIL VARCHAR(255), + PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); @@ -1564,420 +1686,527 @@ mysql: -- AM Throttling tables -- CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, + RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, + BILLING_PLAN VARCHAR(20) NOT NULL, + UUID VARCHAR(256), + MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, + FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, + BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, + PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, + CURRENCY VARCHAR(15) NULL DEFAULT NULL, + MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, + MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) )ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR (1024), + DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, + DEFAULT_QUOTA INTEGER NOT NULL, + DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, + DEFAULT_UNIT_TIME INTEGER NOT NULL, + DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, + APPLICABLE_LEVEL VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE + CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, + POLICY_ID INTEGER NOT NULL, + QUOTA_TYPE VARCHAR(25), + QUOTA INTEGER NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INTEGER NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, + PRIMARY KEY (CONDITION_GROUP_ID), + FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + PARAMETER_NAME VARCHAR(255) DEFAULT NULL, + PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (QUERY_PARAMETER_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, + HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (HEADER_FIELD_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR(512) DEFAULT NULL, + CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (JWT_CLAIM_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) + AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, + STARTING_IP VARCHAR(45) NULL, + ENDING_IP VARCHAR(45) NULL, + SPECIFIC_IP VARCHAR(45) NULL, + WITHIN_IP_RANGE BOOLEAN DEFAULT 1, + CONDITION_GROUP_ID INT NULL, + PRIMARY KEY (AM_IP_CONDITION_ID), + INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) + REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE = InnoDB; CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + KEY_TEMPLATE VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + SIDDHI_QUERY BLOB DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) + THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, + TIER VARCHAR(50) NULL, + PERMISSIONS_TYPE VARCHAR(50) NULL, + ROLES VARCHAR(512) NULL, + TENANT_ID INT(11) NULL, + PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) ENGINE = InnoDB; CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) + `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, + `TYPE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, + `ENABLED` varchar(45) DEFAULT NULL, + `DOMAIN` varchar(45) DEFAULT NULL, + `UUID` VARCHAR(256), + PRIMARY KEY (`CONDITION_ID`), + UNIQUE (`UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(255) NOT NULL, + `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `API_ID` INTEGER NOT NULL, + `CERTIFICATE` BLOB NOT NULL, + `REMOVED` BOOLEAN NOT NULL DEFAULT 0, + `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', + FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE + APPLICATION_ID int(11) NOT NULL, + NAME varchar(255) NOT NULL, + VALUE varchar(1024) NOT NULL, + TENANT_ID int(11) NOT NULL, + PRIMARY KEY (APPLICATION_ID,NAME), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(50) NOT NULL, + CONSUMER_KEY VARCHAR(512) NOT NULL, + CONSUMER_SECRET VARCHAR(512) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', + UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) ) ENGINE=InnoDB; -- BotDATA Email table -- CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) + UUID VARCHAR(255), + CATEGORY VARCHAR(255), + NOTIFICATION_METHOD VARCHAR(255), + SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, + PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) ) ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) + UUID VARCHAR(255) NOT NULL, + SIGNATURE VARCHAR(2048) NOT NULL, + EXPIRY_TIMESTAMP BIGINT NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (UUID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) + UUID VARCHAR(50), + NAME VARCHAR(255), + DESCRIPTION VARCHAR(1024), + TENANT_ID INTEGER DEFAULT -1, + UNIQUE (NAME,TENANT_ID), + PRIMARY KEY (UUID) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) ) ENGINE=InnoDB; -- Tenant Themes Table -- CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) + TENANT_ID INTEGER NOT NULL, + THEME MEDIUMBLOB NOT NULL, + PRIMARY KEY (TENANT_ID) ) ENGINE=InnoDB; -- End of API-MGT Tables -- -- UMA tables -- CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_ID VARCHAR(255), + RESOURCE_NAME VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL, + RESOURCE_OWNER_NAME VARCHAR(255), + CLIENT_ID VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1234, + USER_DOMAIN VARCHAR(50), + PRIMARY KEY (ID) ); CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + PROPERTY_KEY VARCHAR(40), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + SCOPE_NAME VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - PRIMARY KEY (ID) + ID INTEGER AUTO_INCREMENT NOT NULL, + PT VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), + PRIMARY KEY (ID) ); CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_SCOPE_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE ); CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) ); CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); + UUID VARCHAR(50) NOT NULL, + NAME VARCHAR(100) NULL, + DISPLAY_NAME VARCHAR(100) NULL, + DESCRIPTION VARCHAR(256) NULL, + TYPE VARCHAR(45) NULL, + CONFIGURATION BLOB NULL, + ENABLED BOOLEAN DEFAULT 1, + TENANT_DOMAIN VARCHAR(100) NULL, + PRIMARY KEY (UUID), + UNIQUE (NAME,TENANT_DOMAIN) + ); -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- -- should not have any referential integrity constraints with other tables in AM database-- CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; + API_ID varchar(255) NOT NULL, + TENANT_DOMAIN varchar(255), + API_PROVIDER varchar(255), + API_NAME varchar(255), + API_VERSION varchar(255), + API_TYPE varchar(50), + PRIMARY KEY (API_ID) + )ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, + TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP )ENGINE INNODB; -- Performance indexes start-- @@ -2003,24 +2232,23 @@ mysql: GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); @@ -2029,45 +2257,45 @@ mysql: -- See CARBON-5917. CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2079,20 +2307,20 @@ mysql: CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) )ENGINE INNODB; ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2101,20 +2329,20 @@ mysql: CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_COMMENT_TEXT VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_COMMENTED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_COMMENT_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2123,20 +2351,20 @@ mysql: CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_RATING INTEGER NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_RATED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_RATING_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2146,20 +2374,20 @@ mysql: CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_TAG_NAME VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_TAGGED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_TAG_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2168,19 +2396,19 @@ mysql: CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_NAME VARCHAR(100) NOT NULL, + REG_VALUE VARCHAR(1000), + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 + REG_PROPERTY_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 )ENGINE INNODB; ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); @@ -2207,21 +2435,21 @@ mysql: CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) + REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, + REG_SOURCEPATH VARCHAR (750) NOT NULL, + REG_TARGETPATH VARCHAR (750) NOT NULL, + REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) + REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_ID INTEGER NOT NULL, + REG_RESOURCE_NAME VARCHAR(255), + REG_RESOURCE_VIDS LONGBLOB NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); @@ -2234,266 +2462,282 @@ mysql: -- ################################ CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_EMAIL VARCHAR(255), + UM_ACTIVE BOOLEAN DEFAULT FALSE, + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) )ENGINE INNODB; CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) + UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), + UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); + ON UM_TENANT (UM_DOMAIN_NAME); CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_USER_TENANT_ID INTEGER NOT NULL, + UM_ROLE_TENANT_ID INTEGER NOT NULL, + UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), + FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) )ENGINE INNODB; CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ATTR_NAME VARCHAR(255) NOT NULL, + UM_ATTR_VALUE VARCHAR(1024), + UM_PROFILE_ID VARCHAR(255), + UM_USER_ID INTEGER, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_URI VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_CLAIM_URI VARCHAR(255) NOT NULL, + UM_DISPLAY_TAG VARCHAR(255), + UM_DESCRIPTION VARCHAR(255), + UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), + UM_MAPPED_ATTRIBUTE VARCHAR(255), + UM_REG_EX VARCHAR(255), + UM_SUPPORTED SMALLINT, + UM_REQUIRED SMALLINT, + UM_DISPLAY_ORDER INTEGER, + UM_CHECKED_ATTRIBUTE SMALLINT, + UM_READ_ONLY SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_PROFILE_NAME VARCHAR(255), + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PROFILE_ID INTEGER, + UM_CLAIM_ID INTEGER, + UM_BEHAVIOUR SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), + FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), + PRIMARY KEY(UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_DOMAIN_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID), + UNIQUE (UM_USER_ID), + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); diff --git a/simple/am-single/Chart.yaml b/simple/am-single/Chart.yaml new file mode 100644 index 00000000..a632a933 --- /dev/null +++ b/simple/am-single/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +appVersion: "4.0.0" +description: A Helm chart for the deployment of WSO2 API Manager Single Node. +name: am-single-node +version: 4.0.0-1 +icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/simple/am-single/README.md b/simple/am-single/README.md new file mode 100644 index 00000000..abab3c45 --- /dev/null +++ b/simple/am-single/README.md @@ -0,0 +1,298 @@ +# Helm Chart for deployment of WSO2 API Manager with WSO2 API Manager Analytics + +Resources for building a Helm chart for deployment of [All-In-One WSO2 API Manager with WSO2 API Manager Analytics +support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-1-single-node-all-in-one-deployment). + +![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/1-single-node-deployment.png) + +For advanced details on the deployment pattern, please refer to the official +[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/configuring-an-active-active-deployment/). + +## Contents + +* [Prerequisites](#prerequisites) +* [Quick Start Guide](#quick-start-guide) +* [Configuration](#configuration) +* [Runtime Artifact Persistence and Sharing](#runtime-artifact-persistence-and-sharing) +* [Managing Java Keystores and Truststores](#managing-java-keystores-and-truststores) +* [Configuring SSL in Service Exposure](#configuring-ssl-in-service-exposure) + +## Prerequisites + +* WSO2 product Docker images used for the Kubernetes deployment. + + WSO2 product Docker images available at [DockerHub](https://hub.docker.com/u/wso2/) package General Availability (GA) + versions of WSO2 products with no [WSO2 Updates](https://wso2.com/updates). + + For a production grade deployment of the desired WSO2 product-version, it is highly recommended to use the relevant + Docker image which packages WSO2 Updates, available at [WSO2 Private Docker Registry](https://docker.wso2.com/). In order + to use these images, you need an active [WSO2 Subscription](https://wso2.com/subscription). +

+ +* Install [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git), [Helm](https://helm.sh/docs/intro/install/) + and [Kubernetes client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) in order to run the steps provided in the + following quick start guide.

+ +* An already setup [Kubernetes cluster](https://kubernetes.io/docs/setup).

+ +* Install [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/deploy/).

+ +* Add the WSO2 Helm chart repository. + + ``` + helm repo add wso2 https://helm.wso2.com && helm repo update + ``` + +## Quick Start Guide + +### 1. Install the Helm Chart + +You can install the relevant Helm chart either from [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) or by source. + +**Note:** + +* `NAMESPACE` should be the Kubernetes Namespace in which the resources are deployed. + +#### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) + + Helm version 2 + + ``` + helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace + ``` + + Helm version 3 + + - Deploy the Kubernetes resources using the Helm Chart + + ``` + helm install wso2/am-pattern-1 --version 3.2.0-1 --namespace --create-namespace + ``` + +The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. + +If you are using WSO2 product Docker images available from WSO2 Private Docker Registry, +please provide your WSO2 Subscription credentials via input values (using `--set` argument). + +Please see the following example. + +``` + helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` + +#### Install Chart From Source + +>In the context of this document,
+>* `KUBERNETES_HOME` will refer to a local copy of the [`wso2/kubernetes-apim`](https://github.com/wso2/kubernetes-apim/) +Git repository.
+>* `HELM_HOME` will refer to `/advanced`.
+ +##### Clone the Helm Resources for WSO2 API Manager Git repository. + +``` +git clone https://github.com/wso2/kubernetes-apim.git +``` + +##### Deploy Helm chart for WSO2 API Manager Pattern 1 deployment. + + Helm version 2 + + ``` + helm install --dep-up --name /am-pattern-1 --version 3.2.0-1 --namespace + ``` + + Helm version 3 + + - Deploy the Kubernetes resources using the Helm Chart + + ``` + helm install /am-pattern-1 --version 3.2.0-1 --namespace --dependency-update --create-namespace + ``` + +The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. + +If you are using WSO2 product Docker images available from WSO2 Private Docker Registry, +please provide your WSO2 Subscription credentials via input values (using `--set` argument). + +Please see the following example. + +``` + helm install --name /am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +``` + +### 2. Obtain the external IP + +Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. + +``` +kubectl get ing -n +``` + +The output under the relevant column stands for the following. + +API Manager Publisher-DevPortal + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-ingress`) +- HOSTS: Hostname of the WSO2 API Manager service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager service + +API Manager Gateway + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-gateway-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Gateway service + +API Manager Analytics Dashboard + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-analytics-dashboard-ingress`) +- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service + +### 3. Add a DNS record mapping the hostnames and the external IP + +If the defined hostnames (in the previous step) are backed by a DNS service, add a DNS record mapping the hostnames and +the external IP (`EXTERNAL-IP`) in the relevant DNS service. + +If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the +hostnames and the external IP in the `/etc/hosts` file at the client-side. + +``` + +``` + +### 4. Access Management Consoles + +- API Manager Publisher: `https:///publisher` + +- API Manager DevPortal: `https:///devportal` + +- API Manager Analytics Dashboard: `https:///analytics-dashboard` + + +## Configuration + +The following tables lists the configurable parameters of the chart and their default values. + +###### WSO2 Subscription Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.subscription.username` | Your WSO2 Subscription username | - | +| `wso2.subscription.password` | Your WSO2 Subscription password | - | + +If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. + +###### Chart Dependencies + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.dependencies.mysql` | Enable the deployment and usage of WSO2 API Management MySQL based Helm Chart | true | +| `wso2.deployment.dependencies.nfsProvisioner` | Enable the deployment and usage of NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) | true | + +###### Persistent Runtime Artifact Configurations + +| Parameter | Description | Default Value | +|---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | +| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | +| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | +| `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | + +###### API Manager Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | +| `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | +| `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | +| `wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | +| `wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | +| `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 2Gi | +| `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 3Gi | +| `wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 3000m | +| `wso2.deployment.am.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.am.ingress.management.hostname` | Hostname for API Manager Admin Portal, Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | +| `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | +| `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). + +###### Analytics Dashboard Runtime Configurations + +| Parameter | Description | Default Value | +|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | +| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | +| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | +| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | +| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | +| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | +| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | +| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | +| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | +| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | +| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | +| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | +| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | +| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | +| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | + +###### Analytics Worker Runtime Configurations + +| Parameter | Description | Default Value | +|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | +| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | +| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | +| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | +| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | +| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | +| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | +| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | +| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | +| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | + +###### Kubernetes Specific Configurations + +| Parameter | Description | Default Value | +|---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| +| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-pattern-1-svc-account` | + +## Runtime Artifact Persistence and Sharing + +* It is **mandatory** to set an appropriate Kubernetes StorageClass in this deployment, for persistence and sharing. + +* By default, this deployment uses the `nfs` Kubernetes StorageClass created using the official, stable [NFS Server Provisioner](https://hub.helm.sh/charts/stable/nfs-server-provisioner). + +* Only persistent storage solutions supporting `ReadWriteMany` [access mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + are applicable for `wso2.deployment.persistentRuntimeArtifacts.storageClass`. + +* Please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/store/Persisting_And_Sharing.md#recommended-storage-options-for-wso2-products) + for advanced details with regards to WSO2 recommended, storage options. + +## Managing Java Keystores and Truststores + +* By default, this deployment uses the default keystores and truststores provided by the relevant WSO2 product. + +* For advanced details with regards to managing custom Java keystores and truststores in a container based WSO2 product deployment + please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/deploy/Managing_Keystores_And_Truststores.md). + +## Configuring SSL in Service Exposure + +* For WSO2 recommended best practices in configuring SSL when exposing the internal product services to outside of the Kubernetes cluster, + please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/route/Routing.md#configuring-ssl). diff --git a/simple/am-single/auth.json b/simple/am-single/auth.json new file mode 100644 index 00000000..fbdc9cd0 --- /dev/null +++ b/simple/am-single/auth.json @@ -0,0 +1,10 @@ +{ + "auths": { + "reg.Id": { + "username": "docker.wso2.com.username", + "password": "docker.wso2.com.password", + "email": "docker.wso2.com.email", + "auth": "docker.wso2.com.auth" + } + } +} \ No newline at end of file diff --git a/simple/am-single/requirements.yaml b/simple/am-single/requirements.yaml new file mode 100644 index 00000000..074adea6 --- /dev/null +++ b/simple/am-single/requirements.yaml @@ -0,0 +1,23 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: mysql-am + version: "4.0.0-1" + repository: "https://helm.wso2.com" + condition: wso2.deployment.dependencies.mysql + - name: nfs-server-provisioner + version: "1.1.0" + repository: "https://helm.wso2.com" + condition: wso2.deployment.dependencies.nfsServerProvisioner diff --git a/simple/am-single/templates/NOTES.txt b/simple/am-single/templates/NOTES.txt new file mode 100644 index 00000000..bb9b557e --- /dev/null +++ b/simple/am-single/templates/NOTES.txt @@ -0,0 +1,41 @@ +Thank you for installing WSO2 API Manager. + +Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. + +1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + The output under the relevant column stands for the following. + + API Manager Publisher-DevPortal + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-single-node.resource.prefix" . }}-am-ingress) + - HOSTS: Hostname of the WSO2 API Manager service ({{ .Values.wso2.deployment.am.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager service + + API Manager Gateway + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-single-node.resource.prefix" . }}-am-gateway-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ .Values.wso2.deployment.am.ingress.gateway.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager' Gateway service + + +2. Add a DNS record mapping the hostnames (in step 1) and the external IP. + + If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and + the external IP (`EXTERNAL-IP`) in the relevant DNS service. + + If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the + hostnames and the external IP in the `/etc/hosts` file at the client-side. + + {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} + +3. Navigate to the consoles in your browser of choice. + + API Manager Publisher: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/publisher + API Manager DevPortal: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal + +Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/simple/am-single/templates/_helpers.tpl b/simple/am-single/templates/_helpers.tpl new file mode 100644 index 00000000..6911c4c7 --- /dev/null +++ b/simple/am-single/templates/_helpers.tpl @@ -0,0 +1,82 @@ +{{/* +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at +http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "am-single-node.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "am-single-node.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "am-single-node.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "am-single-node.labels" -}} +app.kubernetes.io/name: {{ include "am-single-node.name" . }} +helm.sh/chart: {{ include "am-single-node.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Common prefix prepended to Kubernetes resources of this chart +*/}} +{{- define "am-single-node.resource.prefix" -}} +{{- "wso2am-single-node" }} +{{- end -}} + +{{- define "image" }} +{{- $imageName := .deployment.imageName }} +{{- $imageTag := .deployment.imageTag | default "" }} +{{- if or (eq .Values.wso2.subscription.username "") (eq .Values.wso2.subscription.password "") -}} +{{- $dockerRegistry := .deployment.dockerRegistry | default "wso2" }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- printf ":%s" $imageTag -}}{{- end }} +{{- else }} +{{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} +{{- $parts := len (split "." $imageTag) }} +{{- if eq $parts 3 }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} +{{- else }} +image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/simple/am-single/templates/am/instance/wso2am-deployment.yaml b/simple/am-single/templates/am/instance/wso2am-deployment.yaml new file mode 100644 index 00000000..dc04dd99 --- /dev/null +++ b/simple/am-single/templates/am/instance/wso2am-deployment.yaml @@ -0,0 +1,152 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-deployment + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am + template: + metadata: + annotations: + checksum.am.conf: {{ include (print $.Template.BasePath "/am/instance/wso2am-single-node-am-conf.yaml") . | sha256sum }} + labels: + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am + spec: + initContainers: + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: init-mysql-db + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] + - name: init-mysql-connector-download + image: busybox:1.32 + command: + - /bin/sh + - "-c" + - | + set -e + connector_version=8.0.17 + wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ + volumeMounts: + - name: mysql-connector-jar + mountPath: /mysql-connector-jar + {{ end }} + containers: + - name: wso2am +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} + imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} + readinessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} + lifecycle: + preStop: + exec: + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] + resources: + requests: + memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} + securityContext: + runAsUser: 802 + ports: + - containerPort: 8280 + protocol: "TCP" + - containerPort: 8243 + protocol: "TCP" + - containerPort: 9763 + protocol: "TCP" + - containerPort: 9443 + protocol: "TCP" + - containerPort: 9711 + protocol: "TCP" + - containerPort: 9611 + protocol: "TCP" + - containerPort: 5672 + protocol: "TCP" + env: + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: JVM_MEM_OPTS + value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" + volumeMounts: + - name: wso2am-conf + mountPath: /home/wso2carbon/wso2-config-volume/repository/conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + mountPath: /home/wso2carbon/solr/database + - name: wso2am-solr-indexed-data-storage + mountPath: /home/wso2carbon/solr/indexed-data + - name: wso2am-conf-entrypoint + mountPath: /home/wso2carbon/docker-entrypoint.sh + subPath: docker-entrypoint.sh + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins + {{ end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.am.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-single-node.resource.prefix" . }}-wso2-private-registry-creds + {{ end }} + volumes: + - name: wso2am-conf + configMap: + name: {{ template "am-single-node.resource.prefix" . }}-am-conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + persistentVolumeClaim: + claimName: {{ template "am-single-node.resource.prefix" . }}-am-local-carbon-database-volume-claim + - name: wso2am-solr-indexed-data-storage + persistentVolumeClaim: + claimName: {{ template "am-single-node.resource.prefix" . }}-am-solr-indexed-data-volume-claim + - name: wso2am-conf-entrypoint + configMap: + name: {{ template "am-single-node.resource.prefix" . }}-am-conf-entrypoint + defaultMode: 0407 + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + emptyDir: {} + {{ end }} diff --git a/simple/am-single/templates/am/instance/wso2am-service.yaml b/simple/am-single/templates/am/instance/wso2am-service.yaml new file mode 100644 index 00000000..51f75462 --- /dev/null +++ b/simple/am-single/templates/am/instance/wso2am-service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-service + namespace : {{ .Release.Namespace }} +spec: + # label keys and values that must match in order to receive traffic for this service + selector: + deployment: {{ template "am-single-node.resource.prefix" . }}-am + node: {{ template "am-single-node.resource.prefix" . }}-am + ports: + # ports that this service should serve on + - name: pass-through-http + protocol: TCP + port: 8280 + - name: pass-through-https + protocol: TCP + port: 8243 + - name: binary + protocol: TCP + port: 9611 + - name: binary-secure + protocol: TCP + port: 9711 + - name: jms-tcp + protocol: TCP + port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml new file mode 100644 index 00000000..f4b52e74 --- /dev/null +++ b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml @@ -0,0 +1,295 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-conf + namespace : {{ .Release.Namespace }} + {{ if .Values.wso2.deployment.am.config }} +data: + {{- range $index, $content := .Values.wso2.deployment.am.config }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} + + {{ else }} +data: + deployment.toml: |- + [server] + hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" + #offset=0 + base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" + #discard_empty_caches = false + server_role = "default" + + [super_admin] + username = "admin" + password = "admin" + create_admin_account = true + + [user_store] + type = "database_unique_id" + + [database.apim_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [database.shared_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [keystore.tls] + file_name = "wso2carbon.jks" + type = "JKS" + password = "wso2carbon" + alias = "wso2carbon" + key_password = "wso2carbon" + + #[keystore.primary] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + #[keystore.internal] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + [[apim.gateway.environment]] + name = "Default" + type = "hybrid" + display_in_api_console = true + description = "This is a hybrid gateway that handles both production and sandbox token traffic." + show_as_token_endpoint_url = true + service_url = "https://localhost:${mgt.transport.https.port}/services/" + username= "${admin.username}" + password= "${admin.password}" + ws_endpoint = "ws://localhost:9099" + wss_endpoint = "wss://localhost:8099" + http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] + + #[apim.cache.gateway_token] + #enable = true + #expiry_time = "900s" + + #[apim.cache.resource] + #enable = true + #expiry_time = "900s" + + #[apim.cache.km_token] + #enable = false + #expiry_time = "15m" + + #[apim.cache.recent_apis] + #enable = false + + #[apim.cache.scopes] + #enable = true + + #[apim.cache.publisher_roles] + #enable = true + + #[apim.cache.jwt_claim] + #enable = true + #expiry_time = "15m" + + #[apim.cache.tags] + #expiry_time = "2m" + + [apim.analytics] + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" + + #[apim.key_manager] + #service_url = "https://localhost:${mgt.transport.https.port}/services/" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #pool.init_idle_capacity = 50 + #pool.max_idle = 100 + #key_validation_handler_type = "default" + #key_validation_handler_type = "custom" + #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + + #[apim.idp] + #server_url = "https://localhost:${mgt.transport.https.port}" + #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" + #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" + #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" + + #[apim.jwt] + #enable = true + #encoding = "base64" # base64,base64url + #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" + #claim_dialect = "http://wso2.org/claims" + #convert_dialect = false + #header = "X-JWT-Assertion" + #signing_algorithm = "SHA256withRSA" + #enable_user_claims = true + #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" + + #[apim.oauth_config] + #enable_outbound_auth_header = false + #auth_header = "Authorization" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" + #enable_token_encryption = false + #enable_token_hashing = false + + [apim.devportal] + url = "https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal" + #enable_application_sharing = false + #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl + #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api + #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" + #display_multiple_versions = false + #display_deprecated_apis = false + #enable_comments = true + #enable_ratings = true + #enable_forum = true + #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" + + [apim.cors] + allow_origins = "*" + allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] + allow_credentials = false + + #[apim.throttling] + #enable_data_publishing = true + #enable_policy_deploy = true + #enable_blacklist_condition = true + #enable_persistence = true + #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] + + #[apim.throttling.blacklist_condition] + #start_delay = "5m" + #period = "1h" + + #[apim.throttling.jms] + #start_delay = "5m" + + #[apim.throttling.event_sync] + #hostName = "0.0.0.0" + #port = 11224 + + #[apim.throttling.event_management] + #hostName = "0.0.0.0" + #port = 10005 + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "loadbalance" + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + + #[apim.workflow] + #enable = false + #service_url = "https://localhost:9445/bpmn" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" + #token_endpoint = "https://localhost:${https.nio.port}/token" + #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" + #client_registration_username = "$ref{super_admin.username}" + #client_registration_password = "$ref{super_admin.password}" + + #data bridge config + #[transport.receiver] + #type = "binary" + #worker_threads = 10 + #session_timeout = "30m" + #keystore.file_name = "$ref{keystore.tls.file_name}" + #keystore.password = "$ref{keystore.tls.password}" + #tcp_port = 9611 + #ssl_port = 9711 + #ssl_receiver_thread_pool_size = 100 + #tcp_receiver_thread_pool_size = 100 + #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] + #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + + #[apim.notification] + #from_address = "APIM.com" + #username = "APIM" + #password = "APIM+123" + #hostname = "localhost" + #port = 3025 + #enable_start_tls = false + #enable_authentication = true + + #[apim.token.revocation] + #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" + #enable_realtime_notifier = true + #realtime_notifier.ttl = 5000 + #enable_persistent_notifier = true + #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" + #persistent_notifier.ttl = 5000 + #persistent_notifier.username = "root" + #persistent_notifier.password = "root" + + [[event_handler]] + name="userPostSelfRegistration" + subscriptions=["POST_ADD_USER"] + + [service_provider] + sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + + [[event_listener]] + id = "token_revocation" + type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" + name = "org.wso2.is.notification.ApimOauthEventInterceptor" + order = 1 + [event_listener.properties] + notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" + username = "${admin.username}" + password = "${admin.password}" + 'header.X-WSO2-KEY-MANAGER' = "default" + + [transport.https.properties] + proxyPort = 443 + + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + [database.local] + url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + + [indexing] + location = "/home/wso2carbon/solr/indexed-data" + {{ else }} + [database.local] + url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + {{ end }} + + {{ end }} diff --git a/simple/am-single/templates/am/wso2am-conf-entrypoint.yaml b/simple/am-single/templates/am/wso2am-conf-entrypoint.yaml new file mode 100644 index 00000000..2f7379bd --- /dev/null +++ b/simple/am-single/templates/am/wso2am-conf-entrypoint.yaml @@ -0,0 +1,71 @@ + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-conf-entrypoint + namespace: {{ .Release.Namespace }} +data: + docker-entrypoint.sh: | + #!/bin/bash + set -e + + # volume mounts + config_volume=${WORKING_DIRECTORY}/wso2-config-volume + artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume + # home of the directories to be artifact synced within the WSO2 product home + deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server + # home of the directories with preserved, default deployment artifacts + original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp + + # check if the WSO2 non-root user home exists + test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 + + # check if the WSO2 product home exists + test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 + + # Copying carbon_db + if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db + then + echo "Copying WSO2CARBON_DB.mv.db" >&2 + cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ + fi + + # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable + if [[ ! -z "${PROFILE_NAME}" ]] + then + echo "Optimizing WSO2 Carbon Server" >&2 + sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} + fi + + # copy any configuration changes mounted to config_volume + test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ + # copy any artifact changes mounted to artifact_volume + test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ + + # start WSO2 Carbon server + echo "Start WSO2 Carbon server" >&2 + if [[ -z "${PROFILE_NAME}" ]] + then + # start the server with the provided startup arguments + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" + else + # start the server with the specified profile and provided startup arguments + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" + fi + + {{ end }} diff --git a/simple/am-single/templates/am/wso2am-gateway-ingress.yaml b/simple/am-single/templates/am/wso2am-gateway-ingress.yaml new file mode 100644 index 00000000..571d0aab --- /dev/null +++ b/simple/am-single/templates/am/wso2am-gateway-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021 WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-gateway-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.ingress.gateway.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.ingress.gateway.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service + servicePort: 8243 diff --git a/simple/am-single/templates/am/wso2am-ingress.yaml b/simple/am-single/templates/am/wso2am-ingress.yaml new file mode 100644 index 00000000..31a81819 --- /dev/null +++ b/simple/am-single/templates/am/wso2am-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.ingress.management.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.ingress.management.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.ingress.management.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.ingress.management.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service + servicePort: 9443 \ No newline at end of file diff --git a/simple/am-single/templates/am/wso2am-volume-claims.yaml b/simple/am-single/templates/am/wso2am-volume-claims.yaml new file mode 100644 index 00000000..77054ad4 --- /dev/null +++ b/simple/am-single/templates/am/wso2am-volume-claims.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-local-carbon-database-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-solr-indexed-data-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- diff --git a/simple/am-single/templates/am/wso2am-websub-ingress.yaml b/simple/am-single/templates/am/wso2am-websub-ingress.yaml new file mode 100644 index 00000000..9454fd09 --- /dev/null +++ b/simple/am-single/templates/am/wso2am-websub-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-am-websub-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.ingress.websub.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.ingress.websub.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-single-node.resource.prefix" . }}-am-service + servicePort: 8021 diff --git a/simple/am-single/templates/wso2am-secrets.yaml b/simple/am-single/templates/wso2am-secrets.yaml new file mode 100644 index 00000000..181bbdff --- /dev/null +++ b/simple/am-single/templates/wso2am-secrets.yaml @@ -0,0 +1,30 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-single-node.resource.prefix" . }}-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} +{{ end }} diff --git a/simple/am-single/templates/wso2am-service-account.yaml b/simple/am-single/templates/wso2am-service-account.yaml new file mode 100644 index 00000000..d91c4a4f --- /dev/null +++ b/simple/am-single/templates/wso2am-service-account.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.kubernetes.serviceAccount }} + namespace : {{ .Release.Namespace }} diff --git a/simple/am-single/values.yaml b/simple/am-single/values.yaml new file mode 100644 index 00000000..b6de1a8d --- /dev/null +++ b/simple/am-single/values.yaml @@ -0,0 +1,134 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +wso2: + # WSO2 Subscription parameters (https://wso2.com/subscription/) + # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) + # for this deployment + subscription: + username: "" + password: "" + + deployment: + dependencies: + # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster + mysql: true + # Enable NFS dynamic provisioner for Kubernetes + nfsServerProvisioner: true + + # Persisted and shared runtime artifacts for API Manager + # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) + persistentRuntimeArtifacts: + # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes + # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) + storageClass: &storage_class "nfs" + + # Persistent runtime artifacts for Apache Solr-based indexing + apacheSolrIndexing: + # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled + # By default, this is disabled + enabled: false + # Define capacities for persistent runtime artifact directories + capacity: + # For persisting the H2 based local Carbon database file + carbonDatabase: 50M + # For persisting the indexed data + solrIndexedData: 50M + + am: + # Container image configurations + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + dockerRegistry: "192.168.1.5:5000" + imageName: "wso2am" + imageTag: "4.0.0-rc" + # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) + imagePullPolicy: Always + + # Indicates whether the container is running + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + # Indicates whether the container is ready to service requests + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + + resources: + # These are the minimum resource recommendations for running WSO2 API Management product profiles + # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) + requests: + memory: "2Gi" + cpu: "2000m" + limits: + memory: "3Gi" + cpu: "3000m" + # JVM settings + # These are the resource allocation configurations associated with the JVM + # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) + jvm: + # Resource allocation for the Java Heap + heap: + memory: + # Initial and minimum Heap size + xms: "1024m" + # Maximum Heap size + xmx: "1024m" + + # If the deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), + # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) +# config: "" +# deployment.toml: |- +# # deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + + # Configure Ingresses + ingress: + management: + # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal + hostname: "am.wso2.com" + # Annotations for the API Manager Publisher-DevPortal services Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/session-cookie-name: "route" + nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" + gateway: + # Hostname for Gateway profile + hostname: "gateway.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + +kubernetes: + # Name of Kubernetes service account + serviceAccount: "wso2am-pattern-1-svc-account" + +# Override sub chart parameters +mysql-am: + mysql: + persistence: + storageClass: *storage_class diff --git a/simple/create.sh b/simple/create.sh index 83a3d1d0..928f1971 100755 --- a/simple/create.sh +++ b/simple/create.sh @@ -1,6 +1,6 @@ #!/bin/bash -IS_OPEN_SOURCE=FALSE +IS_OPEN_SOURCE=true if $IS_OPEN_SOURCE; then SCRIPT="deployment-scripts/wso2am-ga.sh" @@ -67,12 +67,6 @@ fi cat kubernetes-apim-mysql/wso2apim-mysql-conf.yaml >> $SCRIPT cat kubernetes-apim-mysql/wso2apim-mysql-service.yaml >> $SCRIPT cat kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml >> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml>> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml >> $SCRIPT -cat kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml >> $SCRIPT -cat kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml >> $SCRIPT cat kubernetes-apim/wso2apim-conf.yaml >> $SCRIPT cat kubernetes-apim/wso2apim-service.yaml >> $SCRIPT cat kubernetes-apim/wso2apim-deployment.yaml >> $SCRIPT diff --git a/simple/deployment-scripts/deployment.yaml b/simple/deployment-scripts/deployment.yaml new file mode 100644 index 00000000..24fbacf8 --- /dev/null +++ b/simple/deployment-scripts/deployment.yaml @@ -0,0 +1,3231 @@ + +apiVersion: v1 +kind: Namespace +metadata: + name: wso2 +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: wso2am-pattern-1-svc-account + namespace: wso2 +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: wso2apim-mysql-dbscripts + namespace: wso2 +data: + mysql_apim.sql: |- + DROP DATABASE IF EXISTS WSO2AM_DB; + CREATE DATABASE WSO2AM_DB; + GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; + + USE WSO2AM_DB; + -- Start of IDENTITY Tables-- + CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( + PRODUCT_NAME VARCHAR(20), + PRIMARY KEY (PRODUCT_NAME) + )ENGINE INNODB; + + INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); + + CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY VARCHAR(255), + CONSUMER_SECRET VARCHAR(2048), + USERNAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT 0, + USER_DOMAIN VARCHAR(50), + APP_NAME VARCHAR(255), + OAUTH_VERSION VARCHAR(128), + CALLBACK_URL VARCHAR(2048), + GRANT_TYPES VARCHAR (1024), + PKCE_MANDATORY CHAR(1) DEFAULT '0', + PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', + APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', + USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, + ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, + CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( + REQUEST_TOKEN VARCHAR(255), + REQUEST_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHORIZED VARCHAR(128), + OAUTH_VERIFIER VARCHAR(512), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (REQUEST_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( + ACCESS_TOKEN VARCHAR(255), + ACCESS_TOKEN_SECRET VARCHAR(512), + CONSUMER_KEY_ID INTEGER, + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR(512), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ACCESS_TOKEN), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( + TOKEN_ID VARCHAR (255), + TOKEN_BINDING_TYPE VARCHAR (32), + TOKEN_BINDING_REF VARCHAR (32), + TOKEN_BINDING_VALUE VARCHAR (1024), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + )ENGINE INNODB; + + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( + TOKEN_ID VARCHAR (255), + ACCESS_TOKEN VARCHAR(2048), + REFRESH_TOKEN VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + USER_TYPE VARCHAR (25), + GRANT_TYPE VARCHAR (50), + TIME_CREATED TIMESTAMP NULL, + REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, + VALIDITY_PERIOD BIGINT, + REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, + TOKEN_SCOPE_HASH VARCHAR(32), + TOKEN_STATE VARCHAR(25), + TOKEN_STATE_ID VARCHAR (128) , + SUBJECT_IDENTIFIER VARCHAR(255), + ACCESS_TOKEN_HASH VARCHAR(512), + REFRESH_TOKEN_HASH VARCHAR(512), + INVALIDATED_TIME TIMESTAMP NULL, + IDP_ID INTEGER DEFAULT -1 NOT NULL + ); + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( + CODE_ID VARCHAR (255), + AUTHORIZATION_CODE VARCHAR(2048), + CONSUMER_KEY_ID INTEGER, + CALLBACK_URL VARCHAR(2048), + SCOPE VARCHAR(2048), + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + VALIDITY_PERIOD BIGINT, + STATE VARCHAR (25) DEFAULT 'ACTIVE', + TOKEN_ID VARCHAR(255), + SUBJECT_IDENTIFIER VARCHAR(255), + PKCE_CODE_CHALLENGE VARCHAR(255), + PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), + AUTHORIZATION_CODE_HASH VARCHAR(512), + IDP_ID INTEGER DEFAULT -1 NOT NULL, + PRIMARY KEY (CODE_ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( + CODE_ID VARCHAR(255), + SCOPE VARCHAR(60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (CODE_ID, SCOPE), + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( + CODE_ID VARCHAR(255), + DEVICE_CODE VARCHAR(255), + USER_CODE VARCHAR(25), + CONSUMER_KEY_ID INTEGER, + LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLL_TIME BIGINT, + STATUS VARCHAR (25) DEFAULT 'PENDING', + AUTHZ_USER VARCHAR (100), + TENANT_ID INTEGER, + USER_DOMAIN VARCHAR(50), + IDP_ID INTEGER, + PRIMARY KEY (DEVICE_CODE), + UNIQUE (CODE_ID), + UNIQUE (USER_CODE), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID VARCHAR(255), + SCOPE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( + RESOURCE_PATH VARCHAR(255) NOT NULL, + SCOPE_ID INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + ROLE_NAME VARCHAR(255) NOT NULL, + ATTR_NAME VARCHAR(1024) NOT NULL, + ATTR_VALUE VARCHAR(1024), + PRIMARY KEY (ID) + )ENGINE INNODB; + + + + CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + COOKIE_VALUE VARCHAR(1024), + CREATED_TIME TIMESTAMP, + PRIMARY KEY (USER_NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT 0, + RP_URL VARCHAR(255) NOT NULL, + TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', + LAST_VISIT DATE NOT NULL, + VISIT_COUNT INTEGER DEFAULT 0, + DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', + PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( + HANDLE VARCHAR(255) NOT NULL, + ASSOC_TYPE VARCHAR(255) NOT NULL, + EXPIRE_IN TIMESTAMP NOT NULL, + MAC_KEY VARCHAR(255) NOT NULL, + ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (HANDLE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( + ID INTEGER AUTO_INCREMENT, + TOKEN_ID VARCHAR(255) NOT NULL, + TOKEN_CONTENT BLOB(1024) NOT NULL, + CREATE_DATE TIMESTAMP NOT NULL, + EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + STATE INTEGER DEFAULT 0, + PRIMARY KEY (ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( + TENANT_ID INTEGER DEFAULT -1234, + USER_NAME VARCHAR(255) NOT NULL, + DATA_KEY VARCHAR(255) NOT NULL, + DATA_VALUE VARCHAR(2048), + PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + METADATA_TYPE VARCHAR(255) NOT NULL, + METADATA VARCHAR(255) NOT NULL, + VALID VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( + SESSION_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + CREATED_TIME VARCHAR(255) NOT NULL, + LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (SESSION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + )ENGINE INNODB; + + + + + CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + OPERATION VARCHAR(10) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED BIGINT, + TENANT_ID INTEGER DEFAULT -1, + EXPIRY_TIME BIGINT, + PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + IDP_ID INTEGER NOT NULL, + PRIMARY KEY (USER_ID), + CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); + + CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( + USER_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); + + CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( + SESSION_ID VARCHAR (100) NOT NULL, + SUBJECT VARCHAR (100) NOT NULL, + APP_ID INTEGER NOT NULL, + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( + SESSION_ID VARCHAR (100) NOT NULL, + PROPERTY_TYPE VARCHAR (100) NOT NULL, + VALUE VARCHAR (255) NOT NULL, + PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS SP_APP ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + APP_NAME VARCHAR (255) NOT NULL , + USER_STORE VARCHAR (255) NOT NULL, + USERNAME VARCHAR (255) NOT NULL , + DESCRIPTION VARCHAR (1024), + ROLE_CLAIM VARCHAR (512), + AUTH_TYPE VARCHAR (255) NOT NULL, + PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), + IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', + IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', + IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', + IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', + ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', + SUBJECT_CLAIM_URI VARCHAR (512), + IS_SAAS_APP CHAR(1) DEFAULT '0', + IS_DUMB_MODE CHAR(1) DEFAULT '0', + UUID CHAR(36), + IMAGE_URL VARCHAR(1024), + ACCESS_URL VARCHAR(1024), + IS_DISCOVERABLE CHAR(1) DEFAULT '0', + + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); + ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); + + CREATE TABLE IF NOT EXISTS SP_METADATA ( + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + INBOUND_AUTH_KEY VARCHAR (255), + INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, + INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, + PROP_NAME VARCHAR (255), + PROP_VALUE VARCHAR (1024) , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + STEP_ORDER INTEGER DEFAULT 1, + APP_ID INTEGER NOT NULL , + IS_SUBJECT_STEP CHAR(1) DEFAULT '0', + IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_ID INTEGER NOT NULL, + PRIMARY KEY (ID, AUTHENTICATOR_ID) + )ENGINE INNODB; + + ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); + + ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_CLAIM VARCHAR (512) NOT NULL , + SP_CLAIM VARCHAR (512) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_REQUESTED VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', + DEFAULT_VALUE VARCHAR(255), + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_ROLE VARCHAR (255) NOT NULL , + SP_ROLE VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + IDP_NAME VARCHAR (255) NOT NULL , + CONNECTOR_NAME VARCHAR (255) NOT NULL , + APP_ID INTEGER NOT NULL, + IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', + BLOCKING CHAR(1) NOT NULL DEFAULT '0', + RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID) + )ENGINE INNODB; + + ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; + + CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID)); + + CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + CONTENT BLOB DEFAULT NULL, + PRIMARY KEY (ID), + CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); + + CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + LONG_WAIT_KEY VARCHAR(255) NOT NULL, + WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); + + CREATE TABLE IF NOT EXISTS IDP ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_ROLE ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_CLAIM ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( + ID INTEGER AUTO_INCREMENT, + IDP_CLAIM_ID INTEGER, + TENANT_ID INTEGER, + LOCAL_CLAIM VARCHAR(253), + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), + FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '1', + DISPLAY_NAME VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_METADATA ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + AUTHENTICATOR_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047), + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), + FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, + IS_ENABLED CHAR (1) DEFAULT '0', + IS_BLOCKING CHAR (1) DEFAULT '0', + IS_RULES_ENABLED CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + PROVISIONING_CONFIG_ID INTEGER, + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2048), + PROPERTY_BLOB_VALUE BLOB, + PROPERTY_TYPE CHAR(32) NOT NULL, + IS_SECRET CHAR (1) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( + ID INTEGER AUTO_INCREMENT, + PROVISIONING_CONFIG_ID INTEGER, + ENTITY_TYPE VARCHAR(255) NOT NULL, + ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, + ENTITY_NAME VARCHAR(255) NOT NULL, + ENTITY_VALUE VARCHAR(255), + TENANT_ID INTEGER, + ENTITY_LOCAL_ID VARCHAR(255), + PRIMARY KEY (ID), + UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), + UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), + FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + IDP_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + DEFAULT_VALUE VARCHAR(255), + IS_REQUESTED VARCHAR(128) DEFAULT '0', + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( + ID INTEGER AUTO_INCREMENT, + IDP_USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + IDP_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + ASSOCIATION_ID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + USER_HANDLE VARCHAR(64) NOT NULL, + CREDENTIAL_ID VARCHAR(200) NOT NULL, + PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, + SIGNATURE_COUNT BIGINT, + USER_IDENTITY VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(255), + IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', + PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(255), + HOST_URL_WORKER VARCHAR(255), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(1023), + CALLBACK_HOST VARCHAR (45), + CALLBACK_USERNAME VARCHAR (45), + CALLBACK_PASSWORD VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY(ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + ASSERTION BLOB , + PRIMARY KEY (ID) + )ENGINE INNODB; + + CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( + ID INT(11) NOT NULL AUTO_INCREMENT, + SOURCE_ID VARCHAR(255) NOT NULL, + MESSAGE_HANDLER VARCHAR(255) NOT NULL, + AUTHN_REQ_DTO BLOB NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + EXP_TIMESTAMP TIMESTAMP NOT NULL, + INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + ASSERTION_ID VARCHAR(255), + PRIMARY KEY (`ID`) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , + VALUE VARCHAR(255) , + IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SCOPE_ID INTEGER NOT NULL, + EXTERNAL_CLAIM_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, + FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( + AUTH_CODE_KEY CHAR (36), + AUTH_REQ_ID CHAR (36), + ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + CONSUMER_KEY VARCHAR(255), + LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + POLLING_INTERVAL INTEGER, + EXPIRES_IN INTEGER, + AUTHENTICATED_USER_NAME VARCHAR(255), + USER_STORE_DOMAIN VARCHAR(100), + TENANT_ID INTEGER, + AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', + IDP_ID INTEGER, + UNIQUE(AUTH_REQ_ID), + PRIMARY KEY (AUTH_CODE_KEY), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( + AUTH_CODE_KEY CHAR (36), + SCOPE VARCHAR (255), + FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; + + -- --------------------------- INDEX CREATION ----------------------------- + -- IDN_OAUTH2_ACCESS_TOKEN -- + CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); + CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); + CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); + CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); + CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); + CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); + CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); + CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); + + -- IDN_OAUTH2_AUTHORIZATION_CODE -- + CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); + CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); + CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); + CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); + + -- IDN_SCIM_GROUP -- + CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); + CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); + + -- IDN_AUTH_SESSION_STORE -- + CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); + + -- IDN_AUTH_TEMP_SESSION_STORE -- + CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); + + -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- + CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); + + -- IDN_OAUTH2_SCOPE -- + CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); + + -- IDN_OAUTH2_SCOPE_BINDING -- + CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); + + -- IDN_OIDC_REQ_OBJECT_REFERENCE -- + CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); + + -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- + CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); + + -- SP_TEMPLATE -- + CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); + + -- IDN_AUTH_USER -- + CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); + CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); + + -- IDN_AUTH_USER_SESSION_MAPPING -- + CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); + CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); + + -- IDN_OAUTH_CONSUMER_APPS -- + CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); + + -- IDX_SPI_APP -- + CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); + + -- IDN_OIDC_PROPERTY -- + CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); + + -- IDN_FIDO2_PROPERTY -- + CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); + + -- IDN_ASSOCIATED_ID -- + CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); + + -- IDN_OAUTH2_TOKEN_BINDING -- + CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); + + -- IDN_FED_AUTH_SESSION_MAPPING -- + CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + + -- End of IDENTITY Tables-- + + -- Start of CONSENT-MGT Tables -- + + CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) + ); + + CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) + ); + + CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + PURPOSE_GROUP VARCHAR(255) NOT NULL, + GROUP_TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), + PRIMARY KEY (ID) + ); + + CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) + ); + + CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) + ); + + CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) + ); + + CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) + ); + + CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + IS_MANDATORY INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) + ); + + CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) + ); + + CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) + ); + + ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + + ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + + ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + + ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + + ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + + ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + + ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + + ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + + INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); + + INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); + -- End of CONSENT-MGT Tables -- + + -- Start of API-MGT Tables -- + CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( + SUBSCRIBER_ID INTEGER AUTO_INCREMENT, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EMAIL_ADDRESS VARCHAR(256) NULL, + DATE_SUBSCRIBED TIMESTAMP NOT NULL, + PRIMARY KEY (SUBSCRIBER_ID), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE (TENANT_ID,USER_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_APPLICATION ( + APPLICATION_ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(100), + SUBSCRIBER_ID INTEGER, + APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', + CALLBACK_URL VARCHAR(512), + DESCRIPTION VARCHAR(512), + APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', + GROUP_ID VARCHAR(100), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + TOKEN_TYPE VARCHAR(10), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID), + UNIQUE (NAME,SUBSCRIBER_ID), + UNIQUE (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API ( + API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), + API_PROVIDER VARCHAR(200), + API_NAME VARCHAR(200), + API_VERSION VARCHAR(30), + CONTEXT VARCHAR(256), + CONTEXT_TEMPLATE VARCHAR(256), + API_TIER VARCHAR(256), + API_TYPE VARCHAR(10), + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, + PRIMARY KEY(API_ID), + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( + UUID VARCHAR(256), + API_ID INTEGER NOT NULL, + TYPE VARCHAR(256), + FIELD VARCHAR(256), + COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY(UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( + URL_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + HTTP_METHOD VARCHAR(20) NULL, + AUTH_SCHEME VARCHAR(50) NULL, + URL_PATTERN VARCHAR(512) NULL, + THROTTLING_TIER varchar(512) DEFAULT NULL, + MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), + PRIMARY KEY (URL_MAPPING_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( + SCOPE_NAME VARCHAR(255) NOT NULL, + URL_MAPPING_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( + API_ID INTEGER NOT NULL, + AUDIT_UUID VARCHAR(255) NOT NULL, + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (API_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( + SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, + TIER_ID VARCHAR(50), + TIER_ID_PENDING VARCHAR(50), + API_ID INTEGER, + LAST_ACCESSED TIMESTAMP NULL, + APPLICATION_ID INTEGER, + SUB_STATUS VARCHAR(50), + SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', + CREATED_BY VARCHAR(100), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_BY VARCHAR(100), + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UUID VARCHAR(256), + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (SUBSCRIPTION_ID), + UNIQUE (UUID) + )ENGINE INNODB; + + + + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( + UUID VARCHAR(100), + APPLICATION_ID INTEGER, + CONSUMER_KEY VARCHAR(255), + KEY_TYPE VARCHAR(512) NOT NULL, + STATE VARCHAR(30) NOT NULL, + CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', + KEY_MANAGER VARCHAR(100), + APP_INFO BLOB , + FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( + EVENT_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER NOT NULL, + PREVIOUS_STATE VARCHAR(50), + NEW_STATE VARCHAR(50) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + EVENT_DATE TIMESTAMP NOT NULL, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (EVENT_ID) + )ENGINE INNODB; + + CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( + CONSUMER_KEY VARCHAR(255), + AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', + PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( + COMMENT_ID VARCHAR(64) NOT NULL, + COMMENT_TEXT VARCHAR(512), + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + API_ID INTEGER, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), + PRIMARY KEY (COMMENT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( + RATING_ID VARCHAR(255) NOT NULL, + API_ID INTEGER, + RATING INTEGER, + SUBSCRIBER_ID INTEGER, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (RATING_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( + TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, + TIER VARCHAR(50) NOT NULL, + PERMISSIONS_TYPE VARCHAR(50) NOT NULL, + ROLES VARCHAR(512) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY(TIER_PERMISSIONS_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( + APISTORE_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + STORE_ID VARCHAR(255) NOT NULL, + STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, + STORE_ENDPOINT VARCHAR(255) NOT NULL, + STORE_TYPE VARCHAR(255) NOT NULL, + LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (APISTORE_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( + WF_ID INTEGER AUTO_INCREMENT, + WF_REFERENCE VARCHAR(255) NOT NULL, + WF_TYPE VARCHAR(255) NOT NULL, + WF_STATUS VARCHAR(255) NOT NULL, + WF_CREATED_TIME TIMESTAMP, + WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , + WF_STATUS_DESC VARCHAR(1000), + TENANT_ID INTEGER, + TENANT_DOMAIN VARCHAR(255), + WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, + WF_METADATA BLOB DEFAULT NULL, + WF_PROPERTIES BLOB DEFAULT NULL, + PRIMARY KEY (WF_ID), + UNIQUE (WF_EXTERNAL_REFERENCE) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( + REG_ID INT AUTO_INCREMENT, + SUBSCRIBER_ID INT, + WF_REF VARCHAR(255) NOT NULL, + APP_ID INT, + TOKEN_TYPE VARCHAR(30), + TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', + INPUTS VARCHAR(1000), + ALLOWED_DOMAINS VARCHAR(256), + VALIDITY_PERIOD BIGINT, + KEY_MANAGER VARCHAR(255) NOT NULL, + UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), + FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PRIMARY KEY (REG_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( + NAME VARCHAR(255) NOT NULL, + UUID VARCHAR (256), + TENANT_ID INTEGER, + PRIMARY KEY (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( + DEFAULT_VERSION_ID INT AUTO_INCREMENT, + API_NAME VARCHAR(256) NOT NULL , + API_PROVIDER VARCHAR(256) NOT NULL , + DEFAULT_API_VERSION VARCHAR(30) , + PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , + PRIMARY KEY (DEFAULT_VERSION_ID) + )ENGINE = INNODB; + + CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); + + CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( + ALERT_TYPE_ID INTEGER AUTO_INCREMENT, + ALERT_TYPE_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL, + PRIMARY KEY (ALERT_TYPE_ID) + )ENGINE = INNODB; + + CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( + ALERT_TYPE_ID INTEGER, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) + )ENGINE = INNODB; + + CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , + PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) + )ENGINE = INNODB; + + CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( + EMAIL_LIST_ID INTEGER, + EMAIL VARCHAR(255), + PRIMARY KEY (EMAIL_LIST_ID,EMAIL) + )ENGINE = INNODB; + + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); + INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); + + + + -- AM Throttling tables -- + + CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, + RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, + BILLING_PLAN VARCHAR(20) NOT NULL, + UUID VARCHAR(256), + MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, + FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, + BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, + PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, + CURRENCY VARCHAR(15) NULL DEFAULT NULL, + MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, + MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) + )ENGINE = InnoDB; + + CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) + )ENGINE = InnoDB; + + CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + QUOTA_TYPE VARCHAR(25) NOT NULL, + QUOTA INT(11) NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INT(11) NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) + )ENGINE = InnoDB; + + + CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR (1024), + DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, + DEFAULT_QUOTA INTEGER NOT NULL, + DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, + DEFAULT_UNIT_TIME INTEGER NOT NULL, + DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, + APPLICABLE_LEVEL VARCHAR(25) NOT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), + UNIQUE (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( + CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, + POLICY_ID INTEGER NOT NULL, + QUOTA_TYPE VARCHAR(25), + QUOTA INTEGER NOT NULL, + QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, + UNIT_TIME INTEGER NOT NULL, + TIME_UNIT VARCHAR(25) NOT NULL, + DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, + PRIMARY KEY (CONDITION_GROUP_ID), + FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( + QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + PARAMETER_NAME VARCHAR(255) DEFAULT NULL, + PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (QUERY_PARAMETER_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( + HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, + HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (HEADER_FIELD_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( + JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, + CONDITION_GROUP_ID INTEGER NOT NULL, + CLAIM_URI VARCHAR(512) DEFAULT NULL, + CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + PRIMARY KEY (JWT_CLAIM_ID), + FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( + AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, + STARTING_IP VARCHAR(45) NULL, + ENDING_IP VARCHAR(45) NULL, + SPECIFIC_IP VARCHAR(45) NULL, + WITHIN_IP_RANGE BOOLEAN DEFAULT 1, + CONDITION_GROUP_ID INT NULL, + PRIMARY KEY (AM_IP_CONDITION_ID), + INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) + REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) + ENGINE = InnoDB; + + + CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( + POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, + NAME VARCHAR(512) NOT NULL, + KEY_TEMPLATE VARCHAR(512) NOT NULL, + TENANT_ID INT(11) NOT NULL, + DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, + SIDDHI_QUERY BLOB DEFAULT NULL, + IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, + UUID VARCHAR(256), + PRIMARY KEY (POLICY_ID), + UNIQUE (UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( + THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, + TIER VARCHAR(50) NULL, + PERMISSIONS_TYPE VARCHAR(50) NULL, + ROLES VARCHAR(512) NULL, + TENANT_ID INT(11) NULL, + PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) + ENGINE = InnoDB; + + CREATE TABLE `AM_BLOCK_CONDITIONS` ( + `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, + `TYPE` varchar(45) DEFAULT NULL, + `VALUE` varchar(512) DEFAULT NULL, + `ENABLED` varchar(45) DEFAULT NULL, + `DOMAIN` varchar(45) DEFAULT NULL, + `UUID` VARCHAR(256), + PRIMARY KEY (`CONDITION_ID`), + UNIQUE (`UUID`) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(255) NOT NULL, + `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `API_ID` INTEGER NOT NULL, + `CERTIFICATE` BLOB NOT NULL, + `REMOVED` BOOLEAN NOT NULL DEFAULT 0, + `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', + FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512) NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( + APPLICATION_ID int(11) NOT NULL, + NAME varchar(255) NOT NULL, + VALUE varchar(1024) NOT NULL, + TENANT_ID int(11) NOT NULL, + PRIMARY KEY (APPLICATION_ID,NAME), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(50) NOT NULL, + CONSUMER_KEY VARCHAR(512) NOT NULL, + CONSUMER_SECRET VARCHAR(512) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', + UNIQUE (CONSUMER_KEY), + PRIMARY KEY (ID) + ) ENGINE=InnoDB; + + -- BotDATA Email table -- + CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( + UUID VARCHAR(255), + CATEGORY VARCHAR(255), + NOTIFICATION_METHOD VARCHAR(255), + SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, + PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( + UUID VARCHAR(255) NOT NULL, + SIGNATURE VARCHAR(2048) NOT NULL, + EXPIRY_TIMESTAMP BIGINT NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (UUID) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( + UUID VARCHAR(50), + NAME VARCHAR(255), + DESCRIPTION VARCHAR(1024), + TENANT_ID INTEGER DEFAULT -1, + UNIQUE (NAME,TENANT_ID), + PRIMARY KEY (UUID) + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_USER ( + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) + ) ENGINE=InnoDB; + + -- Tenant Themes Table -- + CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( + TENANT_ID INTEGER NOT NULL, + THEME MEDIUMBLOB NOT NULL, + PRIMARY KEY (TENANT_ID) + ) ENGINE=InnoDB; + -- End of API-MGT Tables -- + + -- UMA tables -- + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_ID VARCHAR(255), + RESOURCE_NAME VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL, + RESOURCE_OWNER_NAME VARCHAR(255), + CLIENT_ID VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1234, + USER_DOMAIN VARCHAR(50), + PRIMARY KEY (ID) + ); + + CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); + + CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + PROPERTY_KEY VARCHAR(40), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ); + + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( + ID INTEGER AUTO_INCREMENT NOT NULL, + RESOURCE_IDENTITY INTEGER NOT NULL, + SCOPE_NAME VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ); + + CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); + + CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( + ID INTEGER AUTO_INCREMENT NOT NULL, + PT VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', + TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), + PRIMARY KEY (ID) + ); + + CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); + + CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE + ); + + CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( + ID INTEGER AUTO_INCREMENT NOT NULL, + PT_RESOURCE_ID INTEGER NOT NULL, + PT_SCOPE_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, + FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE + ); + + CREATE TABLE IF NOT EXISTS AM_USER ( + USER_ID VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY(USER_ID) + ); + + CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( + UUID VARCHAR(50) NOT NULL, + NAME VARCHAR(100) NULL, + DISPLAY_NAME VARCHAR(100) NULL, + DESCRIPTION VARCHAR(256) NULL, + TYPE VARCHAR(45) NULL, + CONFIGURATION BLOB NULL, + ENABLED BOOLEAN DEFAULT 1, + TENANT_DOMAIN VARCHAR(100) NULL, + PRIMARY KEY (UUID), + UNIQUE (NAME,TENANT_DOMAIN) + ); + + -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- + -- should not have any referential integrity constraints with other tables in AM database-- + CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( + API_ID varchar(255) NOT NULL, + TENANT_DOMAIN varchar(255), + API_PROVIDER varchar(255), + API_NAME varchar(255), + API_VERSION varchar(255), + API_TYPE varchar(50), + PRIMARY KEY (API_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, + TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + ) ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_SCOPE ( + SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(512), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + SCOPE_TYPE VARCHAR(255) NOT NULL, + PRIMARY KEY (SCOPE_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255) NOT NULL, + BINDING_TYPE VARCHAR(255) NOT NULL, + FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + )ENGINE INNODB; + + -- Performance indexes start-- + + create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); + create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); + create index IDX_AAI_CTX on AM_API (CONTEXT); + create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); + create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); + create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); + create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); + create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); + create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); + create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); + create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); + create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); + create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); + + -- Performance indexes end-- + + mysql_shared.sql: |- + DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; + CREATE DATABASE WSO2AM_SHARED_DB; + GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; + + USE WSO2AM_SHARED_DB; + CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_LOG ( + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); + + -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. + -- See CARBON-5917. + + CREATE TABLE IF NOT EXISTS REG_PATH( + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); + + CREATE TABLE IF NOT EXISTS REG_CONTENT ( + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_RESOURCE ( + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); + CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); + CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); + + CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( + REG_PATH_ID INTEGER NOT NULL, + REG_NAME VARCHAR(256), + REG_VERSION INTEGER NOT NULL, + REG_MEDIA_TYPE VARCHAR(500), + REG_CREATOR VARCHAR(255) NOT NULL, + REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_LAST_UPDATOR VARCHAR(255), + REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REG_DESCRIPTION VARCHAR(1000), + REG_CONTENT_ID INTEGER, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + REG_UUID VARCHAR(100) NOT NULL, + CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); + + CREATE TABLE IF NOT EXISTS REG_COMMENT ( + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_COMMENT_TEXT VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_COMMENTED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( + REG_COMMENT_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); + + CREATE TABLE IF NOT EXISTS REG_RATING ( + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_RATING INTEGER NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_RATED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( + REG_RATING_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); + + + CREATE TABLE IF NOT EXISTS REG_TAG ( + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_TAG_NAME VARCHAR(500) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, + REG_TAGGED_TIME TIMESTAMP NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( + REG_TAG_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); + + CREATE TABLE IF NOT EXISTS REG_PROPERTY ( + REG_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_NAME VARCHAR(100) NOT NULL, + REG_VALUE VARCHAR(1000), + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( + REG_PROPERTY_ID INTEGER NOT NULL, + REG_VERSION INTEGER, + REG_PATH_ID INTEGER, + REG_RESOURCE_NAME VARCHAR(256), + REG_TENANT_ID INTEGER DEFAULT 0 + )ENGINE INNODB; + + ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); + CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); + + -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( + -- SRC_PATH_ID INTEGER, + -- SRC_RESOURCE_NAME VARCHAR(256), + -- SRC_VERSION INTEGER, + -- TGT_PATH_ID INTEGER, + -- TGT_RESOURCE_NAME VARCHAR(256), + -- TGT_VERSION INTEGER + -- )ENGINE INNODB; + -- + -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); + -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); + -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); + -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); + -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); + -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); + + + + CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( + REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, + REG_SOURCEPATH VARCHAR (750) NOT NULL, + REG_TARGETPATH VARCHAR (750) NOT NULL, + REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( + REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_ID INTEGER NOT NULL, + REG_RESOURCE_NAME VARCHAR(255), + REG_RESOURCE_VIDS LONGBLOB NOT NULL, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); + + ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); + + + -- ################################ + -- USER MANAGER TABLES + -- ################################ + + CREATE TABLE UM_TENANT ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_EMAIL VARCHAR(255), + UM_ACTIVE BOOLEAN DEFAULT FALSE, + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) + )ENGINE INNODB; + + CREATE TABLE UM_DOMAIN( + UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), + UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) + )ENGINE INNODB; + + CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME + ON UM_TENANT (UM_DOMAIN_NAME); + + CREATE TABLE UM_USER ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_SYSTEM_USER ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_ROLE ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + )ENGINE INNODB; + + + CREATE TABLE UM_MODULE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) + )ENGINE INNODB; + + CREATE TABLE UM_MODULE_ACTIONS( + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE UM_PERMISSION ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); + + CREATE TABLE UM_ROLE_PERMISSION ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) + CREATE TABLE UM_USER_PERMISSION ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) + CREATE TABLE UM_USER_ROLE ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_SHARED_USER_ROLE( + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_USER_TENANT_ID INTEGER NOT NULL, + UM_ROLE_TENANT_ID INTEGER NOT NULL, + UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), + FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE TABLE UM_ACCOUNT_MAPPING( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) + )ENGINE INNODB; + + + CREATE TABLE UM_USER_ATTRIBUTE ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ATTR_NAME VARCHAR(255) NOT NULL, + UM_ATTR_VALUE VARCHAR(1024), + UM_PROFILE_ID VARCHAR(255), + UM_USER_ID INTEGER, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + + CREATE TABLE UM_DIALECT( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_URI VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_CLAIM( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_CLAIM_URI VARCHAR(255) NOT NULL, + UM_DISPLAY_TAG VARCHAR(255), + UM_DESCRIPTION VARCHAR(255), + UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), + UM_MAPPED_ATTRIBUTE VARCHAR(255), + UM_REG_EX VARCHAR(255), + UM_SUPPORTED SMALLINT, + UM_REQUIRED SMALLINT, + UM_DISPLAY_ORDER INTEGER, + UM_CHECKED_ATTRIBUTE SMALLINT, + UM_READ_ONLY SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + + CREATE TABLE UM_PROFILE_CONFIG( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_DIALECT_ID INTEGER NOT NULL, + UM_PROFILE_NAME VARCHAR(255), + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PROFILE_ID INTEGER, + UM_CLAIM_ID INTEGER, + UM_BEHAVIOUR SMALLINT, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), + FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), + PRIMARY KEY(UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + )ENGINE INNODB; + + CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); + + CREATE TABLE UM_HYBRID_USER_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_SYSTEM_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_SYSTEM_USER_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + + CREATE TABLE UM_HYBRID_REMEMBER_ME( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_DOMAIN_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID), + UNIQUE (UM_USER_ID), + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE + )ENGINE INNODB; + + CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); + + +--- + +apiVersion: v1 +kind: Service +metadata: + name: wso2apim-rdbms-service-mysql + namespace: wso2 +spec: + type: ClusterIP + selector: + deployment: wso2apim-mysql + product: api-manager + ports: + - name: mysql-port + port: 3306 + targetPort: 3306 + protocol: TCP +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wso2apim-mysql-deployment + namespace: wso2 +spec: + replicas: 1 + selector: + matchLabels: + deployment: wso2apim-mysql + product: api-manager + template: + metadata: + labels: + deployment: wso2apim-mysql + product: api-manager + spec: + containers: + - name: wso2apim-mysql + # image: mysql:5.7 + image: 192.168.1.5:5000/mysql:5.7 + livenessProbe: + exec: + command: + - sh + - -c + - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" + initialDelaySeconds: 60 + periodSeconds: 10 + readinessProbe: + exec: + command: + - sh + - -c + - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" + initialDelaySeconds: 60 + periodSeconds: 10 + imagePullPolicy: IfNotPresent + securityContext: + runAsUser: 999 + env: + - name: MYSQL_ROOT_PASSWORD + value: root + - name: MYSQL_USER + value: wso2carbon + - name: MYSQL_PASSWORD + value: wso2carbon + ports: + - containerPort: 3306 + protocol: TCP + volumeMounts: + - name: wso2apim-mysql-dbscripts + mountPath: /docker-entrypoint-initdb.d + args: ["--max-connections", "10000"] + volumes: + - name: wso2apim-mysql-dbscripts + configMap: + name: wso2apim-mysql-dbscripts + serviceAccountName: "wso2am-pattern-1-svc-account" +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: wso2am-pattern-1-am-1-conf + namespace: wso2 +data: + deployment.toml: | + + [server] + hostname = "172.17.0.4" + #offset=0 + base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" + #discard_empty_caches = false + server_role = "default" + + [super_admin] + username = "admin" + password = "admin" + create_admin_account = true + + [user_store] + type = "database_unique_id" + + [database.apim_db] + type = "mysql" + url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [database.shared_db] + type = "mysql" + url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [keystore.tls] + file_name = "wso2carbon.jks" + type = "JKS" + password = "wso2carbon" + alias = "wso2carbon" + key_password = "wso2carbon" + + #[keystore.primary] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + #[keystore.internal] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + [[apim.gateway.environment]] + name = "Default" + type = "hybrid" + display_in_api_console = true + description = "This is a hybrid gateway that handles both production and sandbox token traffic." + show_as_token_endpoint_url = true + service_url = "https://localhost:${mgt.transport.https.port}/services/" + username= "${admin.username}" + password= "${admin.password}" + ws_endpoint = "ws://172.17.0.4:9099" + wss_endpoint = "wss://172.17.0.4:8099" + http_endpoint = "http://172.17.0.4:30280" + https_endpoint = "https://172.17.0.4:30243" + websub_event_receiver_http_endpoint = "http://172.17.0.4:9021" + websub_event_receiver_https_endpoint = "https://172.17.0.4:8021" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] + + #[apim.cache.gateway_token] + #enable = true + #expiry_time = "900s" + + #[apim.cache.resource] + #enable = true + #expiry_time = "900s" + + #[apim.cache.km_token] + #enable = false + #expiry_time = "15m" + + #[apim.cache.recent_apis] + #enable = false + + #[apim.cache.scopes] + #enable = true + + #[apim.cache.publisher_roles] + #enable = true + + #[apim.cache.jwt_claim] + #enable = true + #expiry_time = "15m" + + #[apim.cache.tags] + #expiry_time = "2m" + + [apim.analytics] + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" + + #[apim.key_manager] + #service_url = "https://localhost:${mgt.transport.https.port}/services/" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #pool.init_idle_capacity = 50 + #pool.max_idle = 100 + #key_validation_handler_type = "default" + #key_validation_handler_type = "custom" + #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + + #[apim.idp] + #server_url = "https://localhost:${mgt.transport.https.port}" + #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" + #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" + #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" + + #[apim.jwt] + #enable = true + #encoding = "base64" # base64,base64url + #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" + #claim_dialect = "http://wso2.org/claims" + #convert_dialect = false + #header = "X-JWT-Assertion" + #signing_algorithm = "SHA256withRSA" + #enable_user_claims = true + #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" + + #[apim.oauth_config] + #enable_outbound_auth_header = false + #auth_header = "Authorization" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" + #enable_token_encryption = false + #enable_token_hashing = false + + [apim.devportal] + url = "https://172.17.0.4:30443/devportal" + #enable_application_sharing = false + #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl + #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api + #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" + #display_multiple_versions = false + #display_deprecated_apis = false + #enable_comments = true + #enable_ratings = true + #enable_forum = true + #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" + + [apim.cors] + allow_origins = "*" + allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] + allow_credentials = false + + #[apim.throttling] + #enable_data_publishing = true + #enable_policy_deploy = true + #enable_blacklist_condition = true + #enable_persistence = true + #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] + + #[apim.throttling.blacklist_condition] + #start_delay = "5m" + #period = "1h" + + #[apim.throttling.jms] + #start_delay = "5m" + + #[apim.throttling.event_sync] + #hostName = "0.0.0.0" + #port = 11224 + + #[apim.throttling.event_management] + #hostName = "0.0.0.0" + #port = 10005 + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "loadbalance" + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + + #[apim.workflow] + #enable = false + #service_url = "https://localhost:9445/bpmn" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" + #token_endpoint = "https://localhost:${https.nio.port}/token" + #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" + #client_registration_username = "$ref{super_admin.username}" + #client_registration_password = "$ref{super_admin.password}" + + #data bridge config + #[transport.receiver] + #type = "binary" + #worker_threads = 10 + #session_timeout = "30m" + #keystore.file_name = "$ref{keystore.tls.file_name}" + #keystore.password = "$ref{keystore.tls.password}" + #tcp_port = 9611 + #ssl_port = 9711 + #ssl_receiver_thread_pool_size = 100 + #tcp_receiver_thread_pool_size = 100 + #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] + #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + + #[apim.notification] + #from_address = "APIM.com" + #username = "APIM" + #password = "APIM+123" + #hostname = "localhost" + #port = 3025 + #enable_start_tls = false + #enable_authentication = true + + #[apim.token.revocation] + #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" + #enable_realtime_notifier = true + #realtime_notifier.ttl = 5000 + #enable_persistent_notifier = true + #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" + #persistent_notifier.ttl = 5000 + #persistent_notifier.username = "root" + #persistent_notifier.password = "root" + + [[event_handler]] + name="userPostSelfRegistration" + subscriptions=["POST_ADD_USER"] + + [service_provider] + sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + + [database.local] + url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + + [[event_listener]] + id = "token_revocation" + type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" + name = "org.wso2.is.notification.ApimOauthEventInterceptor" + order = 1 + [event_listener.properties] + notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" + username = "${admin.username}" + password = "${admin.password}" + 'header.X-WSO2-KEY-MANAGER' = "default" + + [transport.https.properties] + proxyPort = 30443 +--- + +apiVersion: v1 +kind: Service +metadata: + name: wso2am-pattern-1-am-1-service + namespace: wso2 +spec: + # label keys and values that must match in order to receive traffic for this service + selector: + deployment: wso2am-pattern-1-am + product: api-manager + type: NodePort + ports: + # ports that this service should serve on + - + name: pass-through-http + protocol: TCP + port: 8280 + targetPort: 8280 + nodePort: 30280 + - + name: pass-through-https + protocol: TCP + port: 8243 + targetPort: 8243 + nodePort: 30243 + - + name: servlet-http + protocol: TCP + port: 9763 + targetPort: 9763 + nodePort: 30763 + - + name: servlet-https + protocol: TCP + port: 9443 + targetPort: 9443 + nodePort: 30443 +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wso2am-pattern-1-am-1-deployment + namespace: wso2 +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + deployment: wso2am-pattern-1-am + product: api-manager + template: + metadata: + labels: + deployment: wso2am-pattern-1-am + product: api-manager + spec: + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "wso2apim" + initContainers: + - name: init-db + image: busybox:1.31 + command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] + - name: init-download-mysql-connector + image: busybox:1.31 + command: + - /bin/sh + - "-c" + - | + set -e + wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ + volumeMounts: + - name: mysql-connector-jar + mountPath: /mysql-connector-jar + containers: + - name: wso2am-pattern-1-am + # image: wso2/wso2am:3.2.0 + image: 192.168.1.5:5000/wso2am:4.0.0-rc + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: 250 + periodSeconds: 10 + readinessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: 250 + periodSeconds: 10 + lifecycle: + preStop: + exec: + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + resources: + requests: + memory: 1Gi + cpu: 1000m + limits: + memory: 2Gi + cpu: 2000m + imagePullPolicy: Always + ports: + - + containerPort: 8280 + protocol: "TCP" + - + containerPort: 8243 + protocol: "TCP" + - + containerPort: 9763 + protocol: "TCP" + - + containerPort: 9443 + protocol: "TCP" + env: + - name: HOST_NAME + value: "wso2apim" + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: wso2am-pattern-1-am-1-conf + mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml + subPath: deployment.toml + - name: mysql-connector-jar + mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins + serviceAccountName: wso2am-pattern-1-svc-account + imagePullSecrets: + - name: wso2am-pattern-1-creds + volumes: + - name: wso2am-pattern-1-am-1-conf + configMap: + name: wso2am-pattern-1-am-1-conf + - name: mysql-connector-jar + emptyDir: {} +--- diff --git a/simple/deployment-scripts/wso2am-ga.sh b/simple/deployment-scripts/wso2am-ga.sh old mode 100644 new mode 100755 index 6463d3a0..ee872423 --- a/simple/deployment-scripts/wso2am-ga.sh +++ b/simple/deployment-scripts/wso2am-ga.sh @@ -55,28 +55,6 @@ metadata: name: wso2apim-mysql-dbscripts namespace: wso2 data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); mysql_apim.sql: |- DROP DATABASE IF EXISTS WSO2AM_DB; CREATE DATABASE WSO2AM_DB; @@ -114,10 +92,10 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( @@ -170,7 +148,7 @@ data: PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( @@ -282,20 +260,23 @@ data: DESCRIPTION VARCHAR(512), TENANT_ID INTEGER NOT NULL DEFAULT -1, SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( SCOPE_ID INTEGER NOT NULL, SCOPE_BINDING VARCHAR(255) NOT NULL, BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; @@ -507,11 +488,11 @@ data: ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; @@ -522,7 +503,7 @@ data: SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE INNODB; @@ -593,62 +574,62 @@ data: CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( @@ -893,14 +874,13 @@ data: CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, TENANT_ID INTEGER DEFAULT -1, SALT_VALUE VARCHAR(255), HASH VARCHAR(255) NOT NULL, TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( @@ -1027,12 +1007,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( @@ -1046,12 +1026,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( @@ -1079,15 +1059,135 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; + -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); @@ -1162,6 +1262,16 @@ data: -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + -- End of IDENTITY Tables-- -- Start of CONSENT-MGT Tables -- @@ -1330,6 +1440,7 @@ data: CREATE TABLE IF NOT EXISTS AM_API ( API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), API_PROVIDER VARCHAR(200), API_NAME VARCHAR(200), API_VERSION VARCHAR(30), @@ -1341,10 +1452,19 @@ data: CREATED_TIME TIMESTAMP, UPDATED_BY VARCHAR(100), UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) + )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( UUID VARCHAR(256), @@ -1352,9 +1472,9 @@ data: TYPE VARCHAR(256), FIELD VARCHAR(256), COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) + PRIMARY KEY(UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( @@ -1365,6 +1485,7 @@ data: URL_PATTERN VARCHAR(512) NULL, THROTTLING_TIER varchar(512) DEFAULT NULL, MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), PRIMARY KEY (URL_MAPPING_ID) )ENGINE INNODB; @@ -1384,12 +1505,13 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( @@ -1412,13 +1534,7 @@ data: UNIQUE (UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( UUID VARCHAR(100), @@ -1452,12 +1568,17 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, + COMMENT_ID VARCHAR(64) NOT NULL, COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), PRIMARY KEY (COMMENT_ID) )ENGINE INNODB; @@ -1545,38 +1666,38 @@ data: CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; @@ -1606,7 +1727,7 @@ data: RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, BILLING_PLAN VARCHAR(20) NOT NULL, UUID VARCHAR(256), @@ -1617,6 +1738,7 @@ data: CURRENCY VARCHAR(15) NULL DEFAULT NULL, MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, PRIMARY KEY (POLICY_ID), UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1634,8 +1756,8 @@ data: UNIT_TIME INT(11) NOT NULL, TIME_UNIT VARCHAR(25) NOT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), PRIMARY KEY (POLICY_ID), UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1694,7 +1816,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, PARAMETER_NAME VARCHAR(255) DEFAULT NULL, PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (QUERY_PARAMETER_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1704,7 +1826,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (HEADER_FIELD_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1714,7 +1836,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, CLAIM_URI VARCHAR(512) DEFAULT NULL, CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (JWT_CLAIM_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1769,6 +1891,7 @@ data: `TENANT_ID` INT(11) NOT NULL, `ALIAS` VARCHAR(255) NOT NULL, `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) ) ENGINE=InnoDB; @@ -1779,8 +1902,9 @@ data: `CERTIFICATE` BLOB NOT NULL, `REMOVED` BOOLEAN NOT NULL DEFAULT 0, `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( @@ -1817,22 +1941,6 @@ data: FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( ID INTEGER AUTO_INCREMENT, NAME VARCHAR(50) NOT NULL, @@ -1842,7 +1950,7 @@ data: TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) - ) ENGINE=InnoDB; + ) ENGINE=InnoDB; -- BotDATA Email table -- CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( @@ -1903,6 +2011,8 @@ data: CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( ID INTEGER AUTO_INCREMENT NOT NULL, RESOURCE_IDENTITY INTEGER NOT NULL, @@ -1929,6 +2039,7 @@ data: EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), PRIMARY KEY (ID) ); @@ -1979,16 +2090,25 @@ data: API_PROVIDER varchar(255), API_NAME varchar(255), API_VERSION varchar(255), + API_TYPE varchar(50), PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; + )ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION ) ENGINE=InnoDB; @@ -2009,6 +2129,114 @@ data: FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + )ENGINE INNODB; + -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); @@ -2034,22 +2262,22 @@ data: USE WSO2AM_SHARED_DB; CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); @@ -2058,29 +2286,29 @@ data: -- See CARBON-5917. CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE ( @@ -2088,9 +2316,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2112,9 +2340,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2132,7 +2360,7 @@ data: CREATE TABLE IF NOT EXISTS REG_COMMENT ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_COMMENTED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2154,7 +2382,7 @@ data: CREATE TABLE IF NOT EXISTS REG_RATING ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_RATED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2177,7 +2405,7 @@ data: CREATE TABLE IF NOT EXISTS REG_TAG ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_TAGGED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2263,14 +2491,16 @@ data: -- ################################ CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, UM_EMAIL VARCHAR(255), UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) )ENGINE INNODB; CREATE TABLE UM_DOMAIN( @@ -2285,100 +2515,100 @@ data: ON UM_TENANT (UM_DOMAIN_NAME); CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( @@ -2392,14 +2622,14 @@ data: )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) )ENGINE INNODB; @@ -2416,6 +2646,8 @@ data: CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + CREATE TABLE UM_DIALECT( UM_ID INTEGER NOT NULL AUTO_INCREMENT, UM_DIALECT_URI VARCHAR(255) NOT NULL, @@ -2436,7 +2668,7 @@ data: UM_SUPPORTED SMALLINT, UM_REQUIRED SMALLINT, UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, + UM_CHECKED_ATTRIBUTE SMALLINT, UM_READ_ONLY SMALLINT, UM_TENANT_ID INTEGER DEFAULT 0, UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), @@ -2480,10 +2712,22 @@ data: UM_USER_NAME VARCHAR(255), UM_ROLE_ID INTEGER NOT NULL, UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, + UM_DOMAIN_ID INTEGER, UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; @@ -2508,11 +2752,11 @@ data: CREATE TABLE UM_HYBRID_REMEMBER_ME( UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( @@ -2527,6 +2771,7 @@ data: CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); + --- apiVersion: v1 @@ -2565,7 +2810,8 @@ spec: spec: containers: - name: wso2apim-mysql - image: mysql:5.7 + # image: mysql:5.7 + image: 192.168.1.5:5000/mysql:5.7 livenessProbe: exec: command: @@ -2606,1215 +2852,6 @@ spec: serviceAccountName: "wso2am-pattern-1-svc-account" --- -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- - apiVersion: v1 kind: ConfigMap metadata: @@ -3825,9 +2862,7 @@ data: [server] hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha + #offset=0 base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -3876,7 +2911,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -3888,6 +2923,11 @@ data: wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" + websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim":9021" + websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim":8021" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -3918,23 +2958,9 @@ data: #expiry_time = "2m" [apim.analytics] - enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -3982,11 +3008,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false #[apim.throttling] @@ -4159,9 +3187,6 @@ spec: - name: init-db image: busybox:1.31 command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - name: init-download-mysql-connector image: busybox:1.31 command: @@ -4175,7 +3200,8 @@ spec: mountPath: /mysql-connector-jar containers: - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 + # image: "$image.pull.@.wso2"/wso2am:3.2.0 + image: 192.168.1.5:5000/wso2am:4.0.0-rc livenessProbe: exec: command: @@ -4490,7 +3516,6 @@ function deploy(){ echoBold "\thttps://$NODE_IP:30443/carbon/\n" echoBold "\thttps://$NODE_IP:30443/publisher/\n" echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" echoBold "from your favourite browser using credentials admin/admin\n\n" echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" diff --git a/simple/deployment-scripts/wso2am-latest.sh b/simple/deployment-scripts/wso2am-latest.sh index 8673c8b3..d2dd3b24 100755 --- a/simple/deployment-scripts/wso2am-latest.sh +++ b/simple/deployment-scripts/wso2am-latest.sh @@ -65,28 +65,6 @@ metadata: name: wso2apim-mysql-dbscripts namespace: wso2 data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); mysql_apim.sql: |- DROP DATABASE IF EXISTS WSO2AM_DB; CREATE DATABASE WSO2AM_DB; @@ -124,10 +102,10 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( @@ -180,7 +158,7 @@ data: PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( @@ -292,20 +270,23 @@ data: DESCRIPTION VARCHAR(512), TENANT_ID INTEGER NOT NULL DEFAULT -1, SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( SCOPE_ID INTEGER NOT NULL, SCOPE_BINDING VARCHAR(255) NOT NULL, BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; @@ -517,11 +498,11 @@ data: ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; @@ -532,7 +513,7 @@ data: SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE INNODB; @@ -603,62 +584,62 @@ data: CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( @@ -903,14 +884,13 @@ data: CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, TENANT_ID INTEGER DEFAULT -1, SALT_VALUE VARCHAR(255), HASH VARCHAR(255) NOT NULL, TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( @@ -1037,12 +1017,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( @@ -1056,12 +1036,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( @@ -1089,15 +1069,135 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; + -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); @@ -1172,6 +1272,16 @@ data: -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + -- End of IDENTITY Tables-- -- Start of CONSENT-MGT Tables -- @@ -1340,6 +1450,7 @@ data: CREATE TABLE IF NOT EXISTS AM_API ( API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), API_PROVIDER VARCHAR(200), API_NAME VARCHAR(200), API_VERSION VARCHAR(30), @@ -1351,10 +1462,19 @@ data: CREATED_TIME TIMESTAMP, UPDATED_BY VARCHAR(100), UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) + )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( UUID VARCHAR(256), @@ -1362,9 +1482,9 @@ data: TYPE VARCHAR(256), FIELD VARCHAR(256), COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) + PRIMARY KEY(UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( @@ -1375,6 +1495,7 @@ data: URL_PATTERN VARCHAR(512) NULL, THROTTLING_TIER varchar(512) DEFAULT NULL, MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), PRIMARY KEY (URL_MAPPING_ID) )ENGINE INNODB; @@ -1394,12 +1515,13 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( @@ -1422,13 +1544,7 @@ data: UNIQUE (UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( UUID VARCHAR(100), @@ -1462,12 +1578,17 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, + COMMENT_ID VARCHAR(64) NOT NULL, COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), PRIMARY KEY (COMMENT_ID) )ENGINE INNODB; @@ -1555,38 +1676,38 @@ data: CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; @@ -1616,7 +1737,7 @@ data: RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, BILLING_PLAN VARCHAR(20) NOT NULL, UUID VARCHAR(256), @@ -1627,6 +1748,7 @@ data: CURRENCY VARCHAR(15) NULL DEFAULT NULL, MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, PRIMARY KEY (POLICY_ID), UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1644,8 +1766,8 @@ data: UNIT_TIME INT(11) NOT NULL, TIME_UNIT VARCHAR(25) NOT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), PRIMARY KEY (POLICY_ID), UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1704,7 +1826,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, PARAMETER_NAME VARCHAR(255) DEFAULT NULL, PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (QUERY_PARAMETER_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1714,7 +1836,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (HEADER_FIELD_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1724,7 +1846,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, CLAIM_URI VARCHAR(512) DEFAULT NULL, CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (JWT_CLAIM_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1779,6 +1901,7 @@ data: `TENANT_ID` INT(11) NOT NULL, `ALIAS` VARCHAR(255) NOT NULL, `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) ) ENGINE=InnoDB; @@ -1789,8 +1912,9 @@ data: `CERTIFICATE` BLOB NOT NULL, `REMOVED` BOOLEAN NOT NULL DEFAULT 0, `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( @@ -1827,22 +1951,6 @@ data: FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( ID INTEGER AUTO_INCREMENT, NAME VARCHAR(50) NOT NULL, @@ -1852,7 +1960,7 @@ data: TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) - ) ENGINE=InnoDB; + ) ENGINE=InnoDB; -- BotDATA Email table -- CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( @@ -1913,6 +2021,8 @@ data: CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( ID INTEGER AUTO_INCREMENT NOT NULL, RESOURCE_IDENTITY INTEGER NOT NULL, @@ -1939,6 +2049,7 @@ data: EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), PRIMARY KEY (ID) ); @@ -1989,16 +2100,25 @@ data: API_PROVIDER varchar(255), API_NAME varchar(255), API_VERSION varchar(255), + API_TYPE varchar(50), PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; + )ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION ) ENGINE=InnoDB; @@ -2019,6 +2139,114 @@ data: FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + )ENGINE INNODB; + -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); @@ -2044,22 +2272,22 @@ data: USE WSO2AM_SHARED_DB; CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); @@ -2068,29 +2296,29 @@ data: -- See CARBON-5917. CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE ( @@ -2098,9 +2326,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2122,9 +2350,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2142,7 +2370,7 @@ data: CREATE TABLE IF NOT EXISTS REG_COMMENT ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_COMMENTED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2164,7 +2392,7 @@ data: CREATE TABLE IF NOT EXISTS REG_RATING ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_RATED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2187,7 +2415,7 @@ data: CREATE TABLE IF NOT EXISTS REG_TAG ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_TAGGED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2273,14 +2501,16 @@ data: -- ################################ CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, UM_EMAIL VARCHAR(255), UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) )ENGINE INNODB; CREATE TABLE UM_DOMAIN( @@ -2295,100 +2525,100 @@ data: ON UM_TENANT (UM_DOMAIN_NAME); CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( @@ -2402,14 +2632,14 @@ data: )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) )ENGINE INNODB; @@ -2426,6 +2656,8 @@ data: CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + CREATE TABLE UM_DIALECT( UM_ID INTEGER NOT NULL AUTO_INCREMENT, UM_DIALECT_URI VARCHAR(255) NOT NULL, @@ -2446,7 +2678,7 @@ data: UM_SUPPORTED SMALLINT, UM_REQUIRED SMALLINT, UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, + UM_CHECKED_ATTRIBUTE SMALLINT, UM_READ_ONLY SMALLINT, UM_TENANT_ID INTEGER DEFAULT 0, UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), @@ -2490,10 +2722,22 @@ data: UM_USER_NAME VARCHAR(255), UM_ROLE_ID INTEGER NOT NULL, UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, + UM_DOMAIN_ID INTEGER, UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; @@ -2518,11 +2762,11 @@ data: CREATE TABLE UM_HYBRID_REMEMBER_ME( UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( @@ -2537,6 +2781,7 @@ data: CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); + --- apiVersion: v1 @@ -2616,1215 +2861,6 @@ spec: serviceAccountName: "wso2am-pattern-1-svc-account" --- -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- - apiVersion: v1 kind: ConfigMap metadata: @@ -3835,9 +2871,7 @@ data: [server] hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha + #offset=0 base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -3886,7 +2920,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -3898,6 +2932,11 @@ data: wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" + websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim:9021" + websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim:8021" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -3928,23 +2967,9 @@ data: #expiry_time = "2m" [apim.analytics] - enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -3992,11 +3017,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false #[apim.throttling] @@ -4169,9 +3196,6 @@ spec: - name: init-db image: busybox:1.31 command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - name: init-download-mysql-connector image: busybox:1.31 command: @@ -4185,7 +3209,8 @@ spec: mountPath: /mysql-connector-jar containers: - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 + # image: "$image.pull.@.wso2"/wso2am:3.2.0 + image: 192.168.1.5/wso2am:4.0.0-rc livenessProbe: exec: command: @@ -4362,7 +3387,6 @@ function get_node_ip(){ elif [[ $(kubectl config current-context) = "docker-desktop" ]] then NODE_IP="127.0.0.1" - else else echo "We could not find your cluster node-ip." while [[ -z "$NODE_IP" ]] @@ -4543,7 +3567,6 @@ function deploy(){ echoBold "\thttps://$NODE_IP:30443/carbon/\n" echoBold "\thttps://$NODE_IP:30443/publisher/\n" echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" echoBold "from your favourite browser using credentials admin/admin\n\n" echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" diff --git a/simple/funcs b/simple/funcs index cb3aec38..8a0b44a9 100644 --- a/simple/funcs +++ b/simple/funcs @@ -287,7 +287,6 @@ function deploy(){ echoBold "\thttps://$NODE_IP:30443/carbon/\n" echoBold "\thttps://$NODE_IP:30443/publisher/\n" echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" echoBold "from your favourite browser using credentials admin/admin\n\n" echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" diff --git a/simple/funcs4opensource b/simple/funcs4opensource index 50f6dc4a..6d2a2633 100644 --- a/simple/funcs4opensource +++ b/simple/funcs4opensource @@ -245,7 +245,6 @@ function deploy(){ echoBold "\thttps://$NODE_IP:30443/carbon/\n" echoBold "\thttps://$NODE_IP:30443/publisher/\n" echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "\thttps://$NODE_IP:30646/analytics-dashboard/\n\n" echoBold "from your favourite browser using credentials admin/admin\n\n" echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml deleted file mode 100644 index ddcb0035..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,407 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-dashboard-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/DASHBOARD_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERMISSION_DB;IFEXISTS=TRUE;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;MVCC=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 30643 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://wso2am-pattern-1-am-1-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://"ip.node.k8s.&.wso2.apim":30443/oauth2 - kmTokenUrl: https://wso2am-pattern-1-am-1-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 900 - baseUrl: https://"ip.node.k8s.&.wso2.apim":30646 - grantType: authorization_code - publisherUrl: https://wso2am-pattern-1-am-1-service:9443 - devPortalUrl: https://wso2am-pattern-1-am-1-service:9443 - externalLogoutUrl: https://"ip.node.k8s.&.wso2.apim":30443/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE ---- diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml deleted file mode 100644 index 1ac4054c..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,91 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-dashboard-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-dashboard - image: "$image.pull.@.wso2"/wso2am-analytics-dashboard:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 30646 - initialDelaySeconds: 20 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 30646 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-dashboard-conf - configMap: - name: wso2am-pattern-1-am-analytics-dashboard-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml b/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml deleted file mode 100644 index 7cab5057..00000000 --- a/simple/kubernetes-apim-analytics/dashboard/wso2am-pattern-1-analytics-dashboard-service.yaml +++ /dev/null @@ -1,21 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-dashboard-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-dashboard - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: 'ui' - port: 30646 - protocol: TCP - targetPort: 30646 - nodePort: 30646 ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml deleted file mode 100644 index 51f84f95..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-conf.yaml +++ /dev/null @@ -1,543 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-analytics-worker-conf - namespace: wso2 -data: - deployment.yaml: |- - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_PERMISSIONS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_STATS_DB?useSSL=false&allowPublicKeyRetrieval=true' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: org.h2.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/WSO2_CLUSTER_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - maxPoolSize: 10 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - # - - # name: PERSISTENCE_DB - # description: "Datasource used for persistence" - # jndiConfig: - # name: jdbc/PERSISTENCE_DB - # definition: - # type: RDBMS - # configuration: - # connectionTestQuery: "SELECT 1" - # driverClassName: com.mysql.jdbc.Driver - # idleTimeout: 60000 - # isAutoCommit: false - # jdbcUrl: "jdbc:h2:${sys:carbon.home}/wso2/${sys:wso2.runtime}/database/PERSISTENCE_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000;AUTO_SERVER=TRUE" - # maxPoolSize: 10 - # password: pass - # username: root - # validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: false - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 3 - eventPollingInterval: 1000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - - # Sample of deployment.config for Two node HA - #deployment.config: - # type: ha - # eventSyncServer: - # host: localhost - # port: 9893 - # advertisedHost: localhost - # advertisedPort: 9893 - # bossThreads: 10 - # workerThreads: 10 - # eventSyncClientPool: - # maxActive: 10 - # maxTotal: 10 - # maxIdle: 10 - # maxWait: 60000 - # minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml deleted file mode 100644 index 50e9e387..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-deployment.yaml +++ /dev/null @@ -1,109 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-analytics-worker-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - spec: - initContainers: - - name: init-apim-analytics-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-analytics-worker - image: "$image.pull.@.wso2"/wso2am-analytics-worker:3.2.0 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 7444 - initialDelaySeconds: 100 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 1Gi - cpu: 1000m - imagePullPolicy: Always - securityContext: - runAsUser: 802 - ports: - - - containerPort: 9764 - protocol: "TCP" - - - containerPort: 9444 - protocol: "TCP" - - - containerPort: 7612 - protocol: "TCP" - - - containerPort: 7712 - protocol: "TCP" - - - containerPort: 9091 - protocol: "TCP" - - - containerPort: 7071 - protocol: "TCP" - - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-pattern-1-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-analytics-worker-conf - configMap: - name: wso2am-pattern-1-am-analytics-worker-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml b/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml deleted file mode 100644 index a357c703..00000000 --- a/simple/kubernetes-apim-analytics/worker/wso2apim-analytics-worker-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-analytics-worker-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-analytics-worker - product: api-manager - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml index bafa1d65..a60b1a1f 100644 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml +++ b/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml @@ -5,28 +5,6 @@ metadata: name: wso2apim-mysql-dbscripts namespace: wso2 data: - mysql_analytics.sql: |- - DROP DATABASE IF EXISTS WSO2AM_STATS_DB; - DROP DATABASE IF EXISTS WSO2AM_BUSINESS_RULES_DB; - DROP DATABASE IF EXISTS WSO2AM_PERMISSIONS_DB; - - CREATE DATABASE WSO2AM_STATS_DB; - CREATE DATABASE WSO2AM_BUSINESS_RULES_DB; - CREATE DATABASE WSO2AM_PERMISSIONS_DB; - - GRANT ALL ON WSO2AM_STATS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_BUSINESS_RULES_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - GRANT ALL ON WSO2AM_PERMISSIONS_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_STATS_DB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT 0, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (FILE_NAME, FILE_TIMESTAMP) - ); mysql_apim.sql: |- DROP DATABASE IF EXISTS WSO2AM_DB; CREATE DATABASE WSO2AM_DB; @@ -64,10 +42,10 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( @@ -120,7 +98,7 @@ data: PRIMARY KEY (TOKEN_ID), FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) + TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( @@ -232,20 +210,23 @@ data: DESCRIPTION VARCHAR(512), TENANT_ID INTEGER NOT NULL DEFAULT -1, SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) + PRIMARY KEY (SCOPE_ID), + UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( SCOPE_ID INTEGER NOT NULL, SCOPE_BINDING VARCHAR(255) NOT NULL, BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, + UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( RESOURCE_PATH VARCHAR(255) NOT NULL, SCOPE_ID INTEGER NOT NULL, TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RESOURCE_PATH), FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; @@ -457,11 +438,11 @@ data: ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER NOT NULL, + SP_DIALECT VARCHAR (512) NOT NULL, + APP_ID INTEGER NOT NULL, + PRIMARY KEY (ID)); ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; @@ -472,7 +453,7 @@ data: SP_CLAIM VARCHAR (512) NOT NULL , APP_ID INTEGER NOT NULL, IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', + IS_MANDATORY VARCHAR(128) DEFAULT '0', DEFAULT_VALUE VARCHAR(255), PRIMARY KEY (ID) )ENGINE INNODB; @@ -543,62 +524,62 @@ data: CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) + ID INTEGER AUTO_INCREMENT, + TENANT_ID INTEGER, + NAME VARCHAR(254) NOT NULL, + IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', + IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', + HOME_REALM_ID VARCHAR(254), + IMAGE MEDIUMBLOB, + CERTIFICATE BLOB, + ALIAS VARCHAR(254), + INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', + INBOUND_PROV_USER_STORE_ID VARCHAR(254), + USER_CLAIM_URI VARCHAR(254), + ROLE_CLAIM_URI VARCHAR(254), + DESCRIPTION VARCHAR (1024), + DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), + DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), + PROVISIONING_ROLE VARCHAR(128), + IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', + IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', + DISPLAY_NAME VARCHAR(255), + IMAGE_URL VARCHAR(1024), + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (TENANT_ID, NAME), + UNIQUE (UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + ROLE VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, ROLE), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ROLE_ID INTEGER, + TENANT_ID INTEGER, + USER_STORE_ID VARCHAR (253), + LOCAL_ROLE VARCHAR(253), + PRIMARY KEY (ID), + UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), + FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + TENANT_ID INTEGER, + CLAIM VARCHAR(254), + PRIMARY KEY (ID), + UNIQUE (IDP_ID, CLAIM), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( @@ -843,14 +824,13 @@ data: CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(127) NOT NULL, - USER_DOMAIN VARCHAR(50) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, TENANT_ID INTEGER DEFAULT -1, SALT_VALUE VARCHAR(255), HASH VARCHAR(255) NOT NULL, TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID), - UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( @@ -977,12 +957,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( @@ -996,12 +976,12 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TYPE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DATA BLOB NOT NULL, + PRIMARY KEY (TENANT_ID,NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( @@ -1029,15 +1009,135 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) + IDP_SESSION_ID VARCHAR(255) NOT NULL, + SESSION_ID VARCHAR(255) NOT NULL, + IDP_NAME VARCHAR(255) NOT NULL, + AUTHENTICATOR_ID VARCHAR(255), + PROTOCOL_TYPE VARCHAR(255), + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (IDP_SESSION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( + ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) + )ENGINE INNODB; + + INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES + ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), + ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), + ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + NAME VARCHAR(255) NOT NULL, + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + HAS_FILE tinyint(1) NOT NULL, + HAS_ATTRIBUTE tinyint(1) NOT NULL, + TYPE_ID VARCHAR(255) NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES + IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( + ID VARCHAR(255) NOT NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + ATTR_KEY VARCHAR(255) NOT NULL, + ATTR_VALUE VARCHAR(1023) NULL, + PRIMARY KEY (ID), + CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) + REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( + ID VARCHAR(255) NOT NULL, + VALUE BLOB NULL, + RESOURCE_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NULL, + PRIMARY KEY (ID) + )ENGINE INNODB; + ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES + IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; + + CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( + ID VARCHAR(255) NOT NULL, + TENANT_ID INT NOT NULL, + IS_ENABLED CHAR(1) NOT NULL, + REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, + ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, + CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, + REMOTE_FETCH_NAME VARCHAR(255), + REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, + ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) + )ENGINE INNODB; + + CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( + ID VARCHAR(255) NOT NULL, + CONFIG_ID VARCHAR(255) NOT NULL, + FILE_PATH VARCHAR(255) NOT NULL, + FILE_HASH VARCHAR(255), + DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + DEPLOYMENT_STATUS VARCHAR(255), + ITEM_NAME VARCHAR(255), + DEPLOY_ERR_LOG MEDIUMTEXT, + PRIMARY KEY (ID), + FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, + CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, + FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, + FUNCTIONALITY_LOCK_REASON VARCHAR(1023), + FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( + ID VARCHAR(255) NOT NULL, + USER_ID VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + FUNCTIONALITY_ID VARCHAR(255) NOT NULL, + PROPERTY_NAME VARCHAR(255), + PROPERTY_VALUE VARCHAR(255), + PRIMARY KEY (ID), + CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( + ID INT NOT NULL AUTO_INCREMENT, + TENANT_ID INT NOT NULL, + ORIGIN VARCHAR(2048) NOT NULL, + UUID CHAR(36) NOT NULL, + PRIMARY KEY (ID), + UNIQUE (UUID) + ) ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( + IDN_CORS_ORIGIN_ID INT NOT NULL, + SP_APP_ID INT NOT NULL, + + PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), + FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, + FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE + ) ENGINE INNODB; + -- --------------------------- INDEX CREATION ----------------------------- -- IDN_OAUTH2_ACCESS_TOKEN -- CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); @@ -1112,6 +1212,16 @@ data: -- IDN_FED_AUTH_SESSION_MAPPING -- CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); + -- IDN_REMOTE_FETCH_REVISIONS -- + CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); + + -- IDN_CORS_ASSOCIATION -- + CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); + + -- End of IDENTITY Tables-- -- Start of CONSENT-MGT Tables -- @@ -1280,6 +1390,7 @@ data: CREATE TABLE IF NOT EXISTS AM_API ( API_ID INTEGER AUTO_INCREMENT, + API_UUID VARCHAR(256), API_PROVIDER VARCHAR(200), API_NAME VARCHAR(200), API_VERSION VARCHAR(30), @@ -1291,10 +1402,19 @@ data: CREATED_TIME TIMESTAMP, UPDATED_BY VARCHAR(100), UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR(30), + REVISIONS_CREATED INTEGER DEFAULT 0, PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION) + UNIQUE (API_PROVIDER,API_NAME,API_VERSION), + UNIQUE (API_UUID) )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( + API_UUID VARCHAR(64), + REVISION_UUID VARCHAR(64), + API_TIER VARCHAR(128), + UNIQUE (API_UUID,REVISION_UUID) + )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( UUID VARCHAR(256), @@ -1302,9 +1422,9 @@ data: TYPE VARCHAR(256), FIELD VARCHAR(256), COMPLEXITY_VALUE INTEGER, + REVISION_UUID VARCHAR(255), FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID), - UNIQUE (API_ID,TYPE,FIELD) + PRIMARY KEY(UUID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( @@ -1315,6 +1435,7 @@ data: URL_PATTERN VARCHAR(512) NULL, THROTTLING_TIER varchar(512) DEFAULT NULL, MEDIATION_SCRIPT BLOB, + REVISION_UUID VARCHAR(255), PRIMARY KEY (URL_MAPPING_ID) )ENGINE INNODB; @@ -1334,12 +1455,13 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) + API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, + API_ID INTEGER, + URL_MAPPING_ID INTEGER, + REVISION_UUID VARCHAR(255), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, + FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, + PRIMARY KEY(API_PRODUCT_MAPPING_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( @@ -1362,13 +1484,7 @@ data: UNIQUE (UUID) )ENGINE INNODB; - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING ( - SUBSCRIPTION_ID INTEGER, - ACCESS_TOKEN VARCHAR(512), - KEY_TYPE VARCHAR(512) NOT NULL, - FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN) - )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( UUID VARCHAR(100), @@ -1402,12 +1518,17 @@ data: )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(255) NOT NULL, + COMMENT_ID VARCHAR(64) NOT NULL, COMMENT_TEXT VARCHAR(512), - COMMENTED_USER VARCHAR(255), - DATE_COMMENTED TIMESTAMP NOT NULL, + CREATED_BY VARCHAR(255), + CREATED_TIME TIMESTAMP NOT NULL, + UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, API_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, + PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, + ENTRY_POINT VARCHAR(20), + CATEGORY VARCHAR(20) DEFAULT 'general', + FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), + FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), PRIMARY KEY (COMMENT_ID) )ENGINE INNODB; @@ -1495,38 +1616,38 @@ data: CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) + ID VARCHAR(100) NOT NULL, + STATE VARCHAR(50) NOT NULL, + STATUS VARCHAR(50) NOT NULL, + STARTED_TIME VARCHAR(50) NOT NULL, + PUBLISHED_TIME VARCHAR(50) NOT NULL, + PRIMARY KEY(ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( ALERT_TYPE_ID INTEGER AUTO_INCREMENT, ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, + STAKE_HOLDER VARCHAR(100) NOT NULL, PRIMARY KEY (ALERT_TYPE_ID) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( ALERT_TYPE_ID INTEGER, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, + EMAIL_LIST_ID INTEGER AUTO_INCREMENT, USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , + STAKE_HOLDER VARCHAR(100) NOT NULL , PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) )ENGINE = INNODB; CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), + EMAIL VARCHAR(255), PRIMARY KEY (EMAIL_LIST_ID,EMAIL) )ENGINE = INNODB; @@ -1556,7 +1677,7 @@ data: RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, BILLING_PLAN VARCHAR(20) NOT NULL, UUID VARCHAR(256), @@ -1567,6 +1688,7 @@ data: CURRENCY VARCHAR(15) NULL DEFAULT NULL, MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, MAX_DEPTH INT(11) NOT NULL DEFAULT 0, + CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, PRIMARY KEY (POLICY_ID), UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1584,8 +1706,8 @@ data: UNIT_TIME INT(11) NOT NULL, TIME_UNIT VARCHAR(25) NOT NULL, IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), + CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, + UUID VARCHAR(256), PRIMARY KEY (POLICY_ID), UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), UNIQUE (UUID) @@ -1644,7 +1766,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, PARAMETER_NAME VARCHAR(255) DEFAULT NULL, PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, + IS_PARAM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (QUERY_PARAMETER_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1654,7 +1776,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, + IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (HEADER_FIELD_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1664,7 +1786,7 @@ data: CONDITION_GROUP_ID INTEGER NOT NULL, CLAIM_URI VARCHAR(512) DEFAULT NULL, CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, + IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, PRIMARY KEY (JWT_CLAIM_ID), FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE )ENGINE INNODB; @@ -1719,6 +1841,7 @@ data: `TENANT_ID` INT(11) NOT NULL, `ALIAS` VARCHAR(255) NOT NULL, `END_POINT` VARCHAR(255) NOT NULL, + `CERTIFICATE` BLOB DEFAULT NULL, CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) ) ENGINE=InnoDB; @@ -1729,8 +1852,9 @@ data: `CERTIFICATE` BLOB NOT NULL, `REMOVED` BOOLEAN NOT NULL DEFAULT 0, `TIER_NAME` VARCHAR (512), + `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`) + PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) ) ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( @@ -1767,22 +1891,6 @@ data: FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_LABELS ( - LABEL_ID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_DOMAIN VARCHAR(255), - UNIQUE (NAME,TENANT_DOMAIN), - PRIMARY KEY (LABEL_ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_LABEL_URLS ( - LABEL_ID VARCHAR(50), - ACCESS_URL VARCHAR(255), - PRIMARY KEY (LABEL_ID,ACCESS_URL), - FOREIGN KEY (LABEL_ID) REFERENCES AM_LABELS(LABEL_ID) ON UPDATE CASCADE ON DELETE CASCADE - ) ENGINE=InnoDB; - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( ID INTEGER AUTO_INCREMENT, NAME VARCHAR(50) NOT NULL, @@ -1792,7 +1900,7 @@ data: TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', UNIQUE (CONSUMER_KEY), PRIMARY KEY (ID) - ) ENGINE=InnoDB; + ) ENGINE=InnoDB; -- BotDATA Email table -- CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( @@ -1853,6 +1961,8 @@ data: CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); + CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); + CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( ID INTEGER AUTO_INCREMENT NOT NULL, RESOURCE_IDENTITY INTEGER NOT NULL, @@ -1879,6 +1989,7 @@ data: EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', TENANT_ID INTEGER DEFAULT -1234, + TOKEN_ID VARCHAR(255), PRIMARY KEY (ID) ); @@ -1929,16 +2040,25 @@ data: API_PROVIDER varchar(255), API_NAME varchar(255), API_VERSION varchar(255), + API_TYPE varchar(50), PRIMARY KEY (API_ID) - ) ENGINE=InnoDB; + )ENGINE=InnoDB; CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID varchar(255) NOT NULL, - ARTIFACT LONGBLOB, - GATEWAY_INSTRUCTION varchar(20), - GATEWAY_LABEL varchar(255), + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + ARTIFACT blob, TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (GATEWAY_LABEL, API_ID), + PRIMARY KEY (REVISION_ID, API_ID), + FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( + API_ID VARCHAR(255) NOT NULL, + REVISION_ID VARCHAR(255) NOT NULL, + LABEL VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + PRIMARY KEY (REVISION_ID, API_ID,LABEL), FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION ) ENGINE=InnoDB; @@ -1959,6 +2079,114 @@ data: FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE )ENGINE INNODB; + CREATE TABLE IF NOT EXISTS AM_REVISION ( + ID INTEGER NOT NULL, + API_UUID VARCHAR(256) NOT NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(255), + CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + CREATED_BY VARCHAR(255), + PRIMARY KEY (ID, API_UUID), + UNIQUE(REVISION_UUID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( + NAME VARCHAR(255) NOT NULL, + VHOST VARCHAR(255) NULL, + REVISION_UUID VARCHAR(255) NOT NULL, + DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, + DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (NAME, REVISION_UUID), + FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE + )ENGINE INNODB; + + -- Gateway Environments Table -- + CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + UUID VARCHAR(45) NOT NULL, + NAME VARCHAR(255) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255) NULL, + DESCRIPTION VARCHAR(1023) NULL, + UNIQUE (NAME, TENANT_DOMAIN), + UNIQUE (UUID), + PRIMARY KEY (ID) + ); + + -- Virtual Hosts Table -- + CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( + GATEWAY_ENV_ID INTEGER NOT NULL, + HOST VARCHAR(255) NOT NULL, + HTTP_CONTEXT VARCHAR(255) NULL, + HTTP_PORT VARCHAR(5) NOT NULL, + HTTPS_PORT VARCHAR(5) NOT NULL, + WS_PORT VARCHAR(5) NOT NULL, + WSS_PORT VARCHAR(5) NOT NULL, + FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, + PRIMARY KEY (GATEWAY_ENV_ID, HOST) + ); + + -- Service Catalog -- + CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( + UUID VARCHAR(36) NOT NULL, + SERVICE_KEY VARCHAR(512) NOT NULL, + MD5 VARCHAR(100) NOT NULL, + SERVICE_NAME VARCHAR(255) NOT NULL, + SERVICE_VERSION VARCHAR(30) NOT NULL, + TENANT_ID INTEGER NOT NULL, + SERVICE_URL VARCHAR(2048) NOT NULL, + DEFINITION_TYPE VARCHAR(20), + DEFINITION_URL VARCHAR(2048), + DESCRIPTION VARCHAR(1024), + SECURITY_TYPE VARCHAR(50), + MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, + CREATED_TIME TIMESTAMP NULL, + LAST_UPDATED_TIME TIMESTAMP NULL, + CREATED_BY VARCHAR(255), + UPDATED_BY VARCHAR(255), + SERVICE_DEFINITION BLOB NOT NULL, + PRIMARY KEY (UUID), + UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), + UNIQUE (SERVICE_KEY, TENANT_ID) + )ENGINE=InnoDB; + + CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( + API_ID INTEGER NOT NULL, + SERVICE_KEY VARCHAR(256) NOT NULL, + MD5 VARCHAR(100), + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (API_ID, SERVICE_KEY), + FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE + )ENGINE=InnoDB; + + -- Webhooks -- + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( + WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + EXPIRY_AT BIGINT, + DELIVERED_AT TIMESTAMP NULL, + DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, + PRIMARY KEY (WH_SUBSCRIPTION_ID) + )ENGINE INNODB; + + CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( + API_UUID VARCHAR(255) NOT NULL, + APPLICATION_ID VARCHAR(20) NOT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, + HUB_TOPIC VARCHAR(255) NOT NULL, + HUB_SECRET VARCHAR(2048), + HUB_LEASE_SECONDS INTEGER, + ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + )ENGINE INNODB; + -- Performance indexes start-- create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); @@ -1984,22 +2212,22 @@ data: USE WSO2AM_SHARED_DB; CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) + REG_LOCK_NAME VARCHAR (20), + REG_LOCK_STATUS VARCHAR (20), + REG_LOCKED_TIME TIMESTAMP, + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOCK_NAME) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (31) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) + REG_LOG_ID INTEGER AUTO_INCREMENT, + REG_PATH VARCHAR (750), + REG_USER_ID VARCHAR (255) NOT NULL, + REG_LOGGED_TIME TIMESTAMP NOT NULL, + REG_ACTION INTEGER NOT NULL, + REG_ACTION_DATA VARCHAR (500), + REG_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); @@ -2008,29 +2236,29 @@ data: -- See CARBON-5917. CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) + REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, + REG_PATH_PARENT_ID INTEGER, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), + CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) )ENGINE INNODB; CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, + REG_CONTENT_DATA LONGBLOB, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) + REG_CONTENT_ID INTEGER NOT NULL, + REG_CONTENT_DATA LONGBLOB, + REG_DELETED SMALLINT, + REG_TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS REG_RESOURCE ( @@ -2038,9 +2266,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2062,9 +2290,9 @@ data: REG_NAME VARCHAR(256), REG_VERSION INTEGER NOT NULL, REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(31) NOT NULL, + REG_CREATOR VARCHAR(255) NOT NULL, REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(31), + REG_LAST_UPDATOR VARCHAR(255), REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, REG_DESCRIPTION VARCHAR(1000), REG_CONTENT_ID INTEGER, @@ -2082,7 +2310,7 @@ data: CREATE TABLE IF NOT EXISTS REG_COMMENT ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_COMMENTED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2104,7 +2332,7 @@ data: CREATE TABLE IF NOT EXISTS REG_RATING ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_RATED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2127,7 +2355,7 @@ data: CREATE TABLE IF NOT EXISTS REG_TAG ( REG_ID INTEGER NOT NULL AUTO_INCREMENT, REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(31) NOT NULL, + REG_USER_ID VARCHAR(255) NOT NULL, REG_TAGGED_TIME TIMESTAMP NOT NULL, REG_TENANT_ID INTEGER DEFAULT 0, CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) @@ -2213,14 +2441,16 @@ data: -- ################################ CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_TENANT_UUID VARCHAR(36) NOT NULL, + UM_DOMAIN_NAME VARCHAR(255) NOT NULL, UM_EMAIL VARCHAR(255), UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME) + UM_CREATED_DATE TIMESTAMP NOT NULL, + UM_USER_CONFIG LONGBLOB, + PRIMARY KEY (UM_ID), + UNIQUE(UM_DOMAIN_NAME), + UNIQUE(UM_TENANT_UUID) )ENGINE INNODB; CREATE TABLE UM_DOMAIN( @@ -2235,100 +2465,100 @@ data: ON UM_TENANT (UM_DOMAIN_NAME); CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_ID VARCHAR(255) NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_USER_PASSWORD VARCHAR(255) NOT NULL, + UM_SALT_VALUE VARCHAR(31), + UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, + UM_CHANGED_TIME TIMESTAMP NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_USER_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, + PRIMARY KEY (UM_ID, UM_TENANT_ID), + UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_MODULE_NAME VARCHAR(100), + UNIQUE(UM_MODULE_NAME), + PRIMARY KEY(UM_ID) )ENGINE INNODB; CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE + UM_ACTION VARCHAR(255) NOT NULL, + UM_MODULE_ID INTEGER NOT NULL, + PRIMARY KEY(UM_ACTION, UM_MODULE_ID), + FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE )ENGINE INNODB; CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_RESOURCE_ID VARCHAR(255) NOT NULL, + UM_ACTION VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_MODULE_ID INTEGER DEFAULT 0, + UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_ROLE_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_PERMISSION_ID INTEGER NOT NULL, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_IS_ALLOWED SMALLINT NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_ROLE_ID INTEGER NOT NULL, + UM_USER_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), + FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE UM_SHARED_USER_ROLE( @@ -2342,14 +2572,14 @@ data: )ENGINE INNODB; CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_TENANT_ID INTEGER NOT NULL, + UM_USER_STORE_DOMAIN VARCHAR(100), + UM_ACC_LINK_ID INTEGER NOT NULL, + UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), + FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID) )ENGINE INNODB; @@ -2366,6 +2596,8 @@ data: CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); + CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); + CREATE TABLE UM_DIALECT( UM_ID INTEGER NOT NULL AUTO_INCREMENT, UM_DIALECT_URI VARCHAR(255) NOT NULL, @@ -2386,7 +2618,7 @@ data: UM_SUPPORTED SMALLINT, UM_REQUIRED SMALLINT, UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, + UM_CHECKED_ATTRIBUTE SMALLINT, UM_READ_ONLY SMALLINT, UM_TENANT_ID INTEGER DEFAULT 0, UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), @@ -2430,10 +2662,22 @@ data: UM_USER_NAME VARCHAR(255), UM_ROLE_ID INTEGER NOT NULL, UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, + UM_DOMAIN_ID INTEGER, UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, + PRIMARY KEY (UM_ID, UM_TENANT_ID) + )ENGINE INNODB; + + CREATE TABLE UM_HYBRID_GROUP_ROLE( + UM_ID INTEGER NOT NULL AUTO_INCREMENT, + UM_GROUP_NAME VARCHAR(255), + UM_ROLE_ID INTEGER NOT NULL, + UM_TENANT_ID INTEGER DEFAULT 0, + UM_DOMAIN_ID INTEGER, + UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), + FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, + FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; @@ -2458,11 +2702,11 @@ data: CREATE TABLE UM_HYBRID_REMEMBER_ME( UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, + UM_USER_NAME VARCHAR(255) NOT NULL, + UM_COOKIE_VALUE VARCHAR(1024), + UM_CREATED_TIME TIMESTAMP, UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) + PRIMARY KEY (UM_ID, UM_TENANT_ID) )ENGINE INNODB; CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( @@ -2477,4 +2721,5 @@ data: CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); + --- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml index da44f322..66339611 100644 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml +++ b/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml @@ -18,7 +18,8 @@ spec: spec: containers: - name: wso2apim-mysql - image: mysql:5.7 + # image: mysql:5.7 + image: 192.168.1.5:5000/mysql:5.7 livenessProbe: exec: command: diff --git a/simple/kubernetes-apim/wso2apim-conf.yaml b/simple/kubernetes-apim/wso2apim-conf.yaml index d9d38bfe..704eceb2 100644 --- a/simple/kubernetes-apim/wso2apim-conf.yaml +++ b/simple/kubernetes-apim/wso2apim-conf.yaml @@ -9,9 +9,7 @@ data: [server] hostname = ""ip.node.k8s.&.wso2.apim"" - node_ip = "$env{NODE_IP}" - # offset=0 - mode = "single" #single or ha + #offset=0 base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -60,7 +58,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -72,6 +70,11 @@ data: wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" + websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim":9021" + websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim":8021" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -102,23 +105,9 @@ data: #expiry_time = "2m" [apim.analytics] - enable = true - store_api_url = "https://wso2am-pattern-1-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://wso2am-pattern-1-analytics-worker-service:7612"] - analytics_auth_url =["ssl://wso2am-pattern-1-analytics-worker-service:7712"] - #type = "loadbalance" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -166,11 +155,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false #[apim.throttling] diff --git a/simple/kubernetes-apim/wso2apim-deployment.yaml b/simple/kubernetes-apim/wso2apim-deployment.yaml index c1208786..4587a26a 100644 --- a/simple/kubernetes-apim/wso2apim-deployment.yaml +++ b/simple/kubernetes-apim/wso2apim-deployment.yaml @@ -29,9 +29,6 @@ spec: - name: init-db image: busybox:1.31 command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-am-analytics-worker - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z wso2am-pattern-1-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - name: init-download-mysql-connector image: busybox:1.31 command: @@ -45,7 +42,8 @@ spec: mountPath: /mysql-connector-jar containers: - name: wso2am-pattern-1-am - image: "$image.pull.@.wso2"/wso2am:3.2.0 + # image: "$image.pull.@.wso2"/wso2am:3.2.0 + image: 192.168.1.5:5000/wso2am:4.0.0-rc livenessProbe: exec: command: From 645da94b39e0215e1452154aa3f475c5290d1737 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Mon, 3 May 2021 14:25:19 +0530 Subject: [PATCH 02/34] Remove script based k8s configs --- simple/create.sh | 104 - simple/deployment-scripts/deployment.yaml | 3231 --------------- simple/deployment-scripts/wso2am-ga.sh | 3543 ---------------- simple/deployment-scripts/wso2am-latest.sh | 3594 ----------------- simple/funcs | 293 -- simple/funcs4opensource | 251 -- .../wso2apim-mysql-conf.yaml | 2725 ------------- .../wso2apim-mysql-deployment.yaml | 61 - .../wso2apim-mysql-service.yaml | 17 - simple/kubernetes-apim/wso2apim-conf.yaml | 266 -- .../kubernetes-apim/wso2apim-deployment.yaml | 110 - simple/kubernetes-apim/wso2apim-service.yaml | 39 - simple/kubernetes-basics/namespace.yaml | 6 - simple/kubernetes-basics/secrets.yaml | 10 - simple/kubernetes-basics/svcaccount.yaml | 7 - 15 files changed, 14257 deletions(-) delete mode 100755 simple/create.sh delete mode 100644 simple/deployment-scripts/deployment.yaml delete mode 100755 simple/deployment-scripts/wso2am-ga.sh delete mode 100755 simple/deployment-scripts/wso2am-latest.sh delete mode 100644 simple/funcs delete mode 100644 simple/funcs4opensource delete mode 100644 simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml delete mode 100644 simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml delete mode 100644 simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml delete mode 100644 simple/kubernetes-apim/wso2apim-conf.yaml delete mode 100644 simple/kubernetes-apim/wso2apim-deployment.yaml delete mode 100644 simple/kubernetes-apim/wso2apim-service.yaml delete mode 100644 simple/kubernetes-basics/namespace.yaml delete mode 100644 simple/kubernetes-basics/secrets.yaml delete mode 100644 simple/kubernetes-basics/svcaccount.yaml diff --git a/simple/create.sh b/simple/create.sh deleted file mode 100755 index 928f1971..00000000 --- a/simple/create.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/bash - -IS_OPEN_SOURCE=true - -if $IS_OPEN_SOURCE; then - SCRIPT="deployment-scripts/wso2am-ga.sh" -else - SCRIPT="deployment-scripts/wso2am-latest.sh" -fi - -cat > $SCRIPT << "EOF" -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -EOF - -cat >> $SCRIPT << "EOF" -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -EOF - -if $IS_OPEN_SOURCE; then - echo 'IMG_DEST="wso2"' >> $SCRIPT -else - echo 'IMG_DEST="docker.wso2.com"' >> $SCRIPT -fi - -cat >> $SCRIPT << "EOF" - -: ${namespace:="wso2"} - -EOF - -echo "function create_yaml(){" >> $SCRIPT -echo 'cat > $k8s_obj_file << "EOF"' >> $SCRIPT -echo 'EOF' >> $SCRIPT -echo 'if [ "$namespace" == "wso2" ]; then' >> $SCRIPT -echo 'cat > $k8s_obj_file << "EOF"' >> $SCRIPT -cat kubernetes-basics/namespace.yaml >> $SCRIPT -echo -e "EOF\nfi" >> $SCRIPT - -echo 'cat >> $k8s_obj_file << "EOF"' >> $SCRIPT -cat kubernetes-basics/svcaccount.yaml >> $SCRIPT -if ! $IS_OPEN_SOURCE; then - cat kubernetes-basics/secrets.yaml >> $SCRIPT -fi -cat kubernetes-apim-mysql/wso2apim-mysql-conf.yaml >> $SCRIPT -cat kubernetes-apim-mysql/wso2apim-mysql-service.yaml >> $SCRIPT -cat kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-conf.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-service.yaml >> $SCRIPT -cat kubernetes-apim/wso2apim-deployment.yaml >> $SCRIPT - -echo -e "EOF\n}\n" >> $SCRIPT - -if $IS_OPEN_SOURCE; then - cat funcs4opensource >> $SCRIPT -else - cat funcs >> $SCRIPT -fi - -cat >> $SCRIPT << "EOF" -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi -EOF diff --git a/simple/deployment-scripts/deployment.yaml b/simple/deployment-scripts/deployment.yaml deleted file mode 100644 index 24fbacf8..00000000 --- a/simple/deployment-scripts/deployment.yaml +++ /dev/null @@ -1,3231 +0,0 @@ - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID), - UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) - )ENGINE INNODB; - - INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES - ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), - ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), - ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - NAME VARCHAR(255) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - HAS_FILE tinyint(1) NOT NULL, - HAS_ATTRIBUTE tinyint(1) NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES - IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( - ID VARCHAR(255) NOT NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - ATTR_KEY VARCHAR(255) NOT NULL, - ATTR_VALUE VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) - REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( - ID VARCHAR(255) NOT NULL, - VALUE BLOB NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES - IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - IS_ENABLED CHAR(1) NOT NULL, - REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, - ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, - CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, - REMOTE_FETCH_NAME VARCHAR(255), - REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, - ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) - )ENGINE INNODB; - - CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( - ID VARCHAR(255) NOT NULL, - CONFIG_ID VARCHAR(255) NOT NULL, - FILE_PATH VARCHAR(255) NOT NULL, - FILE_HASH VARCHAR(255), - DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - DEPLOYMENT_STATUS VARCHAR(255), - ITEM_NAME VARCHAR(255), - DEPLOY_ERR_LOG MEDIUMTEXT, - PRIMARY KEY (ID), - FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, - CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, - FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, - FUNCTIONALITY_LOCK_REASON VARCHAR(1023), - FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - PROPERTY_NAME VARCHAR(255), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( - ID INT NOT NULL AUTO_INCREMENT, - TENANT_ID INT NOT NULL, - ORIGIN VARCHAR(2048) NOT NULL, - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (UUID) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( - IDN_CORS_ORIGIN_ID INT NOT NULL, - SP_APP_ID INT NOT NULL, - - PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), - FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, - FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE - ) ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- IDN_REMOTE_FETCH_REVISIONS -- - CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); - - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_UUID VARCHAR(256), - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR(30), - REVISIONS_CREATED INTEGER DEFAULT 0, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION), - UNIQUE (API_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( - API_UUID VARCHAR(64), - REVISION_UUID VARCHAR(64), - API_TIER VARCHAR(128), - UNIQUE (API_UUID,REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - REVISION_UUID VARCHAR(255), - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(64) NOT NULL, - COMMENT_TEXT VARCHAR(512), - CREATED_BY VARCHAR(255), - CREATED_TIME TIMESTAMP NOT NULL, - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - API_ID INTEGER, - PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, - ENTRY_POINT VARCHAR(20), - CATEGORY VARCHAR(20) DEFAULT 'general', - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), - FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - `CERTIFICATE` BLOB DEFAULT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - TOKEN_ID VARCHAR(255), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - API_TYPE varchar(50), - PRIMARY KEY (API_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - ARTIFACT blob, - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (REVISION_ID, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - LABEL VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - PRIMARY KEY (REVISION_ID, API_ID,LABEL), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVISION ( - ID INTEGER NOT NULL, - API_UUID VARCHAR(256) NOT NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(255), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - CREATED_BY VARCHAR(255), - PRIMARY KEY (ID, API_UUID), - UNIQUE(REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( - NAME VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, - DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (NAME, REVISION_UUID), - FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE - )ENGINE INNODB; - - -- Gateway Environments Table -- - CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID VARCHAR(45) NOT NULL, - NAME VARCHAR(255) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(1023) NULL, - UNIQUE (NAME, TENANT_DOMAIN), - UNIQUE (UUID), - PRIMARY KEY (ID) - ); - - -- Virtual Hosts Table -- - CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( - GATEWAY_ENV_ID INTEGER NOT NULL, - HOST VARCHAR(255) NOT NULL, - HTTP_CONTEXT VARCHAR(255) NULL, - HTTP_PORT VARCHAR(5) NOT NULL, - HTTPS_PORT VARCHAR(5) NOT NULL, - WS_PORT VARCHAR(5) NOT NULL, - WSS_PORT VARCHAR(5) NOT NULL, - FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY (GATEWAY_ENV_ID, HOST) - ); - - -- Service Catalog -- - CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( - UUID VARCHAR(36) NOT NULL, - SERVICE_KEY VARCHAR(512) NOT NULL, - MD5 VARCHAR(100) NOT NULL, - SERVICE_NAME VARCHAR(255) NOT NULL, - SERVICE_VERSION VARCHAR(30) NOT NULL, - TENANT_ID INTEGER NOT NULL, - SERVICE_URL VARCHAR(2048) NOT NULL, - DEFINITION_TYPE VARCHAR(20), - DEFINITION_URL VARCHAR(2048), - DESCRIPTION VARCHAR(1024), - SECURITY_TYPE VARCHAR(50), - MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, - CREATED_TIME TIMESTAMP NULL, - LAST_UPDATED_TIME TIMESTAMP NULL, - CREATED_BY VARCHAR(255), - UPDATED_BY VARCHAR(255), - SERVICE_DEFINITION BLOB NOT NULL, - PRIMARY KEY (UUID), - UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), - UNIQUE (SERVICE_KEY, TENANT_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( - API_ID INTEGER NOT NULL, - SERVICE_KEY VARCHAR(256) NOT NULL, - MD5 VARCHAR(100), - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (API_ID, SERVICE_KEY), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE - )ENGINE=InnoDB; - - -- Webhooks -- - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( - WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_AT BIGINT, - DELIVERED_AT TIMESTAMP NULL, - DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, - PRIMARY KEY (WH_SUBSCRIPTION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (255) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_TENANT_UUID VARCHAR(36) NOT NULL, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME), - UNIQUE(UM_TENANT_UUID) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_GROUP_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_GROUP_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - - ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - # image: mysql:5.7 - image: 192.168.1.5:5000/mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = "172.17.0.4" - #offset=0 - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Default" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://172.17.0.4:9099" - wss_endpoint = "wss://172.17.0.4:8099" - http_endpoint = "http://172.17.0.4:30280" - https_endpoint = "https://172.17.0.4:30243" - websub_event_receiver_http_endpoint = "http://172.17.0.4:9021" - websub_event_receiver_https_endpoint = "https://172.17.0.4:8021" - - [apim.sync_runtime_artifacts.gateway] - gateway_labels =["Default"] - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = false - config_endpoint = "https://localhost:8080/auth/v1" - auth_token = "" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://172.17.0.4:30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - #enable_cross_tenant_subscriptions = true - #default_reserved_username = "apim_reserved_user" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - # image: wso2/wso2am:3.2.0 - image: 192.168.1.5:5000/wso2am:4.0.0-rc - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/deployment-scripts/wso2am-ga.sh b/simple/deployment-scripts/wso2am-ga.sh deleted file mode 100755 index ee872423..00000000 --- a/simple/deployment-scripts/wso2am-ga.sh +++ /dev/null @@ -1,3543 +0,0 @@ -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -IMG_DEST="wso2" - -: ${namespace:="wso2"} - -function create_yaml(){ -cat > $k8s_obj_file << "EOF" -EOF -if [ "$namespace" == "wso2" ]; then -cat > $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- -EOF -fi -cat >> $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID), - UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) - )ENGINE INNODB; - - INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES - ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), - ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), - ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - NAME VARCHAR(255) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - HAS_FILE tinyint(1) NOT NULL, - HAS_ATTRIBUTE tinyint(1) NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES - IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( - ID VARCHAR(255) NOT NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - ATTR_KEY VARCHAR(255) NOT NULL, - ATTR_VALUE VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) - REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( - ID VARCHAR(255) NOT NULL, - VALUE BLOB NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES - IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - IS_ENABLED CHAR(1) NOT NULL, - REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, - ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, - CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, - REMOTE_FETCH_NAME VARCHAR(255), - REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, - ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) - )ENGINE INNODB; - - CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( - ID VARCHAR(255) NOT NULL, - CONFIG_ID VARCHAR(255) NOT NULL, - FILE_PATH VARCHAR(255) NOT NULL, - FILE_HASH VARCHAR(255), - DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - DEPLOYMENT_STATUS VARCHAR(255), - ITEM_NAME VARCHAR(255), - DEPLOY_ERR_LOG MEDIUMTEXT, - PRIMARY KEY (ID), - FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, - CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, - FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, - FUNCTIONALITY_LOCK_REASON VARCHAR(1023), - FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - PROPERTY_NAME VARCHAR(255), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( - ID INT NOT NULL AUTO_INCREMENT, - TENANT_ID INT NOT NULL, - ORIGIN VARCHAR(2048) NOT NULL, - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (UUID) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( - IDN_CORS_ORIGIN_ID INT NOT NULL, - SP_APP_ID INT NOT NULL, - - PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), - FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, - FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE - ) ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- IDN_REMOTE_FETCH_REVISIONS -- - CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); - - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_UUID VARCHAR(256), - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR(30), - REVISIONS_CREATED INTEGER DEFAULT 0, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION), - UNIQUE (API_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( - API_UUID VARCHAR(64), - REVISION_UUID VARCHAR(64), - API_TIER VARCHAR(128), - UNIQUE (API_UUID,REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - REVISION_UUID VARCHAR(255), - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(64) NOT NULL, - COMMENT_TEXT VARCHAR(512), - CREATED_BY VARCHAR(255), - CREATED_TIME TIMESTAMP NOT NULL, - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - API_ID INTEGER, - PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, - ENTRY_POINT VARCHAR(20), - CATEGORY VARCHAR(20) DEFAULT 'general', - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), - FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - `CERTIFICATE` BLOB DEFAULT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - TOKEN_ID VARCHAR(255), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - API_TYPE varchar(50), - PRIMARY KEY (API_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - ARTIFACT blob, - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (REVISION_ID, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - LABEL VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - PRIMARY KEY (REVISION_ID, API_ID,LABEL), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVISION ( - ID INTEGER NOT NULL, - API_UUID VARCHAR(256) NOT NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(255), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - CREATED_BY VARCHAR(255), - PRIMARY KEY (ID, API_UUID), - UNIQUE(REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( - NAME VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, - DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (NAME, REVISION_UUID), - FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE - )ENGINE INNODB; - - -- Gateway Environments Table -- - CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID VARCHAR(45) NOT NULL, - NAME VARCHAR(255) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(1023) NULL, - UNIQUE (NAME, TENANT_DOMAIN), - UNIQUE (UUID), - PRIMARY KEY (ID) - ); - - -- Virtual Hosts Table -- - CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( - GATEWAY_ENV_ID INTEGER NOT NULL, - HOST VARCHAR(255) NOT NULL, - HTTP_CONTEXT VARCHAR(255) NULL, - HTTP_PORT VARCHAR(5) NOT NULL, - HTTPS_PORT VARCHAR(5) NOT NULL, - WS_PORT VARCHAR(5) NOT NULL, - WSS_PORT VARCHAR(5) NOT NULL, - FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY (GATEWAY_ENV_ID, HOST) - ); - - -- Service Catalog -- - CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( - UUID VARCHAR(36) NOT NULL, - SERVICE_KEY VARCHAR(512) NOT NULL, - MD5 VARCHAR(100) NOT NULL, - SERVICE_NAME VARCHAR(255) NOT NULL, - SERVICE_VERSION VARCHAR(30) NOT NULL, - TENANT_ID INTEGER NOT NULL, - SERVICE_URL VARCHAR(2048) NOT NULL, - DEFINITION_TYPE VARCHAR(20), - DEFINITION_URL VARCHAR(2048), - DESCRIPTION VARCHAR(1024), - SECURITY_TYPE VARCHAR(50), - MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, - CREATED_TIME TIMESTAMP NULL, - LAST_UPDATED_TIME TIMESTAMP NULL, - CREATED_BY VARCHAR(255), - UPDATED_BY VARCHAR(255), - SERVICE_DEFINITION BLOB NOT NULL, - PRIMARY KEY (UUID), - UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), - UNIQUE (SERVICE_KEY, TENANT_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( - API_ID INTEGER NOT NULL, - SERVICE_KEY VARCHAR(256) NOT NULL, - MD5 VARCHAR(100), - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (API_ID, SERVICE_KEY), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE - )ENGINE=InnoDB; - - -- Webhooks -- - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( - WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_AT BIGINT, - DELIVERED_AT TIMESTAMP NULL, - DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, - PRIMARY KEY (WH_SUBSCRIPTION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (255) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_TENANT_UUID VARCHAR(36) NOT NULL, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME), - UNIQUE(UM_TENANT_UUID) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_GROUP_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_GROUP_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - - ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - # image: mysql:5.7 - image: 192.168.1.5:5000/mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - #offset=0 - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Default" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" - websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim":9021" - websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim":8021" - - [apim.sync_runtime_artifacts.gateway] - gateway_labels =["Default"] - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = false - config_endpoint = "https://localhost:8080/auth/v1" - auth_token = "" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - #enable_cross_tenant_subscriptions = true - #default_reserved_username = "apim_reserved_user" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - # image: "$image.pull.@.wso2"/wso2am:3.2.0 - image: 192.168.1.5:5000/wso2am:4.0.0-rc - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- -EOF -} - -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt 250 ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - # get node-ip - get_node_ip - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi diff --git a/simple/deployment-scripts/wso2am-latest.sh b/simple/deployment-scripts/wso2am-latest.sh deleted file mode 100755 index d2dd3b24..00000000 --- a/simple/deployment-scripts/wso2am-latest.sh +++ /dev/null @@ -1,3594 +0,0 @@ -#!/bin/bash - -#------------------------------------------------------------------------------- -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#-------------------------------------------------------------------------------- - -set -e - -# bash variables -k8s_obj_file="deployment.yaml"; str_sec="" - -# wso2 subscription variables -WUMUsername=''; WUMPassword='' -IMG_DEST="docker.wso2.com" - -: ${namespace:="wso2"} - -function create_yaml(){ -cat > $k8s_obj_file << "EOF" -EOF -if [ "$namespace" == "wso2" ]; then -cat > $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- -EOF -fi -cat >> $k8s_obj_file << "EOF" - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- - -apiVersion: v1 -kind: Secret -metadata: - name: wso2am-pattern-1-creds - namespace: wso2 -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "k8s.apim.&.auth.wso2" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID), - UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) - )ENGINE INNODB; - - INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES - ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), - ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), - ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - NAME VARCHAR(255) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - HAS_FILE tinyint(1) NOT NULL, - HAS_ATTRIBUTE tinyint(1) NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES - IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( - ID VARCHAR(255) NOT NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - ATTR_KEY VARCHAR(255) NOT NULL, - ATTR_VALUE VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) - REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( - ID VARCHAR(255) NOT NULL, - VALUE BLOB NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES - IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - IS_ENABLED CHAR(1) NOT NULL, - REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, - ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, - CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, - REMOTE_FETCH_NAME VARCHAR(255), - REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, - ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) - )ENGINE INNODB; - - CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( - ID VARCHAR(255) NOT NULL, - CONFIG_ID VARCHAR(255) NOT NULL, - FILE_PATH VARCHAR(255) NOT NULL, - FILE_HASH VARCHAR(255), - DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - DEPLOYMENT_STATUS VARCHAR(255), - ITEM_NAME VARCHAR(255), - DEPLOY_ERR_LOG MEDIUMTEXT, - PRIMARY KEY (ID), - FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, - CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, - FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, - FUNCTIONALITY_LOCK_REASON VARCHAR(1023), - FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - PROPERTY_NAME VARCHAR(255), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( - ID INT NOT NULL AUTO_INCREMENT, - TENANT_ID INT NOT NULL, - ORIGIN VARCHAR(2048) NOT NULL, - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (UUID) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( - IDN_CORS_ORIGIN_ID INT NOT NULL, - SP_APP_ID INT NOT NULL, - - PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), - FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, - FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE - ) ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- IDN_REMOTE_FETCH_REVISIONS -- - CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); - - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_UUID VARCHAR(256), - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR(30), - REVISIONS_CREATED INTEGER DEFAULT 0, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION), - UNIQUE (API_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( - API_UUID VARCHAR(64), - REVISION_UUID VARCHAR(64), - API_TIER VARCHAR(128), - UNIQUE (API_UUID,REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - REVISION_UUID VARCHAR(255), - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(64) NOT NULL, - COMMENT_TEXT VARCHAR(512), - CREATED_BY VARCHAR(255), - CREATED_TIME TIMESTAMP NOT NULL, - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - API_ID INTEGER, - PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, - ENTRY_POINT VARCHAR(20), - CATEGORY VARCHAR(20) DEFAULT 'general', - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), - FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - `CERTIFICATE` BLOB DEFAULT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - TOKEN_ID VARCHAR(255), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - API_TYPE varchar(50), - PRIMARY KEY (API_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - ARTIFACT blob, - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (REVISION_ID, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - LABEL VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - PRIMARY KEY (REVISION_ID, API_ID,LABEL), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVISION ( - ID INTEGER NOT NULL, - API_UUID VARCHAR(256) NOT NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(255), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - CREATED_BY VARCHAR(255), - PRIMARY KEY (ID, API_UUID), - UNIQUE(REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( - NAME VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, - DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (NAME, REVISION_UUID), - FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE - )ENGINE INNODB; - - -- Gateway Environments Table -- - CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID VARCHAR(45) NOT NULL, - NAME VARCHAR(255) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(1023) NULL, - UNIQUE (NAME, TENANT_DOMAIN), - UNIQUE (UUID), - PRIMARY KEY (ID) - ); - - -- Virtual Hosts Table -- - CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( - GATEWAY_ENV_ID INTEGER NOT NULL, - HOST VARCHAR(255) NOT NULL, - HTTP_CONTEXT VARCHAR(255) NULL, - HTTP_PORT VARCHAR(5) NOT NULL, - HTTPS_PORT VARCHAR(5) NOT NULL, - WS_PORT VARCHAR(5) NOT NULL, - WSS_PORT VARCHAR(5) NOT NULL, - FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY (GATEWAY_ENV_ID, HOST) - ); - - -- Service Catalog -- - CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( - UUID VARCHAR(36) NOT NULL, - SERVICE_KEY VARCHAR(512) NOT NULL, - MD5 VARCHAR(100) NOT NULL, - SERVICE_NAME VARCHAR(255) NOT NULL, - SERVICE_VERSION VARCHAR(30) NOT NULL, - TENANT_ID INTEGER NOT NULL, - SERVICE_URL VARCHAR(2048) NOT NULL, - DEFINITION_TYPE VARCHAR(20), - DEFINITION_URL VARCHAR(2048), - DESCRIPTION VARCHAR(1024), - SECURITY_TYPE VARCHAR(50), - MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, - CREATED_TIME TIMESTAMP NULL, - LAST_UPDATED_TIME TIMESTAMP NULL, - CREATED_BY VARCHAR(255), - UPDATED_BY VARCHAR(255), - SERVICE_DEFINITION BLOB NOT NULL, - PRIMARY KEY (UUID), - UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), - UNIQUE (SERVICE_KEY, TENANT_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( - API_ID INTEGER NOT NULL, - SERVICE_KEY VARCHAR(256) NOT NULL, - MD5 VARCHAR(100), - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (API_ID, SERVICE_KEY), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE - )ENGINE=InnoDB; - - -- Webhooks -- - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( - WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_AT BIGINT, - DELIVERED_AT TIMESTAMP NULL, - DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, - PRIMARY KEY (WH_SUBSCRIPTION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (255) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_TENANT_UUID VARCHAR(36) NOT NULL, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME), - UNIQUE(UM_TENANT_UUID) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_GROUP_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_GROUP_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - - ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - image: mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - #offset=0 - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Default" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" - websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim:9021" - websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim:8021" - - [apim.sync_runtime_artifacts.gateway] - gateway_labels =["Default"] - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = false - config_endpoint = "https://localhost:8080/auth/v1" - auth_token = "" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - #enable_cross_tenant_subscriptions = true - #default_reserved_username = "apim_reserved_user" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - # image: "$image.pull.@.wso2"/wso2am:3.2.0 - image: 192.168.1.5/wso2am:4.0.0-rc - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- -EOF -} - -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function get_creds(){ - while [[ -z "$WUMUsername" ]] - do - read -p "$(echoBold "Enter your WSO2 subscription username: ")" WUMUsername - if [[ -z "$WUMUsername" ]] - then - echo "wso2-subscription-username cannot be empty" - fi - done - - while [[ -z "$WUMPassword" ]] - do - read -sp "$(echoBold "Enter your WSO2 subscription password: ")" WUMPassword - echo "" - if [[ -z "$WUMPassword" ]] - then - echo "wso2-subscription-password cannot be empty" - fi - done -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt $time_limit ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - if [[ ! $(which base64) ]] - then - display_msg "Please install base64 before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - get_creds #get credentials for - - # get node-ip - get_node_ip - - # create and encode username/password pair - auth="$WUMUsername:$WUMPassword" - authb64=`echo -n $auth | base64` - - # create authorisation code - authstring='{"auths":{"docker.wso2.com":{"username":"'${WUMUsername}'","password":"'${WUMPassword}'","email":"'${WUMUsername}'","auth":"'${authb64}'"}}}' - - # encode in base64 - secdata=`echo -n $authstring | base64` - - for i in $secdata; do - str_sec=$str_sec$i - done - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"k8s.apim.&.auth.wso2"/'$str_sec'/g' $k8s_obj_file - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} -arg=$1 -if [[ -z $arg ]]; then - echoBold "Expected parameter is missing\n" - usage -else - case $arg in - -d|--deploy) - deploy - ;; - -u|--undeploy) - undeploy - ;; - -h|--help) - usage - ;; - *) - echoBold "Invalid parameter : $arg\n" - usage - ;; - esac -fi diff --git a/simple/funcs b/simple/funcs deleted file mode 100644 index 8a0b44a9..00000000 --- a/simple/funcs +++ /dev/null @@ -1,293 +0,0 @@ -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function get_creds(){ - while [[ -z "$WUMUsername" ]] - do - read -p "$(echoBold "Enter your WSO2 subscription username: ")" WUMUsername - if [[ -z "$WUMUsername" ]] - then - echo "wso2-subscription-username cannot be empty" - fi - done - - while [[ -z "$WUMPassword" ]] - do - read -sp "$(echoBold "Enter your WSO2 subscription password: ")" WUMPassword - echo "" - if [[ -z "$WUMPassword" ]] - then - echo "wso2-subscription-password cannot be empty" - fi - done -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt $time_limit ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - if [[ ! $(which base64) ]] - then - display_msg "Please install base64 before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - get_creds #get credentials for - - # get node-ip - get_node_ip - - # create and encode username/password pair - auth="$WUMUsername:$WUMPassword" - authb64=`echo -n $auth | base64` - - # create authorisation code - authstring='{"auths":{"docker.wso2.com":{"username":"'${WUMUsername}'","password":"'${WUMPassword}'","email":"'${WUMUsername}'","auth":"'${authb64}'"}}}' - - # encode in base64 - secdata=`echo -n $authstring | base64` - - for i in $secdata; do - str_sec=$str_sec$i - done - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"k8s.apim.&.auth.wso2"/'$str_sec'/g' $k8s_obj_file - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} diff --git a/simple/funcs4opensource b/simple/funcs4opensource deleted file mode 100644 index 6d2a2633..00000000 --- a/simple/funcs4opensource +++ /dev/null @@ -1,251 +0,0 @@ -# bash functions -function usage(){ - echo "Usage: " - echo -e "-d, --deploy Deploy WSO2 API Manager" - echo -e "-u, --undeploy Undeploy WSO2 API Manager" - echo -e "-h, --help Display usage instrusctions" -} -function undeploy(){ - echo "Undeploying WSO2 API Manager ..." - kubectl delete ns $namespace - echo "Done." - exit 0 -} -function echoBold () { - echo -en $'\e[1m'"${1}"$'\e[0m' -} - -function display_msg(){ - msg=$@ - echoBold "${msg}" - exit 1 -} - -function st(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold "* " - let "i=i+1" - done -} -function sp(){ - cycles=${1} - i=0 - while [[ i -lt $cycles ]] - do - echoBold " " - let "i=i+1" - done -} -function product_name(){ - #wso2apim - echo -e "\n" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; sp 1; st 3; sp 3; sp 8; sp 2; st 3; sp 1; sp 3; st 3; sp 3; st 5; sp 2; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 8; sp 1; st 1; sp 4; st 1; sp 3; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 2; sp 4; st 2; - echo "" - st 1; sp 3; st 1; sp 3; st 1; sp 2; st 1; sp 8; st 1; sp 6; st 1; sp 2; sp 6; st 1; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 4; st 1; sp 2; sp 3; st 1; sp 6; st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; - echo "" - st 1; sp 2; st 1; st 1; sp 2; st 1; sp 2; sp 1; st 3; sp 3; st 1; sp 6; st 1; sp 2; sp 4; st 1; sp 4; st 3; sp 2; st 5; sp 2; st 3; sp 3; sp 4; st 1; sp 6; st 1; sp 2; st 2; sp 2; st 1; - echo "" - st 1; sp 1; st 1; sp 2; st 1; sp 1; st 1; sp 2; sp 6; st 1; sp 2; st 1; sp 6; st 1; sp 2; sp 2; st 1; sp 6; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 3; st 1; sp 3; st 1; - echo "" - st 2; sp 4; st 2; sp 2; st 1; sp 4; st 1; sp 2; st 1; sp 6; st 1; sp 2; st 1; sp 8; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; sp 4; st 1; sp 6; st 1; sp 8; st 1; - echo "" - st 1; sp 8; st 1; sp 2; sp 1; st 3; sp 3; sp 2; st 3; sp 4; st 4; sp 2; sp 8; st 1; sp 6; st 1; sp 2; st 1; sp 7; st 5; sp 2; st 1; sp 8; st 1; - echo -e "\n" -} -function validate_ip(){ - ip_check=$1 - if [[ $ip_check =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - IFS='.' - ip=$ip_check - set -- $ip - if [[ $1 -le 255 ]] && [[ $2 -le 255 ]] && [[ $3 -le 255 ]] && [[ $4 -le 255 ]]; then - IFS='' - NODE_IP=$ip_check - else - IFS='' - echo "Invalid IP. Please try again." - NODE_IP="" - fi - else - echo "Invalid IP. Please try again." - NODE_IP="" - fi -} -function get_node_ip(){ - NODE_IP=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}') - - if [[ -z $NODE_IP ]] - then - if [[ $(kubectl config current-context) = "minikube" ]] - then - NODE_IP=$(minikube ip) - elif [[ $(kubectl config current-context) = "docker-desktop" ]] - then - NODE_IP="127.0.0.1" - else - echo "We could not find your cluster node-ip." - while [[ -z "$NODE_IP" ]] - do - read -p "$(echo "Enter one of your cluster Node IPs to provision instant access to server: ")" NODE_IP - if [[ -z "$NODE_IP" ]] - then - echo "cluster node ip cannot be empty" - else - validate_ip $NODE_IP - fi - done - fi - fi - set -- $NODE_IP; NODE_IP=$1 -} - -function progress_bar(){ - - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - num_true_const=0; progress_unit="";num_true=0; time_proc=0; - - # check for 250s until the pod is live. - time_limit=250 - - arr_dep=($dep_status); arr_pod=($pod_status) - - let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - echo "" - - while [[ $num_true -lt $length_total ]] - do - - sleep 4 - - num_true=0 - dep_status=$(kubectl get deployments -n wso2 -o jsonpath='{.items[?(@.spec.selector.matchLabels.product=="api-manager")].status.conditions[?(@.type=="Available")].status}') - pod_status=$(kubectl get pods -n wso2 -o jsonpath='{.items[?(@.metadata.labels.product=="api-manager")].status.conditions[*].status}') - - arr_dep=($dep_status); arr_pod=($pod_status); let "length_total= ${#arr_pod[@]} + ${#arr_dep[@]}"; - - for ele_dep in $dep_status - do - if [ "$ele_dep" = "True" ] - then - let "num_true=num_true+1" - fi - done - - for ele_pod in $pod_status - do - if [ "$ele_pod" = "True" ] - then - let "num_true=num_true+1" - fi - done - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' % \r' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - if [ $num_true -ne $num_true_const ] - then - i=0 - while [[ $i -lt $((5 * $((${num_true} - ${num_true_const})))) ]] - do - let "i=i+1" - progress_unit=$progress_unit"H" - printf "Processing WSO2 API Manager ... |" - echo -n $progress_unit - printf "%-$((5 * $((${length_total} - ${num_true_const})) - $i))s| $(($(( 100 * $(($num_true_const))/ $length_total)) + $((20 * $i/$length_total)) ))"; echo -en ' %\r ' - sleep 0.25 - done - num_true_const=$num_true - time_proc=0 - else - let "time_proc=time_proc + 5" - fi - - printf "Processing WSO2 API Manager ... |" - - printf "%-$((5 * ${length_total-1}))s| $(($num_true_const * 100/ $length_total))"; echo -en ' %\r ' - - printf "Processing WSO2 API Manager ... |" - s=$(printf "%-$((5 * ${num_true_const}))s" "H") - echo -en "${s// /H}" - - printf "%-$((5 * $(($length_total - $num_true_const))))s| $((100 * $(($num_true_const))/ $length_total))"; echo -en ' %\r ' - - sleep 1 - - if [[ $time_proc -gt 250 ]] - then - echoBold "\n\nSomething went wrong! Please Follow \"https://wso2.com/products/install/faq/#Kubernetes\" for more information\n" - exit 2 - fi - - done - - echo -e "\n" - -} - -function deploy(){ - #checking for required command line tools - if [[ ! $(which kubectl) ]] - then - display_msg "Please install Kubernetes command-line tool (kubectl) before you start with the setup\n" - fi - - echoBold "Checking for an enabled cluster... Your patience is appreciated... " - cluster_isReady=$(kubectl cluster-info) > /dev/null 2>&1 || true - - if [[ ! $cluster_isReady == *"DNS"* ]] - then - display_msg "\nPlease enable your cluster before running the setup.\n\nIf you don't have a kubernetes cluster, follow: https://kubernetes.io/docs/setup/\n\n" - fi - - echoBold "Done\n" - - #displaying wso2 product name - product_name - - # get node-ip - get_node_ip - - # create kubernetes object yaml - create_yaml - - # replace necessary variables - sed -i.bak 's/"ip.node.k8s.&.wso2.apim"/'$NODE_IP'/g' $k8s_obj_file - sed -i.bak 's/"$image.pull.@.wso2"/'$IMG_DEST'/g' $k8s_obj_file - - rm deployment.yaml.bak - - echoBold "\nDeploying WSO2 API Manager ....\n" - - # Deploy wso2am - kubectl create -f $k8s_obj_file - - # waiting until deployment is ready - progress_bar - - echoBold "Successfully deployed WSO2 API Manager.\n\n" - - echoBold "1. Try navigating to\n\n" - echoBold "\thttps://$NODE_IP:30443/carbon/\n" - echoBold "\thttps://$NODE_IP:30443/publisher/\n" - echoBold "\thttps://$NODE_IP:30443/devportal/\n" - echoBold "from your favourite browser using credentials admin/admin\n\n" - - echoBold "2. Follow \"https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/\" to start using WSO2 API Manager.\n\n" -} diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml deleted file mode 100644 index a60b1a1f..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-conf.yaml +++ /dev/null @@ -1,2725 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2apim-mysql-dbscripts - namespace: wso2 -data: - mysql_apim.sql: |- - DROP DATABASE IF EXISTS WSO2AM_DB; - CREATE DATABASE WSO2AM_DB; - GRANT ALL ON WSO2AM_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_DB; - -- Start of IDENTITY Tables-- - CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE ( - PRODUCT_NAME VARCHAR(20), - PRIMARY KEY (PRODUCT_NAME) - )ENGINE INNODB; - - INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server'); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY VARCHAR(255), - CONSUMER_SECRET VARCHAR(2048), - USERNAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT 0, - USER_DOMAIN VARCHAR(50), - APP_NAME VARCHAR(255), - OAUTH_VERSION VARCHAR(128), - CALLBACK_URL VARCHAR(2048), - GRANT_TYPES VARCHAR (1024), - PKCE_MANDATORY CHAR(1) DEFAULT '0', - PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0', - APP_STATE VARCHAR (25) DEFAULT 'ACTIVE', - USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600, - ID_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600, - CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( - APP_ID INTEGER NOT NULL, - SCOPE_VALIDATOR VARCHAR (128) NOT NULL, - PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), - FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN ( - REQUEST_TOKEN VARCHAR(255), - REQUEST_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHORIZED VARCHAR(128), - OAUTH_VERIFIER VARCHAR(512), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (REQUEST_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN ( - ACCESS_TOKEN VARCHAR(255), - ACCESS_TOKEN_SECRET VARCHAR(512), - CONSUMER_KEY_ID INTEGER, - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR(512), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ACCESS_TOKEN), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE', - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - TOKEN_BINDING_REF VARCHAR (32) DEFAULT 'NONE', - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH, - TOKEN_STATE,TOKEN_STATE_ID,IDP_ID,TOKEN_BINDING_REF) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_TOKEN_BINDING ( - TOKEN_ID VARCHAR (255), - TOKEN_BINDING_TYPE VARCHAR (32), - TOKEN_BINDING_REF VARCHAR (32), - TOKEN_BINDING_VALUE VARCHAR (1024), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_AUDIT ( - TOKEN_ID VARCHAR (255), - ACCESS_TOKEN VARCHAR(2048), - REFRESH_TOKEN VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - USER_TYPE VARCHAR (25), - GRANT_TYPE VARCHAR (50), - TIME_CREATED TIMESTAMP NULL, - REFRESH_TOKEN_TIME_CREATED TIMESTAMP NULL, - VALIDITY_PERIOD BIGINT, - REFRESH_TOKEN_VALIDITY_PERIOD BIGINT, - TOKEN_SCOPE_HASH VARCHAR(32), - TOKEN_STATE VARCHAR(25), - TOKEN_STATE_ID VARCHAR (128) , - SUBJECT_IDENTIFIER VARCHAR(255), - ACCESS_TOKEN_HASH VARCHAR(512), - REFRESH_TOKEN_HASH VARCHAR(512), - INVALIDATED_TIME TIMESTAMP NULL, - IDP_ID INTEGER DEFAULT -1 NOT NULL - ); - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE ( - CODE_ID VARCHAR (255), - AUTHORIZATION_CODE VARCHAR(2048), - CONSUMER_KEY_ID INTEGER, - CALLBACK_URL VARCHAR(2048), - SCOPE VARCHAR(2048), - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - VALIDITY_PERIOD BIGINT, - STATE VARCHAR (25) DEFAULT 'ACTIVE', - TOKEN_ID VARCHAR(255), - SUBJECT_IDENTIFIER VARCHAR(255), - PKCE_CODE_CHALLENGE VARCHAR(255), - PKCE_CODE_CHALLENGE_METHOD VARCHAR(128), - AUTHORIZATION_CODE_HASH VARCHAR(512), - IDP_ID INTEGER DEFAULT -1 NOT NULL, - PRIMARY KEY (CODE_ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHZ_CODE_SCOPE( - CODE_ID VARCHAR(255), - SCOPE VARCHAR(60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (CODE_ID, SCOPE), - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE (CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW ( - CODE_ID VARCHAR(255), - DEVICE_CODE VARCHAR(255), - USER_CODE VARCHAR(25), - CONSUMER_KEY_ID INTEGER, - LAST_POLL_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLL_TIME BIGINT, - STATUS VARCHAR (25) DEFAULT 'PENDING', - AUTHZ_USER VARCHAR (100), - TENANT_ID INTEGER, - USER_DOMAIN VARCHAR(50), - IDP_ID INTEGER, - PRIMARY KEY (DEVICE_CODE), - UNIQUE (CODE_ID), - UNIQUE (USER_CODE), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_DEVICE_FLOW_SCOPES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID VARCHAR(255), - SCOPE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_DEVICE_FLOW(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( - TOKEN_ID VARCHAR (255), - TOKEN_SCOPE VARCHAR (60), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE), - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID), - UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, SCOPE_BINDING, BINDING_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE ( - RESOURCE_PATH VARCHAR(255) NOT NULL, - SCOPE_ID INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RESOURCE_PATH), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - ROLE_NAME VARCHAR(255) NOT NULL, - ATTR_NAME VARCHAR(1024) NOT NULL, - ATTR_VALUE VARCHAR(1024), - PRIMARY KEY (ID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - COOKIE_VALUE VARCHAR(1024), - CREATED_TIME TIMESTAMP, - PRIMARY KEY (USER_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT 0, - RP_URL VARCHAR(255) NOT NULL, - TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE', - LAST_VISIT DATE NOT NULL, - VISIT_COUNT INTEGER DEFAULT 0, - DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT', - PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS ( - HANDLE VARCHAR(255) NOT NULL, - ASSOC_TYPE VARCHAR(255) NOT NULL, - EXPIRE_IN TIMESTAMP NOT NULL, - MAC_KEY VARCHAR(255) NOT NULL, - ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_STS_STORE ( - ID INTEGER AUTO_INCREMENT, - TOKEN_ID VARCHAR(255) NOT NULL, - TOKEN_CONTENT BLOB(1024) NOT NULL, - CREATE_DATE TIMESTAMP NOT NULL, - EXPIRE_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - STATE INTEGER DEFAULT 0, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA ( - TENANT_ID INTEGER DEFAULT -1234, - USER_NAME VARCHAR(255) NOT NULL, - DATA_KEY VARCHAR(255) NOT NULL, - DATA_VALUE VARCHAR(2048), - PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - METADATA_TYPE VARCHAR(255) NOT NULL, - METADATA VARCHAR(255) NOT NULL, - VALID VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION ( - SESSION_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - CREATED_TIME VARCHAR(255) NOT NULL, - LAST_MODIFIED_TIME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - - - - CREATE TABLE IF NOT EXISTS IDN_AUTH_TEMP_SESSION_STORE ( - SESSION_ID VARCHAR (100) NOT NULL, - SESSION_TYPE VARCHAR(100) NOT NULL, - OPERATION VARCHAR(10) NOT NULL, - SESSION_OBJECT BLOB, - TIME_CREATED BIGINT, - TENANT_ID INTEGER DEFAULT -1, - EXPIRY_TIME BIGINT, - PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - IDP_ID INTEGER NOT NULL, - PRIMARY KEY (USER_ID), - CONSTRAINT USER_STORE_CONSTRAINT UNIQUE (USER_NAME, TENANT_ID, DOMAIN_NAME, IDP_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_USER_SESSION_MAPPING ( - USER_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - CONSTRAINT USER_SESSION_STORE_CONSTRAINT UNIQUE (USER_ID, SESSION_ID)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_APP_INFO ( - SESSION_ID VARCHAR (100) NOT NULL, - SUBJECT VARCHAR (100) NOT NULL, - APP_ID INTEGER NOT NULL, - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, SUBJECT, APP_ID, INBOUND_AUTH_TYPE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_META_DATA ( - SESSION_ID VARCHAR (100) NOT NULL, - PROPERTY_TYPE VARCHAR (100) NOT NULL, - VALUE VARCHAR (255) NOT NULL, - PRIMARY KEY (SESSION_ID, PROPERTY_TYPE, VALUE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_APP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - APP_NAME VARCHAR (255) NOT NULL , - USER_STORE VARCHAR (255) NOT NULL, - USERNAME VARCHAR (255) NOT NULL , - DESCRIPTION VARCHAR (1024), - ROLE_CLAIM VARCHAR (512), - AUTH_TYPE VARCHAR (255) NOT NULL, - PROVISIONING_USERSTORE_DOMAIN VARCHAR (512), - IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1', - IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0', - IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0', - IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1', - ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0', - SUBJECT_CLAIM_URI VARCHAR (512), - IS_SAAS_APP CHAR(1) DEFAULT '0', - IS_DUMB_MODE CHAR(1) DEFAULT '0', - UUID CHAR(36), - IMAGE_URL VARCHAR(1024), - ACCESS_URL VARCHAR(1024), - IS_DISCOVERABLE CHAR(1) DEFAULT '0', - - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID); - ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_UUID_CONSTRAINT UNIQUE(UUID); - - CREATE TABLE IF NOT EXISTS SP_METADATA ( - ID INTEGER AUTO_INCREMENT, - SP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), - FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - INBOUND_AUTH_KEY VARCHAR (255), - INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL, - INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL, - PROP_NAME VARCHAR (255), - PROP_VALUE VARCHAR (1024) , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_AUTH_STEP ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - STEP_ORDER INTEGER DEFAULT 1, - APP_ID INTEGER NOT NULL , - IS_SUBJECT_STEP CHAR(1) DEFAULT '0', - IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP ( - ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_ID INTEGER NOT NULL, - PRIMARY KEY (ID, AUTHENTICATOR_ID) - )ENGINE INNODB; - - ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - SP_DIALECT VARCHAR (512) NOT NULL, - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID)); - - ALTER TABLE SP_CLAIM_DIALECT ADD CONSTRAINT DIALECTID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_CLAIM VARCHAR (512) NOT NULL , - SP_CLAIM VARCHAR (512) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_REQUESTED VARCHAR(128) DEFAULT '0', - IS_MANDATORY VARCHAR(128) DEFAULT '0', - DEFAULT_VALUE VARCHAR(255), - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_ROLE VARCHAR (255) NOT NULL , - SP_ROLE VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - AUTHENTICATOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER NOT NULL, - IDP_NAME VARCHAR (255) NOT NULL , - CONNECTOR_NAME VARCHAR (255) NOT NULL , - APP_ID INTEGER NOT NULL, - IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0', - BLOCKING CHAR(1) NOT NULL DEFAULT '0', - RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID) - )ENGINE INNODB; - - ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE; - - CREATE TABLE SP_AUTH_SCRIPT ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - APP_ID INTEGER NOT NULL, - TYPE VARCHAR(255) NOT NULL, - CONTENT BLOB DEFAULT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID)); - - CREATE TABLE IF NOT EXISTS SP_TEMPLATE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - CONTENT BLOB DEFAULT NULL, - PRIMARY KEY (ID), - CONSTRAINT SP_TEMPLATE_CONSTRAINT UNIQUE (TENANT_ID, NAME)); - - CREATE TABLE IF NOT EXISTS IDN_AUTH_WAIT_STATUS ( - ID INTEGER AUTO_INCREMENT NOT NULL, - TENANT_ID INTEGER NOT NULL, - LONG_WAIT_KEY VARCHAR(255) NOT NULL, - WAIT_STATUS CHAR(1) NOT NULL DEFAULT '1', - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRE_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (ID), - CONSTRAINT IDN_AUTH_WAIT_STATUS_KEY UNIQUE (LONG_WAIT_KEY)); - - CREATE TABLE IF NOT EXISTS IDP ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - NAME VARCHAR(254) NOT NULL, - IS_ENABLED CHAR(1) NOT NULL DEFAULT '1', - IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0', - HOME_REALM_ID VARCHAR(254), - IMAGE MEDIUMBLOB, - CERTIFICATE BLOB, - ALIAS VARCHAR(254), - INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0', - INBOUND_PROV_USER_STORE_ID VARCHAR(254), - USER_CLAIM_URI VARCHAR(254), - ROLE_CLAIM_URI VARCHAR(254), - DESCRIPTION VARCHAR (1024), - DEFAULT_AUTHENTICATOR_NAME VARCHAR(254), - DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254), - PROVISIONING_ROLE VARCHAR(128), - IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0', - IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0', - DISPLAY_NAME VARCHAR(255), - IMAGE_URL VARCHAR(1024), - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, NAME), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - ROLE VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, ROLE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_ROLE_ID INTEGER, - TENANT_ID INTEGER, - USER_STORE_ID VARCHAR (253), - LOCAL_ROLE VARCHAR(253), - PRIMARY KEY (ID), - UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE), - FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - TENANT_ID INTEGER, - CLAIM VARCHAR(254), - PRIMARY KEY (ID), - UNIQUE (IDP_ID, CLAIM), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING ( - ID INTEGER AUTO_INCREMENT, - IDP_CLAIM_ID INTEGER, - TENANT_ID INTEGER, - LOCAL_CLAIM VARCHAR(253), - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM), - FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '1', - DISPLAY_NAME VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_METADATA ( - ID INTEGER AUTO_INCREMENT, - IDP_ID INTEGER, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID), - CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - AUTHENTICATOR_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047), - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY), - FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL, - IS_ENABLED CHAR (1) DEFAULT '0', - IS_BLOCKING CHAR (1) DEFAULT '0', - IS_RULES_ENABLED CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - PROVISIONING_CONFIG_ID INTEGER, - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2048), - PROPERTY_BLOB_VALUE BLOB, - PROPERTY_TYPE CHAR(32) NOT NULL, - IS_SECRET CHAR (1) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY ( - ID INTEGER AUTO_INCREMENT, - PROVISIONING_CONFIG_ID INTEGER, - ENTITY_TYPE VARCHAR(255) NOT NULL, - ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL, - ENTITY_NAME VARCHAR(255) NOT NULL, - ENTITY_VALUE VARCHAR(255), - TENANT_ID INTEGER, - ENTITY_LOCAL_ID VARCHAR(255), - PRIMARY KEY (ID), - UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID), - UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE), - FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM ( - ID INTEGER AUTO_INCREMENT, - TENANT_ID INTEGER, - IDP_ID INTEGER, - CLAIM_URI VARCHAR(255) NOT NULL, - DEFAULT_VALUE VARCHAR(255), - IS_REQUESTED VARCHAR(128) DEFAULT '0', - PRIMARY KEY (ID), - UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID ( - ID INTEGER AUTO_INCREMENT, - IDP_USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT -1234, - IDP_ID INTEGER NOT NULL, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - ASSOCIATION_ID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID), - FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( - ASSOCIATION_KEY VARCHAR(255) NOT NULL, - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - KEY_HANDLE VARCHAR(200) NOT NULL, - DEVICE_DATA VARCHAR(2048) NOT NULL, - PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS FIDO2_DEVICE_STORE ( - TENANT_ID INTEGER, - DOMAIN_NAME VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(45) NOT NULL, - TIME_REGISTERED TIMESTAMP, - USER_HANDLE VARCHAR(64) NOT NULL, - CREDENTIAL_ID VARCHAR(200) NOT NULL, - PUBLIC_KEY_COSE VARCHAR(1024) NOT NULL, - SIGNATURE_COUNT BIGINT, - USER_IDENTITY VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(255), - IS_USERNAMELESS_SUPPORTED CHAR(1) DEFAULT '0', - PRIMARY KEY (CREDENTIAL_ID, USER_HANDLE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST ( - UUID VARCHAR (45), - CREATED_BY VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - OPERATION_TYPE VARCHAR (50), - CREATED_AT TIMESTAMP, - UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR (30), - REQUEST BLOB, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( - PROFILE_NAME VARCHAR(45), - HOST_URL_MANAGER VARCHAR(255), - HOST_URL_WORKER VARCHAR(255), - USERNAME VARCHAR(45), - PASSWORD VARCHAR(1023), - CALLBACK_HOST VARCHAR (45), - CALLBACK_USERNAME VARCHAR (45), - CALLBACK_PASSWORD VARCHAR (255), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (PROFILE_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW( - ID VARCHAR (45), - WF_NAME VARCHAR (45), - DESCRIPTION VARCHAR (255), - TEMPLATE_ID VARCHAR (45), - IMPL_ID VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( - ID INTEGER NOT NULL AUTO_INCREMENT, - ASSOC_NAME VARCHAR (45), - EVENT_ID VARCHAR(45), - ASSOC_CONDITION VARCHAR (2000), - WORKFLOW_ID VARCHAR (45), - IS_ENABLED CHAR (1) DEFAULT '1', - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( - WORKFLOW_ID VARCHAR (45), - PARAM_NAME VARCHAR (45), - PARAM_VALUE VARCHAR (1000), - PARAM_QNAME VARCHAR (45), - PARAM_HOLDER VARCHAR (45), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( - REQUEST_ID VARCHAR (45), - ENTITY_NAME VARCHAR (255), - ENTITY_TYPE VARCHAR (50), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( - RELATIONSHIP_ID VARCHAR (45), - WORKFLOW_ID VARCHAR (45), - REQUEST_ID VARCHAR (45), - UPDATED_AT TIMESTAMP, - STATUS VARCHAR (30), - TENANT_ID INTEGER DEFAULT -1, - PRIMARY KEY (RELATIONSHIP_ID), - FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, - FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - CODE VARCHAR(255) NOT NULL, - SCENARIO VARCHAR(255) NOT NULL, - STEP VARCHAR(127) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REMAINING_SETS VARCHAR(2500) DEFAULT NULL, - PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), - UNIQUE(CODE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( - ID INTEGER NOT NULL AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL, - USER_DOMAIN VARCHAR(127) NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - SALT_VALUE VARCHAR(255), - HASH VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM ( - ID INTEGER NOT NULL AUTO_INCREMENT, - DIALECT_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, - CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, - ATTRIBUTE_NAME VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - LOCAL_CLAIM_ID INTEGER, - PROPERTY_NAME VARCHAR (255) NOT NULL, - PROPERTY_VALUE VARCHAR (255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - EXT_CLAIM_ID INTEGER NOT NULL, - MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SAML2_ID VARCHAR(255) , - SAML2_ISSUER VARCHAR(255) , - SAML2_SUBJECT VARCHAR(255) , - SAML2_SESSION_INDEX VARCHAR(255) , - SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , - SAML2_ASSERTION VARCHAR(4096) , - ASSERTION BLOB , - PRIMARY KEY (ID) - )ENGINE INNODB; - - CREATE TABLE IDN_SAML2_ARTIFACT_STORE ( - ID INT(11) NOT NULL AUTO_INCREMENT, - SOURCE_ID VARCHAR(255) NOT NULL, - MESSAGE_HANDLER VARCHAR(255) NOT NULL, - AUTHN_REQ_DTO BLOB NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - EXP_TIMESTAMP TIMESTAMP NOT NULL, - INIT_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - ASSERTION_ID VARCHAR(255), - PRIMARY KEY (`ID`) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( - JWT_ID VARCHAR(255) NOT NULL, - EXP_TIME TIMESTAMP NOT NULL , - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , - PRIMARY KEY (JWT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( - ID INTEGER NOT NULL AUTO_INCREMENT, - TENANT_ID INTEGER, - CONSUMER_KEY VARCHAR(255) , - PROPERTY_KEY VARCHAR(255) NOT NULL, - PROPERTY_VALUE VARCHAR(2047) , - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - CONSUMER_KEY_ID INTEGER , - CODE_ID VARCHAR(255) , - TOKEN_ID VARCHAR(255) , - SESSION_DATA_KEY VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, - FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, - FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_ID INTEGER, - CLAIM_ATTRIBUTE VARCHAR(255) , - ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' , - VALUE VARCHAR(255) , - IS_USERINFO CHAR(1) NOT NULL DEFAULT '0', - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( - ID INTEGER NOT NULL AUTO_INCREMENT, - REQ_OBJECT_CLAIMS_ID INTEGER , - CLAIM_VALUES VARCHAR(255) , - PRIMARY KEY (ID), - FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( - ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(100), - CERTIFICATE_IN_PEM BLOB, - TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY(ID), - CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OIDC_SCOPE_CLAIM_MAPPING ( - ID INTEGER NOT NULL AUTO_INCREMENT, - SCOPE_ID INTEGER NOT NULL, - EXTERNAL_CLAIM_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE, - FOREIGN KEY (EXTERNAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, - UNIQUE (SCOPE_ID, EXTERNAL_CLAIM_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FUNCTION_LIBRARY ( - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - DATA BLOB NOT NULL, - PRIMARY KEY (TENANT_ID,NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_AUTH_CODE ( - AUTH_CODE_KEY CHAR (36), - AUTH_REQ_ID CHAR (36), - ISSUED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - CONSUMER_KEY VARCHAR(255), - LAST_POLLED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - POLLING_INTERVAL INTEGER, - EXPIRES_IN INTEGER, - AUTHENTICATED_USER_NAME VARCHAR(255), - USER_STORE_DOMAIN VARCHAR(100), - TENANT_ID INTEGER, - AUTH_REQ_STATUS VARCHAR (100) DEFAULT 'REQUESTED', - IDP_ID INTEGER, - UNIQUE(AUTH_REQ_ID), - PRIMARY KEY (AUTH_CODE_KEY), - FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_OAUTH2_CIBA_REQUEST_SCOPES ( - AUTH_CODE_KEY CHAR (36), - SCOPE VARCHAR (255), - FOREIGN KEY (AUTH_CODE_KEY) REFERENCES IDN_OAUTH2_CIBA_AUTH_CODE(AUTH_CODE_KEY) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_FED_AUTH_SESSION_MAPPING ( - IDP_SESSION_ID VARCHAR(255) NOT NULL, - SESSION_ID VARCHAR(255) NOT NULL, - IDP_NAME VARCHAR(255) NOT NULL, - AUTHENTICATOR_ID VARCHAR(255), - PROTOCOL_TYPE VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (IDP_SESSION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_TYPE ( - ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT TYPE_NAME_CONSTRAINT UNIQUE (NAME) - )ENGINE INNODB; - - INSERT INTO IDN_CONFIG_TYPE (ID, NAME, DESCRIPTION) VALUES - ('9ab0ef95-13e9-4ed5-afaf-d29bed62f7bd', 'IDP_TEMPLATE', 'Template type to uniquely identify IDP templates'), - ('3c4ac3d0-5903-4e3d-aaca-38df65b33bfd', 'APPLICATION_TEMPLATE', 'Template type to uniquely identify Application templates'), - ('8ec6dbf1-218a-49bf-bc34-0d2db52d151c', 'CORS_CONFIGURATION', 'A resource type to keep the tenant CORS configurations'); - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_RESOURCE ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - NAME VARCHAR(255) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - LAST_MODIFIED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - HAS_FILE tinyint(1) NOT NULL, - HAS_ATTRIBUTE tinyint(1) NOT NULL, - TYPE_ID VARCHAR(255) NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT NAME_TENANT_TYPE_CONSTRAINT UNIQUE (NAME, TENANT_ID, TYPE_ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_RESOURCE ADD CONSTRAINT TYPE_ID_FOREIGN_CONSTRAINT FOREIGN KEY (TYPE_ID) REFERENCES - IDN_CONFIG_TYPE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_ATTRIBUTE ( - ID VARCHAR(255) NOT NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - ATTR_KEY VARCHAR(255) NOT NULL, - ATTR_VALUE VARCHAR(1023) NULL, - PRIMARY KEY (ID), - CONSTRAINT RESOURCE_KEY_VAL_CONSTRAINT UNIQUE (RESOURCE_ID(64), ATTR_KEY(255)) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_ATTRIBUTE ADD CONSTRAINT RESOURCE_ID_ATTRIBUTE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) - REFERENCES IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IF NOT EXISTS IDN_CONFIG_FILE ( - ID VARCHAR(255) NOT NULL, - VALUE BLOB NULL, - RESOURCE_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NULL, - PRIMARY KEY (ID) - )ENGINE INNODB; - ALTER TABLE IDN_CONFIG_FILE ADD CONSTRAINT RESOURCE_ID_FILE_FOREIGN_CONSTRAINT FOREIGN KEY (RESOURCE_ID) REFERENCES - IDN_CONFIG_RESOURCE (ID) ON DELETE CASCADE ON UPDATE CASCADE; - - CREATE TABLE IDN_REMOTE_FETCH_CONFIG ( - ID VARCHAR(255) NOT NULL, - TENANT_ID INT NOT NULL, - IS_ENABLED CHAR(1) NOT NULL, - REPO_MANAGER_TYPE VARCHAR(255) NOT NULL, - ACTION_LISTENER_TYPE VARCHAR(255) NOT NULL, - CONFIG_DEPLOYER_TYPE VARCHAR(255) NOT NULL, - REMOTE_FETCH_NAME VARCHAR(255), - REMOTE_RESOURCE_URI VARCHAR(255) NOT NULL, - ATTRIBUTES_JSON MEDIUMTEXT NOT NULL, - PRIMARY KEY (ID), - CONSTRAINT UC_REMOTE_RESOURCE_TYPE UNIQUE (TENANT_ID, CONFIG_DEPLOYER_TYPE) - )ENGINE INNODB; - - CREATE TABLE IDN_REMOTE_FETCH_REVISIONS ( - ID VARCHAR(255) NOT NULL, - CONFIG_ID VARCHAR(255) NOT NULL, - FILE_PATH VARCHAR(255) NOT NULL, - FILE_HASH VARCHAR(255), - DEPLOYED_DATE TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - LAST_SYNC_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - DEPLOYMENT_STATUS VARCHAR(255), - ITEM_NAME VARCHAR(255), - DEPLOY_ERR_LOG MEDIUMTEXT, - PRIMARY KEY (ID), - FOREIGN KEY (CONFIG_ID) REFERENCES IDN_REMOTE_FETCH_CONFIG(ID) ON DELETE CASCADE, - CONSTRAINT UC_REVISIONS UNIQUE (CONFIG_ID, ITEM_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_MAPPING ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - IS_FUNCTIONALITY_LOCKED BOOLEAN NOT NULL, - FUNCTIONALITY_UNLOCK_TIME BIGINT NOT NULL, - FUNCTIONALITY_LOCK_REASON VARCHAR(1023), - FUNCTIONALITY_LOCK_REASON_CODE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_MAPPING_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_USER_FUNCTIONALITY_PROPERTY ( - ID VARCHAR(255) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - FUNCTIONALITY_ID VARCHAR(255) NOT NULL, - PROPERTY_NAME VARCHAR(255), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - CONSTRAINT IDN_USER_FUNCTIONALITY_PROPERTY_CONSTRAINT UNIQUE (USER_ID, TENANT_ID, FUNCTIONALITY_ID, PROPERTY_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ORIGIN ( - ID INT NOT NULL AUTO_INCREMENT, - TENANT_ID INT NOT NULL, - ORIGIN VARCHAR(2048) NOT NULL, - UUID CHAR(36) NOT NULL, - PRIMARY KEY (ID), - UNIQUE (UUID) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS IDN_CORS_ASSOCIATION ( - IDN_CORS_ORIGIN_ID INT NOT NULL, - SP_APP_ID INT NOT NULL, - - PRIMARY KEY (IDN_CORS_ORIGIN_ID, SP_APP_ID), - FOREIGN KEY (IDN_CORS_ORIGIN_ID) REFERENCES IDN_CORS_ORIGIN (ID) ON DELETE CASCADE, - FOREIGN KEY (SP_APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE - ) ENGINE INNODB; - - -- --------------------------- INDEX CREATION ----------------------------- - -- IDN_OAUTH2_ACCESS_TOKEN -- - CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); - CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); - CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_TI_UD ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, TOKEN_STATE, USER_DOMAIN); - CREATE INDEX IDX_AT_AU_TID_UD_TS_CKID ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_STATE, CONSUMER_KEY_ID); - CREATE INDEX IDX_AT_AU_CKID_TS_UT ON IDN_OAUTH2_ACCESS_TOKEN(AUTHZ_USER, CONSUMER_KEY_ID, TOKEN_STATE, USER_TYPE); - CREATE INDEX IDX_AT_RTH ON IDN_OAUTH2_ACCESS_TOKEN(REFRESH_TOKEN_HASH); - CREATE INDEX IDX_AT_CKID_AU_TID_UD_TSH_TS ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TENANT_ID, USER_DOMAIN, TOKEN_SCOPE_HASH, TOKEN_STATE); - - -- IDN_OAUTH2_AUTHORIZATION_CODE -- - CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID); - CREATE INDEX IDX_AUTHORIZATION_CODE_AU_TI ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHZ_USER, TENANT_ID, USER_DOMAIN, STATE); - CREATE INDEX IDX_AC_CKID ON IDN_OAUTH2_AUTHORIZATION_CODE(CONSUMER_KEY_ID); - CREATE INDEX IDX_AC_TID ON IDN_OAUTH2_AUTHORIZATION_CODE(TOKEN_ID); - - -- IDN_SCIM_GROUP -- - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME); - CREATE INDEX IDX_IDN_SCIM_GROUP_TI_RN_AN ON IDN_SCIM_GROUP (TENANT_ID, ROLE_NAME, ATTR_NAME(500)); - - -- IDN_AUTH_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_SESSION_TIME ON IDN_AUTH_SESSION_STORE (TIME_CREATED); - - -- IDN_AUTH_TEMP_SESSION_STORE -- - CREATE INDEX IDX_IDN_AUTH_TMP_SESSION_TIME ON IDN_AUTH_TEMP_SESSION_STORE (TIME_CREATED); - - -- IDN_OIDC_SCOPE_CLAIM_MAPPING -- - CREATE INDEX IDX_AT_SI_ECI ON IDN_OIDC_SCOPE_CLAIM_MAPPING(SCOPE_ID, EXTERNAL_CLAIM_ID); - - -- IDN_OAUTH2_SCOPE -- - CREATE INDEX IDX_SC_TID ON IDN_OAUTH2_SCOPE(TENANT_ID); - - -- IDN_OAUTH2_SCOPE_BINDING -- - CREATE INDEX IDX_SB_SCPID ON IDN_OAUTH2_SCOPE_BINDING(SCOPE_ID); - - -- IDN_OIDC_REQ_OBJECT_REFERENCE -- - CREATE INDEX IDX_OROR_TID ON IDN_OIDC_REQ_OBJECT_REFERENCE(TOKEN_ID); - - -- IDN_OAUTH2_ACCESS_TOKEN_SCOPE -- - CREATE INDEX IDX_ATS_TID ON IDN_OAUTH2_ACCESS_TOKEN_SCOPE(TOKEN_ID); - - -- SP_TEMPLATE -- - CREATE INDEX IDX_SP_TEMPLATE ON SP_TEMPLATE (TENANT_ID, NAME); - - -- IDN_AUTH_USER -- - CREATE INDEX IDX_AUTH_USER_UN_TID_DN ON IDN_AUTH_USER (USER_NAME, TENANT_ID, DOMAIN_NAME); - CREATE INDEX IDX_AUTH_USER_DN_TOD ON IDN_AUTH_USER (DOMAIN_NAME, TENANT_ID); - - -- IDN_AUTH_USER_SESSION_MAPPING -- - CREATE INDEX IDX_USER_ID ON IDN_AUTH_USER_SESSION_MAPPING (USER_ID); - CREATE INDEX IDX_SESSION_ID ON IDN_AUTH_USER_SESSION_MAPPING (SESSION_ID); - - -- IDN_OAUTH_CONSUMER_APPS -- - CREATE INDEX IDX_OCA_UM_TID_UD_APN ON IDN_OAUTH_CONSUMER_APPS(USERNAME,TENANT_ID,USER_DOMAIN, APP_NAME); - - -- IDX_SPI_APP -- - CREATE INDEX IDX_SPI_APP ON SP_INBOUND_AUTH(APP_ID); - - -- IDN_OIDC_PROPERTY -- - CREATE INDEX IDX_IOP_TID_CK ON IDN_OIDC_PROPERTY(TENANT_ID,CONSUMER_KEY); - - -- IDN_FIDO2_PROPERTY -- - CREATE INDEX IDX_FIDO2_STR ON FIDO2_DEVICE_STORE(USER_NAME, TENANT_ID, DOMAIN_NAME, CREDENTIAL_ID, USER_HANDLE); - - -- IDN_ASSOCIATED_ID -- - CREATE INDEX IDX_AI_DN_UN_AI ON IDN_ASSOCIATED_ID(DOMAIN_NAME, USER_NAME, ASSOCIATION_ID); - - -- IDN_OAUTH2_TOKEN_BINDING -- - CREATE INDEX IDX_IDN_AUTH_BIND ON IDN_OAUTH2_TOKEN_BINDING (TOKEN_BINDING_REF); - - -- IDN_FED_AUTH_SESSION_MAPPING -- - CREATE INDEX IDX_FEDERATED_AUTH_SESSION_ID ON IDN_FED_AUTH_SESSION_MAPPING (SESSION_ID); - - -- IDN_REMOTE_FETCH_REVISIONS -- - CREATE INDEX IDX_REMOTE_FETCH_REVISION_CONFIG_ID ON IDN_REMOTE_FETCH_REVISIONS (CONFIG_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_SP_APP_ID ON IDN_CORS_ASSOCIATION (SP_APP_ID); - - -- IDN_CORS_ASSOCIATION -- - CREATE INDEX IDX_CORS_ORIGIN_ID ON IDN_CORS_ASSOCIATION (IDN_CORS_ORIGIN_ID); - - - -- End of IDENTITY Tables-- - - -- Start of CONSENT-MGT Tables -- - - CREATE TABLE CM_PII_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - DISPLAY_NAME VARCHAR(255), - IS_SENSITIVE INTEGER NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - VERSION VARCHAR(255) NOT NULL, - JURISDICTION VARCHAR(255) NOT NULL, - CONSENT_TIMESTAMP TIMESTAMP NOT NULL, - COLLECTION_METHOD VARCHAR(255) NOT NULL, - LANGUAGE VARCHAR(255) NOT NULL, - PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, - PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', - POLICY_URL VARCHAR(255) NOT NULL, - STATE VARCHAR(255) NOT NULL, - PII_CONTROLLER VARCHAR(2048) NOT NULL, - PRIMARY KEY (CONSENT_RECEIPT_ID) - ); - - CREATE TABLE CM_PURPOSE ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - PURPOSE_GROUP VARCHAR(255) NOT NULL, - GROUP_TYPE VARCHAR(255) NOT NULL, - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID, PURPOSE_GROUP, GROUP_TYPE), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_PURPOSE_CATEGORY ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(1023), - TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (NAME, TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_RECEIPT_SP_ASSOC ( - ID INTEGER AUTO_INCREMENT, - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - SP_NAME VARCHAR(255) NOT NULL, - SP_DISPLAY_NAME VARCHAR(255), - SP_DESCRIPTION VARCHAR(255), - SP_TENANT_ID INTEGER DEFAULT '-1234', - UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_ASSOC ( - ID INTEGER AUTO_INCREMENT, - RECEIPT_SP_ASSOC INTEGER NOT NULL, - PURPOSE_ID INTEGER NOT NULL, - CONSENT_TYPE VARCHAR(255) NOT NULL, - IS_PRIMARY_PURPOSE INTEGER NOT NULL, - TERMINATION VARCHAR(255) NOT NULL, - THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, - THIRD_PARTY_NAME VARCHAR(255), - UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), - PRIMARY KEY (ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PURPOSE_CATEGORY_ID INTEGER NOT NULL, - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) - ); - - CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( - PURPOSE_ID INTEGER NOT NULL, - CM_PII_CATEGORY_ID INTEGER NOT NULL, - IS_MANDATORY INTEGER NOT NULL, - UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) - ); - - CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( - SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, - PII_CATEGORY_ID INTEGER NOT NULL, - VALIDITY VARCHAR(1023), - UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) - ); - - CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( - CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, - NAME VARCHAR(255) NOT NULL, - VALUE VARCHAR(1023) NOT NULL, - UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) - ); - - ALTER TABLE CM_RECEIPT_SP_ASSOC - ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_ASSOC - ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC - ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); - - ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC - ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); - - ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY - ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); - - INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, PURPOSE_GROUP, GROUP_TYPE, TENANT_ID) VALUES ('DEFAULT', 'For core functionalities of the product', 'DEFAULT', 'SP', '-1234'); - - INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); - -- End of CONSENT-MGT Tables -- - - -- Start of API-MGT Tables -- - CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER ( - SUBSCRIBER_ID INTEGER AUTO_INCREMENT, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EMAIL_ADDRESS VARCHAR(256) NULL, - DATE_SUBSCRIBED TIMESTAMP NOT NULL, - PRIMARY KEY (SUBSCRIBER_ID), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UNIQUE (TENANT_ID,USER_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION ( - APPLICATION_ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(100), - SUBSCRIBER_ID INTEGER, - APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited', - CALLBACK_URL VARCHAR(512), - DESCRIPTION VARCHAR(512), - APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED', - GROUP_ID VARCHAR(100), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - TOKEN_TYPE VARCHAR(10), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID), - UNIQUE (NAME,SUBSCRIBER_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API ( - API_ID INTEGER AUTO_INCREMENT, - API_UUID VARCHAR(256), - API_PROVIDER VARCHAR(200), - API_NAME VARCHAR(200), - API_VERSION VARCHAR(30), - CONTEXT VARCHAR(256), - CONTEXT_TEMPLATE VARCHAR(256), - API_TIER VARCHAR(256), - API_TYPE VARCHAR(10), - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - STATUS VARCHAR(30), - REVISIONS_CREATED INTEGER DEFAULT 0, - PRIMARY KEY(API_ID), - UNIQUE (API_PROVIDER,API_NAME,API_VERSION), - UNIQUE (API_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_REVISION_METADATA ( - API_UUID VARCHAR(64), - REVISION_UUID VARCHAR(64), - API_TIER VARCHAR(128), - UNIQUE (API_UUID,REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_GRAPHQL_COMPLEXITY ( - UUID VARCHAR(256), - API_ID INTEGER NOT NULL, - TYPE VARCHAR(256), - FIELD VARCHAR(256), - COMPLEXITY_VALUE INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY(UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING ( - URL_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - HTTP_METHOD VARCHAR(20) NULL, - AUTH_SCHEME VARCHAR(50) NULL, - URL_PATTERN VARCHAR(512) NULL, - THROTTLING_TIER varchar(512) DEFAULT NULL, - MEDIATION_SCRIPT BLOB, - REVISION_UUID VARCHAR(255), - PRIMARY KEY (URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RESOURCE_SCOPE_MAPPING ( - SCOPE_NAME VARCHAR(255) NOT NULL, - URL_MAPPING_ID INTEGER NOT NULL, - TENANT_ID INTEGER NOT NULL, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(SCOPE_NAME, URL_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SECURITY_AUDIT_UUID_MAPPING ( - API_ID INTEGER NOT NULL, - AUDIT_UUID VARCHAR(255) NOT NULL, - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (API_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_PRODUCT_MAPPING ( - API_PRODUCT_MAPPING_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - URL_MAPPING_ID INTEGER, - REVISION_UUID VARCHAR(255), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE, - FOREIGN KEY (URL_MAPPING_ID) REFERENCES AM_API_URL_MAPPING(URL_MAPPING_ID) ON DELETE CASCADE, - PRIMARY KEY(API_PRODUCT_MAPPING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION ( - SUBSCRIPTION_ID INTEGER AUTO_INCREMENT, - TIER_ID VARCHAR(50), - TIER_ID_PENDING VARCHAR(50), - API_ID INTEGER, - LAST_ACCESSED TIMESTAMP NULL, - APPLICATION_ID INTEGER, - SUB_STATUS VARCHAR(50), - SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE', - CREATED_BY VARCHAR(100), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UPDATED_BY VARCHAR(100), - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - UUID VARCHAR(256), - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (SUBSCRIPTION_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING ( - UUID VARCHAR(100), - APPLICATION_ID INTEGER, - CONSUMER_KEY VARCHAR(255), - KEY_TYPE VARCHAR(512) NOT NULL, - STATE VARCHAR(30) NOT NULL, - CREATE_MODE VARCHAR(30) DEFAULT 'CREATED', - KEY_MANAGER VARCHAR(100), - APP_INFO BLOB , - FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY(APPLICATION_ID,KEY_TYPE,KEY_MANAGER) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT ( - EVENT_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER NOT NULL, - PREVIOUS_STATE VARCHAR(50), - NEW_STATE VARCHAR(50) NOT NULL, - USER_ID VARCHAR(255) NOT NULL, - TENANT_ID INTEGER NOT NULL, - EVENT_DATE TIMESTAMP NOT NULL, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (EVENT_ID) - )ENGINE INNODB; - - CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING ( - CONSUMER_KEY VARCHAR(255), - AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL', - PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_COMMENTS ( - COMMENT_ID VARCHAR(64) NOT NULL, - COMMENT_TEXT VARCHAR(512), - CREATED_BY VARCHAR(255), - CREATED_TIME TIMESTAMP NOT NULL, - UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - API_ID INTEGER, - PARENT_COMMENT_ID VARCHAR(64) DEFAULT NULL, - ENTRY_POINT VARCHAR(20), - CATEGORY VARCHAR(20) DEFAULT 'general', - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID), - FOREIGN KEY(PARENT_COMMENT_ID) REFERENCES AM_API_COMMENTS(COMMENT_ID), - PRIMARY KEY (COMMENT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_RATINGS ( - RATING_ID VARCHAR(255) NOT NULL, - API_ID INTEGER, - RATING INTEGER, - SUBSCRIBER_ID INTEGER, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (RATING_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS ( - TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT, - TIER VARCHAR(50) NOT NULL, - PERMISSIONS_TYPE VARCHAR(50) NOT NULL, - ROLES VARCHAR(512) NOT NULL, - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY(TIER_PERMISSIONS_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES ( - APISTORE_ID INTEGER AUTO_INCREMENT, - API_ID INTEGER, - STORE_ID VARCHAR(255) NOT NULL, - STORE_DISPLAY_NAME VARCHAR(255) NOT NULL, - STORE_ENDPOINT VARCHAR(255) NOT NULL, - STORE_TYPE VARCHAR(255) NOT NULL, - LAST_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (APISTORE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WORKFLOWS( - WF_ID INTEGER AUTO_INCREMENT, - WF_REFERENCE VARCHAR(255) NOT NULL, - WF_TYPE VARCHAR(255) NOT NULL, - WF_STATUS VARCHAR(255) NOT NULL, - WF_CREATED_TIME TIMESTAMP, - WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP , - WF_STATUS_DESC VARCHAR(1000), - TENANT_ID INTEGER, - TENANT_DOMAIN VARCHAR(255), - WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL, - WF_METADATA BLOB DEFAULT NULL, - WF_PROPERTIES BLOB DEFAULT NULL, - PRIMARY KEY (WF_ID), - UNIQUE (WF_EXTERNAL_REFERENCE) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION ( - REG_ID INT AUTO_INCREMENT, - SUBSCRIBER_ID INT, - WF_REF VARCHAR(255) NOT NULL, - APP_ID INT, - TOKEN_TYPE VARCHAR(30), - TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default', - INPUTS VARCHAR(1000), - ALLOWED_DOMAINS VARCHAR(256), - VALIDITY_PERIOD BIGINT, - KEY_MANAGER VARCHAR(255) NOT NULL, - UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE,KEY_MANAGER), - FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT, - PRIMARY KEY (REG_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SHARED_SCOPE ( - NAME VARCHAR(255) NOT NULL, - UUID VARCHAR (256), - TENANT_ID INTEGER, - PRIMARY KEY (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION ( - DEFAULT_VERSION_ID INT AUTO_INCREMENT, - API_NAME VARCHAR(256) NOT NULL , - API_PROVIDER VARCHAR(256) NOT NULL , - DEFAULT_API_VERSION VARCHAR(30) , - PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) , - PRIMARY KEY (DEFAULT_VERSION_ID) - )ENGINE = INNODB; - - CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID); - - CREATE TABLE IF NOT EXISTS AM_MONETIZATION_USAGE ( - ID VARCHAR(100) NOT NULL, - STATE VARCHAR(50) NOT NULL, - STATUS VARCHAR(50) NOT NULL, - STARTED_TIME VARCHAR(50) NOT NULL, - PUBLISHED_TIME VARCHAR(50) NOT NULL, - PRIMARY KEY(ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES ( - ALERT_TYPE_ID INTEGER AUTO_INCREMENT, - ALERT_TYPE_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL, - PRIMARY KEY (ALERT_TYPE_ID) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_TYPES_VALUES ( - ALERT_TYPE_ID INTEGER, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (ALERT_TYPE_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST ( - EMAIL_LIST_ID INTEGER AUTO_INCREMENT, - USER_NAME VARCHAR(255) NOT NULL , - STAKE_HOLDER VARCHAR(100) NOT NULL , - PRIMARY KEY (EMAIL_LIST_ID,USER_NAME,STAKE_HOLDER) - )ENGINE = INNODB; - - CREATE TABLE IF NOT EXISTS AM_ALERT_EMAILLIST_DETAILS ( - EMAIL_LIST_ID INTEGER, - EMAIL VARCHAR(255), - PRIMARY KEY (EMAIL_LIST_ID,EMAIL) - )ENGINE = INNODB; - - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalResponseTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalBackendTime', 'publisher'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestsPerMin', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('AbnormalRequestPattern', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('UnusualIPAccess', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('FrequentTierLimitHitting', 'subscriber'); - INSERT INTO AM_ALERT_TYPES (ALERT_TYPE_NAME, STAKE_HOLDER) VALUES ('ApiHealthMonitor', 'publisher'); - - - - -- AM Throttling tables -- - - CREATE TABLE IF NOT EXISTS AM_POLICY_SUBSCRIPTION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - RATE_LIMIT_COUNT INT(11) NULL DEFAULT NULL, - RATE_LIMIT_TIME_UNIT VARCHAR(25) NULL DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - STOP_ON_QUOTA_REACH BOOLEAN NOT NULL DEFAULT 0, - BILLING_PLAN VARCHAR(20) NOT NULL, - UUID VARCHAR(256), - MONETIZATION_PLAN VARCHAR(25) NULL DEFAULT NULL, - FIXED_RATE VARCHAR(15) NULL DEFAULT NULL, - BILLING_CYCLE VARCHAR(15) NULL DEFAULT NULL, - PRICE_PER_REQUEST VARCHAR(15) NULL DEFAULT NULL, - CURRENCY VARCHAR(15) NULL DEFAULT NULL, - MAX_COMPLEXITY INT(11) NOT NULL DEFAULT 0, - MAX_DEPTH INT(11) NOT NULL DEFAULT 0, - CONNECTIONS_COUNT INT(11) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX AM_POLICY_SUBSCRIPTION_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_APPLICATION ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - CUSTOM_ATTRIBUTES BLOB DEFAULT NULL, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX APP_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE = InnoDB; - - CREATE TABLE IF NOT EXISTS AM_POLICY_HARD_THROTTLING ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - QUOTA_TYPE VARCHAR(25) NOT NULL, - QUOTA INT(11) NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INT(11) NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX POLICY_HARD_NAME_TENANT (NAME, TENANT_ID) - )ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_API_THROTTLE_POLICY ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - DISPLAY_NAME VARCHAR(512) NULL DEFAULT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR (1024), - DEFAULT_QUOTA_TYPE VARCHAR(25) NOT NULL, - DEFAULT_QUOTA INTEGER NOT NULL, - DEFAULT_QUOTA_UNIT VARCHAR(10) NULL, - DEFAULT_UNIT_TIME INTEGER NOT NULL, - DEFAULT_TIME_UNIT VARCHAR(25) NOT NULL, - APPLICABLE_LEVEL VARCHAR(25) NOT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE INDEX API_NAME_TENANT (NAME, TENANT_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_CONDITION_GROUP ( - CONDITION_GROUP_ID INTEGER NOT NULL AUTO_INCREMENT, - POLICY_ID INTEGER NOT NULL, - QUOTA_TYPE VARCHAR(25), - QUOTA INTEGER NOT NULL, - QUOTA_UNIT VARCHAR(10) NULL DEFAULT NULL, - UNIT_TIME INTEGER NOT NULL, - TIME_UNIT VARCHAR(25) NOT NULL, - DESCRIPTION VARCHAR (1024) NULL DEFAULT NULL, - PRIMARY KEY (CONDITION_GROUP_ID), - FOREIGN KEY (POLICY_ID) REFERENCES AM_API_THROTTLE_POLICY(POLICY_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_QUERY_PARAMETER_CONDITION ( - QUERY_PARAMETER_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - PARAMETER_NAME VARCHAR(255) DEFAULT NULL, - PARAMETER_VALUE VARCHAR(255) DEFAULT NULL, - IS_PARAM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (QUERY_PARAMETER_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_HEADER_FIELD_CONDITION ( - HEADER_FIELD_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - HEADER_FIELD_NAME VARCHAR(255) DEFAULT NULL, - HEADER_FIELD_VALUE VARCHAR(255) DEFAULT NULL, - IS_HEADER_FIELD_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (HEADER_FIELD_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_JWT_CLAIM_CONDITION ( - JWT_CLAIM_ID INTEGER NOT NULL AUTO_INCREMENT, - CONDITION_GROUP_ID INTEGER NOT NULL, - CLAIM_URI VARCHAR(512) DEFAULT NULL, - CLAIM_ATTRIB VARCHAR(1024) DEFAULT NULL, - IS_CLAIM_MAPPING BOOLEAN DEFAULT 1, - PRIMARY KEY (JWT_CLAIM_ID), - FOREIGN KEY (CONDITION_GROUP_ID) REFERENCES AM_CONDITION_GROUP(CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_IP_CONDITION ( - AM_IP_CONDITION_ID INT NOT NULL AUTO_INCREMENT, - STARTING_IP VARCHAR(45) NULL, - ENDING_IP VARCHAR(45) NULL, - SPECIFIC_IP VARCHAR(45) NULL, - WITHIN_IP_RANGE BOOLEAN DEFAULT 1, - CONDITION_GROUP_ID INT NULL, - PRIMARY KEY (AM_IP_CONDITION_ID), - INDEX fk_AM_IP_CONDITION_1_idx (CONDITION_GROUP_ID ASC), CONSTRAINT fk_AM_IP_CONDITION_1 FOREIGN KEY (CONDITION_GROUP_ID) - REFERENCES AM_CONDITION_GROUP (CONDITION_GROUP_ID) ON DELETE CASCADE ON UPDATE CASCADE) - ENGINE = InnoDB; - - - CREATE TABLE IF NOT EXISTS AM_POLICY_GLOBAL ( - POLICY_ID INT(11) NOT NULL AUTO_INCREMENT, - NAME VARCHAR(512) NOT NULL, - KEY_TEMPLATE VARCHAR(512) NOT NULL, - TENANT_ID INT(11) NOT NULL, - DESCRIPTION VARCHAR(1024) NULL DEFAULT NULL, - SIDDHI_QUERY BLOB DEFAULT NULL, - IS_DEPLOYED TINYINT(1) NOT NULL DEFAULT 0, - UUID VARCHAR(256), - PRIMARY KEY (POLICY_ID), - UNIQUE (UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS ( - THROTTLE_TIER_PERMISSIONS_ID INT NOT NULL AUTO_INCREMENT, - TIER VARCHAR(50) NULL, - PERMISSIONS_TYPE VARCHAR(50) NULL, - ROLES VARCHAR(512) NULL, - TENANT_ID INT(11) NULL, - PRIMARY KEY (THROTTLE_TIER_PERMISSIONS_ID)) - ENGINE = InnoDB; - - CREATE TABLE `AM_BLOCK_CONDITIONS` ( - `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT, - `TYPE` varchar(45) DEFAULT NULL, - `VALUE` varchar(512) DEFAULT NULL, - `ENABLED` varchar(45) DEFAULT NULL, - `DOMAIN` varchar(45) DEFAULT NULL, - `UUID` VARCHAR(256), - PRIMARY KEY (`CONDITION_ID`), - UNIQUE (`UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(255) NOT NULL, - `END_POINT` VARCHAR(255) NOT NULL, - `CERTIFICATE` BLOB DEFAULT NULL, - CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS `AM_API_CLIENT_CERTIFICATE` ( - `TENANT_ID` INT(11) NOT NULL, - `ALIAS` VARCHAR(45) NOT NULL, - `API_ID` INTEGER NOT NULL, - `CERTIFICATE` BLOB NOT NULL, - `REMOVED` BOOLEAN NOT NULL DEFAULT 0, - `TIER_NAME` VARCHAR (512), - `REVISION_UUID` VARCHAR(255) NOT NULL DEFAULT 'Current API', - FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE, - PRIMARY KEY (`ALIAS`, `TENANT_ID`, `REMOVED`, `REVISION_UUID`) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( - APPLICATION_ID INTEGER NOT NULL, - GROUP_ID VARCHAR(512) NOT NULL, - TENANT VARCHAR(255), - PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( - TENANT_DOMAIN varchar(255) NOT NULL, - FILE_NAME varchar(255) NOT NULL, - FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FILE_PROCESSED tinyint(1) DEFAULT FALSE, - FILE_CONTENT MEDIUMBLOB DEFAULT NULL, - PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( - ID INTEGER(11) NOT NULL AUTO_INCREMENT, - TENANT_DOMAIN VARCHAR(500) NOT NULL, - API_ID VARCHAR(500) NOT NULL, - EVENT_TIME TIMESTAMP NOT NULL, - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_APPLICATION_ATTRIBUTES ( - APPLICATION_ID int(11) NOT NULL, - NAME varchar(255) NOT NULL, - VALUE varchar(1024) NOT NULL, - TENANT_ID int(11) NOT NULL, - PRIMARY KEY (APPLICATION_ID,NAME), - FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION (APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SYSTEM_APPS ( - ID INTEGER AUTO_INCREMENT, - NAME VARCHAR(50) NOT NULL, - CONSUMER_KEY VARCHAR(512) NOT NULL, - CONSUMER_SECRET VARCHAR(512) NOT NULL, - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - TENANT_DOMAIN VARCHAR(255) DEFAULT 'carbon.super', - UNIQUE (CONSUMER_KEY), - PRIMARY KEY (ID) - ) ENGINE=InnoDB; - - -- BotDATA Email table -- - CREATE TABLE IF NOT EXISTS AM_NOTIFICATION_SUBSCRIBER ( - UUID VARCHAR(255), - CATEGORY VARCHAR(255), - NOTIFICATION_METHOD VARCHAR(255), - SUBSCRIBER_ADDRESS VARCHAR(255) NOT NULL, - PRIMARY KEY(UUID, SUBSCRIBER_ADDRESS) - ) ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVOKED_JWT ( - UUID VARCHAR(255) NOT NULL, - SIGNATURE VARCHAR(2048) NOT NULL, - EXPIRY_TIMESTAMP BIGINT NOT NULL, - TENANT_ID INTEGER DEFAULT -1, - TOKEN_TYPE VARCHAR(15) DEFAULT 'DEFAULT', - TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_CATEGORIES ( - UUID VARCHAR(50), - NAME VARCHAR(255), - DESCRIPTION VARCHAR(1024), - TENANT_ID INTEGER DEFAULT -1, - UNIQUE (NAME,TENANT_ID), - PRIMARY KEY (UUID) - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ) ENGINE=InnoDB; - - -- Tenant Themes Table -- - CREATE TABLE IF NOT EXISTS AM_TENANT_THEMES ( - TENANT_ID INTEGER NOT NULL, - THEME MEDIUMBLOB NOT NULL, - PRIMARY KEY (TENANT_ID) - ) ENGINE=InnoDB; - -- End of API-MGT Tables -- - - -- UMA tables -- - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_ID VARCHAR(255), - RESOURCE_NAME VARCHAR(255), - TIME_CREATED TIMESTAMP NOT NULL, - RESOURCE_OWNER_NAME VARCHAR(255), - CLIENT_ID VARCHAR(255), - TENANT_ID INTEGER DEFAULT -1234, - USER_DOMAIN VARCHAR(50), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_RID ON IDN_UMA_RESOURCE (RESOURCE_ID); - - CREATE INDEX IDX_USER ON IDN_UMA_RESOURCE (RESOURCE_OWNER_NAME, USER_DOMAIN); - - CREATE INDEX IDX_USER_RID ON IDN_UMA_RESOURCE (RESOURCE_ID, RESOURCE_OWNER_NAME(32), USER_DOMAIN, CLIENT_ID); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_META_DATA ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - PROPERTY_KEY VARCHAR(40), - PROPERTY_VALUE VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - RESOURCE_IDENTITY INTEGER NOT NULL, - SCOPE_NAME VARCHAR(255), - PRIMARY KEY (ID), - FOREIGN KEY (RESOURCE_IDENTITY) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE INDEX IDX_RS ON IDN_UMA_RESOURCE_SCOPE (SCOPE_NAME); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PERMISSION_TICKET ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT VARCHAR(255) NOT NULL, - TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - TICKET_STATE VARCHAR(25) DEFAULT 'ACTIVE', - TENANT_ID INTEGER DEFAULT -1234, - TOKEN_ID VARCHAR(255), - PRIMARY KEY (ID) - ); - - CREATE INDEX IDX_PT ON IDN_UMA_PERMISSION_TICKET (PT); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_ID) REFERENCES IDN_UMA_PERMISSION_TICKET (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_RESOURCE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS IDN_UMA_PT_RESOURCE_SCOPE ( - ID INTEGER AUTO_INCREMENT NOT NULL, - PT_RESOURCE_ID INTEGER NOT NULL, - PT_SCOPE_ID INTEGER NOT NULL, - PRIMARY KEY (ID), - FOREIGN KEY (PT_RESOURCE_ID) REFERENCES IDN_UMA_PT_RESOURCE (ID) ON DELETE CASCADE, - FOREIGN KEY (PT_SCOPE_ID) REFERENCES IDN_UMA_RESOURCE_SCOPE (ID) ON DELETE CASCADE - ); - - CREATE TABLE IF NOT EXISTS AM_USER ( - USER_ID VARCHAR(255) NOT NULL, - USER_NAME VARCHAR(255) NOT NULL, - PRIMARY KEY(USER_ID) - ); - - CREATE TABLE IF NOT EXISTS AM_KEY_MANAGER ( - UUID VARCHAR(50) NOT NULL, - NAME VARCHAR(100) NULL, - DISPLAY_NAME VARCHAR(100) NULL, - DESCRIPTION VARCHAR(256) NULL, - TYPE VARCHAR(45) NULL, - CONFIGURATION BLOB NULL, - ENABLED BOOLEAN DEFAULT 1, - TENANT_DOMAIN VARCHAR(100) NULL, - PRIMARY KEY (UUID), - UNIQUE (NAME,TENANT_DOMAIN) - ); - - -- AM_GW_PUBLISHED_API_DETAILS & AM_GW_API_ARTIFACTS are independent tables for Artifact synchronizer feature which -- - -- should not have any referential integrity constraints with other tables in AM database-- - CREATE TABLE IF NOT EXISTS AM_GW_PUBLISHED_API_DETAILS ( - API_ID varchar(255) NOT NULL, - TENANT_DOMAIN varchar(255), - API_PROVIDER varchar(255), - API_NAME varchar(255), - API_VERSION varchar(255), - API_TYPE varchar(50), - PRIMARY KEY (API_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_ARTIFACTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - ARTIFACT blob, - TIME_STAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (REVISION_ID, API_ID), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_GW_API_DEPLOYMENTS ( - API_ID VARCHAR(255) NOT NULL, - REVISION_ID VARCHAR(255) NOT NULL, - LABEL VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - PRIMARY KEY (REVISION_ID, API_ID,LABEL), - FOREIGN KEY (API_ID) REFERENCES AM_GW_PUBLISHED_API_DETAILS(API_ID) ON UPDATE CASCADE ON DELETE NO ACTION - ) ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE ( - SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT, - NAME VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(512), - TENANT_ID INTEGER NOT NULL DEFAULT -1, - SCOPE_TYPE VARCHAR(255) NOT NULL, - PRIMARY KEY (SCOPE_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_SCOPE_BINDING ( - SCOPE_ID INTEGER NOT NULL, - SCOPE_BINDING VARCHAR(255) NOT NULL, - BINDING_TYPE VARCHAR(255) NOT NULL, - FOREIGN KEY (SCOPE_ID) REFERENCES AM_SCOPE (SCOPE_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_REVISION ( - ID INTEGER NOT NULL, - API_UUID VARCHAR(256) NOT NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DESCRIPTION VARCHAR(255), - CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - CREATED_BY VARCHAR(255), - PRIMARY KEY (ID, API_UUID), - UNIQUE(REVISION_UUID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_DEPLOYMENT_REVISION_MAPPING ( - NAME VARCHAR(255) NOT NULL, - VHOST VARCHAR(255) NULL, - REVISION_UUID VARCHAR(255) NOT NULL, - DISPLAY_ON_DEVPORTAL BOOLEAN DEFAULT 0, - DEPLOYED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY (NAME, REVISION_UUID), - FOREIGN KEY (REVISION_UUID) REFERENCES AM_REVISION(REVISION_UUID) ON UPDATE CASCADE ON DELETE CASCADE - )ENGINE INNODB; - - -- Gateway Environments Table -- - CREATE TABLE IF NOT EXISTS AM_GATEWAY_ENVIRONMENT ( - ID INTEGER NOT NULL AUTO_INCREMENT, - UUID VARCHAR(45) NOT NULL, - NAME VARCHAR(255) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - DISPLAY_NAME VARCHAR(255) NULL, - DESCRIPTION VARCHAR(1023) NULL, - UNIQUE (NAME, TENANT_DOMAIN), - UNIQUE (UUID), - PRIMARY KEY (ID) - ); - - -- Virtual Hosts Table -- - CREATE TABLE IF NOT EXISTS AM_GW_VHOST ( - GATEWAY_ENV_ID INTEGER NOT NULL, - HOST VARCHAR(255) NOT NULL, - HTTP_CONTEXT VARCHAR(255) NULL, - HTTP_PORT VARCHAR(5) NOT NULL, - HTTPS_PORT VARCHAR(5) NOT NULL, - WS_PORT VARCHAR(5) NOT NULL, - WSS_PORT VARCHAR(5) NOT NULL, - FOREIGN KEY (GATEWAY_ENV_ID) REFERENCES AM_GATEWAY_ENVIRONMENT(ID) ON UPDATE CASCADE ON DELETE CASCADE, - PRIMARY KEY (GATEWAY_ENV_ID, HOST) - ); - - -- Service Catalog -- - CREATE TABLE IF NOT EXISTS AM_SERVICE_CATALOG ( - UUID VARCHAR(36) NOT NULL, - SERVICE_KEY VARCHAR(512) NOT NULL, - MD5 VARCHAR(100) NOT NULL, - SERVICE_NAME VARCHAR(255) NOT NULL, - SERVICE_VERSION VARCHAR(30) NOT NULL, - TENANT_ID INTEGER NOT NULL, - SERVICE_URL VARCHAR(2048) NOT NULL, - DEFINITION_TYPE VARCHAR(20), - DEFINITION_URL VARCHAR(2048), - DESCRIPTION VARCHAR(1024), - SECURITY_TYPE VARCHAR(50), - MUTUAL_SSL_ENABLED BOOLEAN DEFAULT 0, - CREATED_TIME TIMESTAMP NULL, - LAST_UPDATED_TIME TIMESTAMP NULL, - CREATED_BY VARCHAR(255), - UPDATED_BY VARCHAR(255), - SERVICE_DEFINITION BLOB NOT NULL, - PRIMARY KEY (UUID), - UNIQUE (SERVICE_NAME, SERVICE_VERSION, TENANT_ID), - UNIQUE (SERVICE_KEY, TENANT_ID) - )ENGINE=InnoDB; - - CREATE TABLE IF NOT EXISTS AM_API_SERVICE_MAPPING ( - API_ID INTEGER NOT NULL, - SERVICE_KEY VARCHAR(256) NOT NULL, - MD5 VARCHAR(100), - TENANT_ID INTEGER NOT NULL, - PRIMARY KEY (API_ID, SERVICE_KEY), - FOREIGN KEY (API_ID) REFERENCES AM_API(API_ID) ON DELETE CASCADE - )ENGINE=InnoDB; - - -- Webhooks -- - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_SUBSCRIPTION ( - WH_SUBSCRIPTION_ID INTEGER NOT NULL AUTO_INCREMENT, - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - UPDATED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - EXPIRY_AT BIGINT, - DELIVERED_AT TIMESTAMP NULL, - DELIVERY_STATE INTEGER NOT NULL DEFAULT 0, - PRIMARY KEY (WH_SUBSCRIPTION_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS AM_WEBHOOKS_UNSUBSCRIPTION ( - API_UUID VARCHAR(255) NOT NULL, - APPLICATION_ID VARCHAR(20) NOT NULL, - TENANT_DOMAIN VARCHAR(255) NOT NULL, - HUB_CALLBACK_URL VARCHAR(1024) NOT NULL, - HUB_TOPIC VARCHAR(255) NOT NULL, - HUB_SECRET VARCHAR(2048), - HUB_LEASE_SECONDS INTEGER, - ADDED_AT TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP - )ENGINE INNODB; - - -- Performance indexes start-- - - create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME); - create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE); - create index IDX_AAI_CTX on AM_API (CONTEXT); - create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY); - create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID); - create index IDX_AAPM_AI on AM_API_PRODUCT_MAPPING (API_ID); - create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER); - create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE); - create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE); - create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE); - create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID); - create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE); - create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY); - - -- Performance indexes end-- - - mysql_shared.sql: |- - DROP DATABASE IF EXISTS WSO2AM_SHARED_DB; - CREATE DATABASE WSO2AM_SHARED_DB; - GRANT ALL ON WSO2AM_SHARED_DB.* TO 'wso2carbon'@'%' IDENTIFIED BY 'wso2carbon'; - - USE WSO2AM_SHARED_DB; - CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK ( - REG_LOCK_NAME VARCHAR (20), - REG_LOCK_STATUS VARCHAR (20), - REG_LOCKED_TIME TIMESTAMP, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOCK_NAME) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_LOG ( - REG_LOG_ID INTEGER AUTO_INCREMENT, - REG_PATH VARCHAR (750), - REG_USER_ID VARCHAR (255) NOT NULL, - REG_LOGGED_TIME TIMESTAMP NOT NULL, - REG_ACTION INTEGER NOT NULL, - REG_ACTION_DATA VARCHAR (500), - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_LOG_IND_BY_REGLOG USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); - - -- The REG_PATH_VALUE should be less than 767 bytes, and hence was fixed at 750. - -- See CARBON-5917. - - CREATE TABLE IF NOT EXISTS REG_PATH( - REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_VALUE VARCHAR(750) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL, - REG_PATH_PARENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID), - CONSTRAINT UNIQUE_REG_PATH_TENANT_ID UNIQUE (REG_PATH_VALUE,REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_PATH_IND_BY_PATH_PARENT_ID USING HASH ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_CONTENT ( - REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_CONTENT_DATA LONGBLOB, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY ( - REG_CONTENT_ID INTEGER NOT NULL, - REG_CONTENT_DATA LONGBLOB, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL AUTO_INCREMENT, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE ADD CONSTRAINT REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_NAME USING HASH ON REG_RESOURCE(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TENAN USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); - CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY ( - REG_PATH_ID INTEGER NOT NULL, - REG_NAME VARCHAR(256), - REG_VERSION INTEGER NOT NULL, - REG_MEDIA_TYPE VARCHAR(500), - REG_CREATOR VARCHAR(255) NOT NULL, - REG_CREATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_LAST_UPDATOR VARCHAR(255), - REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - REG_DESCRIPTION VARCHAR(1000), - REG_CONTENT_ID INTEGER, - REG_DELETED SMALLINT, - REG_TENANT_ID INTEGER DEFAULT 0, - REG_UUID VARCHAR(100) NOT NULL, - CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID) - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_NAME USING HASH ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME USING HASH ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_COMMENT ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_COMMENT_TEXT VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_COMMENTED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT ( - REG_COMMENT_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_COMMENT_IND_BY_VERSION USING HASH ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_RATING ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_RATING INTEGER NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_RATED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING ( - REG_RATING_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_RATING_IND_BY_VERSION USING HASH ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID); - - - CREATE TABLE IF NOT EXISTS REG_TAG ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_TAG_NAME VARCHAR(500) NOT NULL, - REG_USER_ID VARCHAR(255) NOT NULL, - REG_TAGGED_TIME TIMESTAMP NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG ( - REG_TAG_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_TAG_IND_BY_VERSION USING HASH ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID); - - CREATE TABLE IF NOT EXISTS REG_PROPERTY ( - REG_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_NAME VARCHAR(100) NOT NULL, - REG_VALUE VARCHAR(1000), - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY ( - REG_PROPERTY_ID INTEGER NOT NULL, - REG_VERSION INTEGER, - REG_PATH_ID INTEGER, - REG_RESOURCE_NAME VARCHAR(256), - REG_TENANT_ID INTEGER DEFAULT 0 - )ENGINE INNODB; - - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - CREATE INDEX REG_RESOURCE_PROPERTY_IND_BY_VERSION USING HASH ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID); - - -- CREATE TABLE IF NOT EXISTS REG_ASSOCIATIONS ( - -- SRC_PATH_ID INTEGER, - -- SRC_RESOURCE_NAME VARCHAR(256), - -- SRC_VERSION INTEGER, - -- TGT_PATH_ID INTEGER, - -- TGT_RESOURCE_NAME VARCHAR(256), - -- TGT_VERSION INTEGER - -- )ENGINE INNODB; - -- - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_SRC_PATH_ID FOREIGN KEY (SRC_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- ALTER TABLE REG_ASSOCIATIONS ADD CONSTRAINT REG_ASSOCIATIONS_FK_BY_TGT_PATH_ID FOREIGN KEY (TGT_PATH_ID) REFERENCES REG_PATH (PATH_ID); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_VERSION ON REG_ASSOCIATIONS(SRC_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_VERSION ON REG_ASSOCIATIONS(TGT_VERSION); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_SRC_RESOURCE_NAME ON REG_ASSOCIATIONS(SRC_RESOURCE_NAME); - -- CREATE INDEX REG_ASSOCIATIONS_IND_BY_TGT_RESOURCE_NAME ON REG_ASSOCIATIONS(TGT_RESOURCE_NAME); - - - - CREATE TABLE IF NOT EXISTS REG_ASSOCIATION ( - REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT, - REG_SOURCEPATH VARCHAR (750) NOT NULL, - REG_TARGETPATH VARCHAR (750) NOT NULL, - REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS REG_SNAPSHOT ( - REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT, - REG_PATH_ID INTEGER NOT NULL, - REG_RESOURCE_NAME VARCHAR(255), - REG_RESOURCE_VIDS LONGBLOB NOT NULL, - REG_TENANT_ID INTEGER DEFAULT 0, - CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME USING HASH ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID); - - ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID); - - - -- ################################ - -- USER MANAGER TABLES - -- ################################ - - CREATE TABLE UM_TENANT ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_TENANT_UUID VARCHAR(36) NOT NULL, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_EMAIL VARCHAR(255), - UM_ACTIVE BOOLEAN DEFAULT FALSE, - UM_CREATED_DATE TIMESTAMP NOT NULL, - UM_USER_CONFIG LONGBLOB, - PRIMARY KEY (UM_ID), - UNIQUE(UM_DOMAIN_NAME), - UNIQUE(UM_TENANT_UUID) - )ENGINE INNODB; - - CREATE TABLE UM_DOMAIN( - UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DOMAIN_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID), - UNIQUE(UM_DOMAIN_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE UNIQUE INDEX INDEX_UM_TENANT_UM_DOMAIN_NAME - ON UM_TENANT (UM_DOMAIN_NAME); - - CREATE TABLE UM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_USER_PASSWORD VARCHAR(255) NOT NULL, - UM_SALT_VALUE VARCHAR(31), - UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE, - UM_CHANGED_TIME TIMESTAMP NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_USER_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_SHARED_ROLE BOOLEAN DEFAULT FALSE, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_MODULE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_MODULE_NAME VARCHAR(100), - UNIQUE(UM_MODULE_NAME), - PRIMARY KEY(UM_ID) - )ENGINE INNODB; - - CREATE TABLE UM_MODULE_ACTIONS( - UM_ACTION VARCHAR(255) NOT NULL, - UM_MODULE_ID INTEGER NOT NULL, - PRIMARY KEY(UM_ACTION, UM_MODULE_ID), - FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_RESOURCE_ID VARCHAR(255) NOT NULL, - UM_ACTION VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_MODULE_ID INTEGER DEFAULT 0, - UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID); - - CREATE TABLE UM_ROLE_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_PERMISSION_ID, UM_ROLE_NAME, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_ROLE_ID) - CREATE TABLE UM_USER_PERMISSION ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PERMISSION_ID INTEGER NOT NULL, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_IS_ALLOWED SMALLINT NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - -- REMOVED UNIQUE (UM_PERMISSION_ID, UM_USER_ID) - CREATE TABLE UM_USER_ROLE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID), - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SHARED_USER_ROLE( - UM_ROLE_ID INTEGER NOT NULL, - UM_USER_ID INTEGER NOT NULL, - UM_USER_TENANT_ID INTEGER NOT NULL, - UM_ROLE_TENANT_ID INTEGER NOT NULL, - UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID), - FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE TABLE UM_ACCOUNT_MAPPING( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER NOT NULL, - UM_USER_STORE_DOMAIN VARCHAR(100), - UM_ACC_LINK_ID INTEGER NOT NULL, - UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID), - FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_USER_ATTRIBUTE ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ATTR_NAME VARCHAR(255) NOT NULL, - UM_ATTR_VALUE VARCHAR(1024), - UM_PROFILE_ID VARCHAR(255), - UM_USER_ID INTEGER, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID); - - CREATE INDEX UM_ATTR_NAME_VALUE_INDEX ON UM_USER_ATTRIBUTE(UM_ATTR_NAME, UM_ATTR_VALUE(512)); - - CREATE TABLE UM_DIALECT( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_URI VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_URI, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_CLAIM( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_CLAIM_URI VARCHAR(255) NOT NULL, - UM_DISPLAY_TAG VARCHAR(255), - UM_DESCRIPTION VARCHAR(255), - UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255), - UM_MAPPED_ATTRIBUTE VARCHAR(255), - UM_REG_EX VARCHAR(255), - UM_SUPPORTED SMALLINT, - UM_REQUIRED SMALLINT, - UM_DISPLAY_ORDER INTEGER, - UM_CHECKED_ATTRIBUTE SMALLINT, - UM_READ_ONLY SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI, UM_TENANT_ID,UM_MAPPED_ATTRIBUTE_DOMAIN), - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_PROFILE_CONFIG( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_DIALECT_ID INTEGER NOT NULL, - UM_PROFILE_NAME VARCHAR(255), - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_CLAIM_BEHAVIOR( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_PROFILE_ID INTEGER, - UM_CLAIM_ID INTEGER, - UM_BEHAVIOUR SMALLINT, - UM_TENANT_ID INTEGER DEFAULT 0, - FOREIGN KEY(UM_PROFILE_ID, UM_TENANT_ID) REFERENCES UM_PROFILE_CONFIG(UM_ID,UM_TENANT_ID), - FOREIGN KEY(UM_CLAIM_ID, UM_TENANT_ID) REFERENCES UM_CLAIM(UM_ID,UM_TENANT_ID), - PRIMARY KEY(UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE INDEX UM_ROLE_NAME_IND ON UM_HYBRID_ROLE(UM_ROLE_NAME); - - CREATE TABLE UM_HYBRID_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_HYBRID_GROUP_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_GROUP_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UM_DOMAIN_ID INTEGER, - UNIQUE (UM_GROUP_NAME, UM_ROLE_ID, UM_TENANT_ID, UM_DOMAIN_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE, - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_ROLE_NAME VARCHAR(255) NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID), - UNIQUE(UM_ROLE_NAME,UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE UM_SYSTEM_USER_ROLE( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255), - UM_ROLE_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID), - FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID), - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - - CREATE TABLE UM_HYBRID_REMEMBER_ME( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_NAME VARCHAR(255) NOT NULL, - UM_COOKIE_VALUE VARCHAR(1024), - UM_CREATED_TIME TIMESTAMP, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID, UM_TENANT_ID) - )ENGINE INNODB; - - CREATE TABLE IF NOT EXISTS UM_UUID_DOMAIN_MAPPER ( - UM_ID INTEGER NOT NULL AUTO_INCREMENT, - UM_USER_ID VARCHAR(255) NOT NULL, - UM_DOMAIN_ID INTEGER NOT NULL, - UM_TENANT_ID INTEGER DEFAULT 0, - PRIMARY KEY (UM_ID), - UNIQUE (UM_USER_ID), - FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE - )ENGINE INNODB; - - CREATE INDEX UUID_DM_UID_TID ON UM_UUID_DOMAIN_MAPPER(UM_USER_ID, UM_TENANT_ID); - - ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml deleted file mode 100644 index 66339611..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-deployment.yaml +++ /dev/null @@ -1,61 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2apim-mysql-deployment - namespace: wso2 -spec: - replicas: 1 - selector: - matchLabels: - deployment: wso2apim-mysql - product: api-manager - template: - metadata: - labels: - deployment: wso2apim-mysql - product: api-manager - spec: - containers: - - name: wso2apim-mysql - # image: mysql:5.7 - image: 192.168.1.5:5000/mysql:5.7 - livenessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - readinessProbe: - exec: - command: - - sh - - -c - - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" - initialDelaySeconds: 60 - periodSeconds: 10 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 999 - env: - - name: MYSQL_ROOT_PASSWORD - value: root - - name: MYSQL_USER - value: wso2carbon - - name: MYSQL_PASSWORD - value: wso2carbon - ports: - - containerPort: 3306 - protocol: TCP - volumeMounts: - - name: wso2apim-mysql-dbscripts - mountPath: /docker-entrypoint-initdb.d - args: ["--max-connections", "10000"] - volumes: - - name: wso2apim-mysql-dbscripts - configMap: - name: wso2apim-mysql-dbscripts - serviceAccountName: "wso2am-pattern-1-svc-account" ---- diff --git a/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml b/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml deleted file mode 100644 index 87d4e574..00000000 --- a/simple/kubernetes-apim-mysql/wso2apim-mysql-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2apim-rdbms-service-mysql - namespace: wso2 -spec: - type: ClusterIP - selector: - deployment: wso2apim-mysql - product: api-manager - ports: - - name: mysql-port - port: 3306 - targetPort: 3306 - protocol: TCP ---- diff --git a/simple/kubernetes-apim/wso2apim-conf.yaml b/simple/kubernetes-apim/wso2apim-conf.yaml deleted file mode 100644 index 704eceb2..00000000 --- a/simple/kubernetes-apim/wso2apim-conf.yaml +++ /dev/null @@ -1,266 +0,0 @@ - -apiVersion: v1 -kind: ConfigMap -metadata: - name: wso2am-pattern-1-am-1-conf - namespace: wso2 -data: - deployment.toml: | - - [server] - hostname = ""ip.node.k8s.&.wso2.apim"" - #offset=0 - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2apim-rdbms-service-mysql:3306/WSO2AM_SHARED_DB?autoReconnect=true&useSSL=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Default" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://localhost:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://"ip.node.k8s.&.wso2.apim":9099" - wss_endpoint = "wss://"ip.node.k8s.&.wso2.apim":8099" - http_endpoint = "http://"ip.node.k8s.&.wso2.apim":30280" - https_endpoint = "https://"ip.node.k8s.&.wso2.apim":30243" - websub_event_receiver_http_endpoint = "http://"ip.node.k8s.&.wso2.apim":9021" - websub_event_receiver_https_endpoint = "https://"ip.node.k8s.&.wso2.apim":8021" - - [apim.sync_runtime_artifacts.gateway] - gateway_labels =["Default"] - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = false - config_endpoint = "https://localhost:8080/auth/v1" - auth_token = "" - - #[apim.key_manager] - #service_url = "https://localhost:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - #[apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://"ip.node.k8s.&.wso2.apim":30443/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - #enable_cross_tenant_subscriptions = true - #default_reserved_username = "apim_reserved_user" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] - allow_credentials = false - - #[apim.throttling] - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - #throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "loadbalance" - - #[[apim.throttling.url_group]] - #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] - #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] - #type = "failover" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 30443 ---- diff --git a/simple/kubernetes-apim/wso2apim-deployment.yaml b/simple/kubernetes-apim/wso2apim-deployment.yaml deleted file mode 100644 index 4587a26a..00000000 --- a/simple/kubernetes-apim/wso2apim-deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wso2am-pattern-1-am-1-deployment - namespace: wso2 -spec: - replicas: 1 - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - selector: - matchLabels: - deployment: wso2am-pattern-1-am - product: api-manager - template: - metadata: - labels: - deployment: wso2am-pattern-1-am - product: api-manager - spec: - hostAliases: - - ip: "127.0.0.1" - hostnames: - - "wso2apim" - initContainers: - - name: init-db - image: busybox:1.31 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z wso2apim-rdbms-service-mysql 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-download-mysql-connector - image: busybox:1.31 - command: - - /bin/sh - - "-c" - - | - set -e - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.17/mysql-connector-java-8.0.17.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - containers: - - name: wso2am-pattern-1-am - # image: "$image.pull.@.wso2"/wso2am:3.2.0 - image: 192.168.1.5:5000/wso2am:4.0.0-rc - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: 250 - periodSeconds: 10 - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: 1Gi - cpu: 1000m - limits: - memory: 2Gi - cpu: 2000m - imagePullPolicy: Always - ports: - - - containerPort: 8280 - protocol: "TCP" - - - containerPort: 8243 - protocol: "TCP" - - - containerPort: 9763 - protocol: "TCP" - - - containerPort: 9443 - protocol: "TCP" - env: - - name: HOST_NAME - value: "wso2apim" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: wso2am-pattern-1-am-1-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - serviceAccountName: wso2am-pattern-1-svc-account - imagePullSecrets: - - name: wso2am-pattern-1-creds - volumes: - - name: wso2am-pattern-1-am-1-conf - configMap: - name: wso2am-pattern-1-am-1-conf - - name: mysql-connector-jar - emptyDir: {} ---- diff --git a/simple/kubernetes-apim/wso2apim-service.yaml b/simple/kubernetes-apim/wso2apim-service.yaml deleted file mode 100644 index 1883aa05..00000000 --- a/simple/kubernetes-apim/wso2apim-service.yaml +++ /dev/null @@ -1,39 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: wso2am-pattern-1-am-1-service - namespace: wso2 -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: wso2am-pattern-1-am - product: api-manager - type: NodePort - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - targetPort: 8280 - nodePort: 30280 - - - name: pass-through-https - protocol: TCP - port: 8243 - targetPort: 8243 - nodePort: 30243 - - - name: servlet-http - protocol: TCP - port: 9763 - targetPort: 9763 - nodePort: 30763 - - - name: servlet-https - protocol: TCP - port: 9443 - targetPort: 9443 - nodePort: 30443 ---- diff --git a/simple/kubernetes-basics/namespace.yaml b/simple/kubernetes-basics/namespace.yaml deleted file mode 100644 index 4fbbbc50..00000000 --- a/simple/kubernetes-basics/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ - -apiVersion: v1 -kind: Namespace -metadata: - name: wso2 ---- diff --git a/simple/kubernetes-basics/secrets.yaml b/simple/kubernetes-basics/secrets.yaml deleted file mode 100644 index 3a46929e..00000000 --- a/simple/kubernetes-basics/secrets.yaml +++ /dev/null @@ -1,10 +0,0 @@ - -apiVersion: v1 -kind: Secret -metadata: - name: wso2am-pattern-1-creds - namespace: wso2 -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "k8s.apim.&.auth.wso2" ---- diff --git a/simple/kubernetes-basics/svcaccount.yaml b/simple/kubernetes-basics/svcaccount.yaml deleted file mode 100644 index 0afeee3c..00000000 --- a/simple/kubernetes-basics/svcaccount.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wso2am-pattern-1-svc-account - namespace: wso2 ---- From 0d395905f0809e574abb8d2287f626f8e651fce3 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Mon, 3 May 2021 16:45:46 +0530 Subject: [PATCH 03/34] Remove Analytics related templates --- ...-pattern-3-am-analytics-dashboard-bin.yaml | 330 ---------- ...pattern-3-am-analytics-dashboard-conf.yaml | 444 ------------- ...n-3-am-analytics-dashboard-deployment.yaml | 126 ---- ...tern-3-am-analytics-dashboard-ingress.yaml | 35 -- ...tern-3-am-analytics-dashboard-service.yaml | 28 - ...2am-pattern-3-am-analytics-worker-bin.yaml | 330 ---------- ...am-pattern-3-am-analytics-worker-conf.yaml | 583 ------------------ ...-am-analytics-worker-headless-service.yaml | 32 - ...pattern-3-am-analytics-worker-service.yaml | 31 - ...ern-3-am-analytics-worker-statefulset.yaml | 129 ---- 10 files changed, 2068 deletions(-) delete mode 100644 advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 238f2fb8..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml deleted file mode 100644 index ea028036..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,444 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.analytics.dashboard.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service:9443 - devPortalUrl: https://{{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{- end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index 314abdca..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-am-publisher - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager Publisher deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager Publisher service has started";'] - - name: init-am-devportal - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager DevPortal deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager DevPortal service has started";'] - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 8 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9643 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml deleted file mode 100644 index 7cb24f15..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-ingress - namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} - annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} -{{- end }} -spec: - tls: - - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 diff --git a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml b/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml deleted file mode 100644 index 0388cd02..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/dashboard/wso2am-pattern-3-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml deleted file mode 100644 index d0671d5d..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml deleted file mode 100644 index 3d8f2cfa..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{- end }} diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml deleted file mode 100644 index dd6c8f8b..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift' - port: 7612 - protocol: TCP - - name: 'thrift-ssl' - port: 7712 - protocol: TCP diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml deleted file mode 100644 index 3aa6bf45..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - name: 'rest-api-port-1' - protocol: TCP - port: 7444 diff --git a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 8ce11630..00000000 --- a/advanced/am-pattern-3/templates/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-3-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} From 169fe598b191b4a9c6fb8d7fa49d976f74ca8997 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Tue, 4 May 2021 15:48:55 +0530 Subject: [PATCH 04/34] Add initial control-plane confs --- ...so2am-pattern-3-am-control-plane-conf.yaml | 267 ++++++++++++++++++ ...so2am-pattern-3-am-control-plane-conf.yaml | 267 ++++++++++++++++++ 2 files changed, 534 insertions(+) create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml new file mode 100644 index 00000000..a5e75a31 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml @@ -0,0 +1,267 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-conf + namespace : {{ .Release.Namespace }} + {{ if .Values.wso2.deployment.am.cp.config }} +data: + {{- range $index, $content := .Values.wso2.deployment.am.cp.config }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} + + {{ else }} +data: + deployment.toml: |- + [server] + hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}" + #offset=0 + base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" + #discard_empty_caches = false + server_role = "control-plane" + + [super_admin] + username = "admin" + password = "admin" + create_admin_account = true + + [user_store] + type = "database_unique_id" + + [database.apim_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [database.shared_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [keystore.tls] + file_name = "wso2carbon.jks" + type = "JKS" + password = "wso2carbon" + alias = "wso2carbon" + key_password = "wso2carbon" + + #[keystore.primary] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + #[keystore.internal] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + [[apim.gateway.environment]] + name = "Default" + type = "hybrid" + display_in_api_console = true + description = "This is a hybrid gateway that handles both production and sandbox token traffic." + show_as_token_endpoint_url = true + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" + username= "${admin.username}" + password= "${admin.password}" + ws_endpoint = "ws://localhost:9099" + wss_endpoint = "wss://localhost:8099" + http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + + + #[apim.cache.gateway_token] + #enable = true + #expiry_time = "900s" + + #[apim.cache.resource] + #enable = true + #expiry_time = "900s" + + #[apim.cache.km_token] + #enable = false + #expiry_time = "15m" + + #[apim.cache.recent_apis] + #enable = false + + #[apim.cache.scopes] + #enable = true + + #[apim.cache.publisher_roles] + #enable = true + + #[apim.cache.jwt_claim] + #enable = true + #expiry_time = "15m" + + #[apim.cache.tags] + #expiry_time = "2m" + + [apim.key_manager] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #pool.init_idle_capacity = 50 + #pool.max_idle = 100 + #key_validation_handler_type = "default" + #key_validation_handler_type = "custom" + #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + + #[apim.oauth_config] + #enable_outbound_auth_header = false + #auth_header = "Authorization" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" + #enable_token_encryption = false + #enable_token_hashing = false + + [apim.devportal] + url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal" + #enable_application_sharing = false + #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl + #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api + #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" + #display_multiple_versions = false + #display_deprecated_apis = false + #enable_comments = true + #enable_ratings = true + #enable_forum = true + #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" + + [apim.cors] + allow_origins = "*" + allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] + allow_credentials = false + + [apim.throttling] + event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + #enable_data_publishing = true + #enable_policy_deploy = true + #enable_blacklist_condition = true + #enable_persistence = true + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] + + [[apim.throttling.url_group]] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] + type = "loadbalance" + + [[apim.throttling.url_group]] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] + type = "loadbalance" + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + + #[apim.workflow] + #enable = false + #service_url = "https://localhost:9445/bpmn" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" + #token_endpoint = "https://localhost:${https.nio.port}/token" + #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" + #client_registration_username = "$ref{super_admin.username}" + #client_registration_password = "$ref{super_admin.password}" + + #data bridge config + #[transport.receiver] + #type = "binary" + #worker_threads = 10 + #session_timeout = "30m" + #keystore.file_name = "$ref{keystore.tls.file_name}" + #keystore.password = "$ref{keystore.tls.password}" + #tcp_port = 9611 + #ssl_port = 9711 + #ssl_receiver_thread_pool_size = 100 + #tcp_receiver_thread_pool_size = 100 + #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] + #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + + #[apim.notification] + #from_address = "APIM.com" + #username = "APIM" + #password = "APIM+123" + #hostname = "localhost" + #port = 3025 + #enable_start_tls = false + #enable_authentication = true + + #[apim.token.revocation] + #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" + #enable_realtime_notifier = true + #realtime_notifier.ttl = 5000 + #enable_persistent_notifier = true + #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" + #persistent_notifier.ttl = 5000 + #persistent_notifier.username = "root" + #persistent_notifier.password = "root" + + [[event_handler]] + name="userPostSelfRegistration" + subscriptions=["POST_ADD_USER"] + + [service_provider] + sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + + [[event_listener]] + id = "token_revocation" + type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" + name = "org.wso2.is.notification.ApimOauthEventInterceptor" + order = 1 + [event_listener.properties] + notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" + username = "${admin.username}" + password = "${admin.password}" + 'header.X-WSO2-KEY-MANAGER' = "default" + + [transport.https.properties] + proxyPort = 443 + + [[apim.event_hub.publish.url_group]] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] + + [[apim.event_hub.publish.url_group]] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] + + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + [database.local] + url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + + [indexing] + location = "/home/wso2carbon/solr/indexed-data" + {{ else }} + [database.local] + url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + {{ end }} diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml new file mode 100644 index 00000000..da69f592 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml @@ -0,0 +1,267 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-conf + namespace : {{ .Release.Namespace }} + {{ if .Values.wso2.deployment.am.cp.config }} +data: + {{- range $index, $content := .Values.wso2.deployment.am.cp.config }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} + + {{ else }} +data: + deployment.toml: |- + [server] + hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}" + #offset=0 + base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" + #discard_empty_caches = false + server_role = "control-plane" + + [super_admin] + username = "admin" + password = "admin" + create_admin_account = true + + [user_store] + type = "database_unique_id" + + [database.apim_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [database.shared_db] + type = "mysql" + url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" + username = "wso2carbon" + password = "wso2carbon" + driver = "com.mysql.cj.jdbc.Driver" + + [keystore.tls] + file_name = "wso2carbon.jks" + type = "JKS" + password = "wso2carbon" + alias = "wso2carbon" + key_password = "wso2carbon" + + #[keystore.primary] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + #[keystore.internal] + #file_name = "wso2carbon.jks" + #type = "JKS" + #password = "wso2carbon" + #alias = "wso2carbon" + #key_password = "wso2carbon" + + [[apim.gateway.environment]] + name = "Default" + type = "hybrid" + display_in_api_console = true + description = "This is a hybrid gateway that handles both production and sandbox token traffic." + show_as_token_endpoint_url = true + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" + username= "${admin.username}" + password= "${admin.password}" + ws_endpoint = "ws://localhost:9099" + wss_endpoint = "wss://localhost:8099" + http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + + + #[apim.cache.gateway_token] + #enable = true + #expiry_time = "900s" + + #[apim.cache.resource] + #enable = true + #expiry_time = "900s" + + #[apim.cache.km_token] + #enable = false + #expiry_time = "15m" + + #[apim.cache.recent_apis] + #enable = false + + #[apim.cache.scopes] + #enable = true + + #[apim.cache.publisher_roles] + #enable = true + + #[apim.cache.jwt_claim] + #enable = true + #expiry_time = "15m" + + #[apim.cache.tags] + #expiry_time = "2m" + + [apim.key_manager] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #pool.init_idle_capacity = 50 + #pool.max_idle = 100 + #key_validation_handler_type = "default" + #key_validation_handler_type = "custom" + #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + + #[apim.oauth_config] + #enable_outbound_auth_header = false + #auth_header = "Authorization" + #revoke_endpoint = "https://localhost:${https.nio.port}/revoke" + #enable_token_encryption = false + #enable_token_hashing = false + + [apim.devportal] + url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal" + #enable_application_sharing = false + #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl + #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api + #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" + #display_multiple_versions = false + #display_deprecated_apis = false + #enable_comments = true + #enable_ratings = true + #enable_forum = true + #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" + + [apim.cors] + allow_origins = "*" + allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] + allow_credentials = false + + [apim.throttling] + event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + #enable_data_publishing = true + #enable_policy_deploy = true + #enable_blacklist_condition = true + #enable_persistence = true + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] + + [[apim.throttling.url_group]] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] + type = "loadbalance" + + [[apim.throttling.url_group]] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] + type = "loadbalance" + + #[[apim.throttling.url_group]] + #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] + #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] + #type = "failover" + + #[apim.workflow] + #enable = false + #service_url = "https://localhost:9445/bpmn" + #username = "$ref{super_admin.username}" + #password = "$ref{super_admin.password}" + #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" + #token_endpoint = "https://localhost:${https.nio.port}/token" + #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" + #client_registration_username = "$ref{super_admin.username}" + #client_registration_password = "$ref{super_admin.password}" + + #data bridge config + #[transport.receiver] + #type = "binary" + #worker_threads = 10 + #session_timeout = "30m" + #keystore.file_name = "$ref{keystore.tls.file_name}" + #keystore.password = "$ref{keystore.tls.password}" + #tcp_port = 9611 + #ssl_port = 9711 + #ssl_receiver_thread_pool_size = 100 + #tcp_receiver_thread_pool_size = 100 + #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] + #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + + #[apim.notification] + #from_address = "APIM.com" + #username = "APIM" + #password = "APIM+123" + #hostname = "localhost" + #port = 3025 + #enable_start_tls = false + #enable_authentication = true + + #[apim.token.revocation] + #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" + #enable_realtime_notifier = true + #realtime_notifier.ttl = 5000 + #enable_persistent_notifier = true + #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" + #persistent_notifier.ttl = 5000 + #persistent_notifier.username = "root" + #persistent_notifier.password = "root" + + [[event_handler]] + name="userPostSelfRegistration" + subscriptions=["POST_ADD_USER"] + + [service_provider] + sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + + [[event_listener]] + id = "token_revocation" + type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" + name = "org.wso2.is.notification.ApimOauthEventInterceptor" + order = 1 + [event_listener.properties] + notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" + username = "${admin.username}" + password = "${admin.password}" + 'header.X-WSO2-KEY-MANAGER' = "default" + + [transport.https.properties] + proxyPort = 443 + + [[apim.event_hub.publish.url_group]] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] + + [[apim.event_hub.publish.url_group]] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] + + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + [database.local] + url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + + [indexing] + location = "/home/wso2carbon/solr/indexed-data" + {{ else }} + [database.local] + url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + {{ end }} From 4d1f55298b7afce25a052eacc7ca40f68c62d83e Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Tue, 4 May 2021 16:53:31 +0530 Subject: [PATCH 05/34] Add deployment configs for control-plane --- ...pattern-3-am-control-plane-deployment.yaml | 148 ++++++++++++++++++ ...pattern-3-am-control-plane-deployment.yaml | 148 ++++++++++++++++++ 2 files changed, 296 insertions(+) create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml new file mode 100644 index 00000000..f17d67b9 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -0,0 +1,148 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-deployment + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 + template: + metadata: + annotations: + checksum.am.conf: {{ include (print $.Template.BasePath "/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml") . | sha256sum }} + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 + spec: + initContainers: + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: init-mysql-db + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] + - name: init-mysql-connector-download + image: busybox:1.32 + command: + - /bin/sh + - "-c" + - | + set -e + connector_version=8.0.17 + wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ + volumeMounts: + - name: mysql-connector-jar + mountPath: /mysql-connector-jar + {{ end }} + containers: + - name: wso2am +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} + imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.periodSeconds }} + readinessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.periodSeconds }} + lifecycle: + preStop: + exec: + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] + resources: + requests: + memory: {{ .Values.wso2.deployment.am.cp.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.am.cp.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.limits.cpu }} + securityContext: + runAsUser: 802 + ports: + - containerPort: 9763 + protocol: "TCP" + - containerPort: 9443 + protocol: "TCP" + - containerPort: 9711 + protocol: "TCP" + - containerPort: 9611 + protocol: "TCP" + - containerPort: 5672 + protocol: "TCP" + env: + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: JVM_MEM_OPTS + value: "-Xms{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xmx }}" + volumeMounts: + - name: wso2am-conf + mountPath: /home/wso2carbon/wso2-config-volume/repository/conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + mountPath: /home/wso2carbon/solr/database + - name: wso2am-solr-indexed-data-storage + mountPath: /home/wso2carbon/solr/indexed-data + - name: wso2am-conf-entrypoint + mountPath: /home/wso2carbon/docker-entrypoint.sh + subPath: docker-entrypoint.sh + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins + {{ end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.am.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds + {{ end }} + volumes: + - name: wso2am-conf + configMap: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + persistentVolumeClaim: + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-local-carbon-database-volume-claim + - name: wso2am-solr-indexed-data-storage + persistentVolumeClaim: + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-solr-indexed-data-volume-claim + - name: wso2am-conf-entrypoint + configMap: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint + defaultMode: 0407 + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + emptyDir: {} + {{ end }} diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml new file mode 100644 index 00000000..66b4bd77 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -0,0 +1,148 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-deployment + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 + template: + metadata: + annotations: + checksum.am.conf: {{ include (print $.Template.BasePath "/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml") . | sha256sum }} + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 + spec: + initContainers: + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: init-mysql-db + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] + - name: init-mysql-connector-download + image: busybox:1.32 + command: + - /bin/sh + - "-c" + - | + set -e + connector_version=8.0.17 + wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ + volumeMounts: + - name: mysql-connector-jar + mountPath: /mysql-connector-jar + {{ end }} + containers: + - name: wso2am +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} + imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.livenessProbe.periodSeconds }} + readinessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 9443 + initialDelaySeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.am.cp.readinessProbe.periodSeconds }} + lifecycle: + preStop: + exec: + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] + resources: + requests: + memory: {{ .Values.wso2.deployment.am.cp.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.am.cp.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.am.cp.resources.limits.cpu }} + securityContext: + runAsUser: 802 + ports: + - containerPort: 9763 + protocol: "TCP" + - containerPort: 9443 + protocol: "TCP" + - containerPort: 9711 + protocol: "TCP" + - containerPort: 9611 + protocol: "TCP" + - containerPort: 5672 + protocol: "TCP" + env: + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: JVM_MEM_OPTS + value: "-Xms{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.cp.resources.jvm.heap.memory.xmx }}" + volumeMounts: + - name: wso2am-conf + mountPath: /home/wso2carbon/wso2-config-volume/repository/conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + mountPath: /home/wso2carbon/solr/database + - name: wso2am-solr-indexed-data-storage + mountPath: /home/wso2carbon/solr/indexed-data + - name: wso2am-conf-entrypoint + mountPath: /home/wso2carbon/docker-entrypoint.sh + subPath: docker-entrypoint.sh + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins + {{ end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.am.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds + {{ end }} + volumes: + - name: wso2am-conf + configMap: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-conf + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + - name: wso2am-local-carbon-database-storage + persistentVolumeClaim: + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-local-carbon-database-volume-claim + - name: wso2am-solr-indexed-data-storage + persistentVolumeClaim: + claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-solr-indexed-data-volume-claim + - name: wso2am-conf-entrypoint + configMap: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint + defaultMode: 0407 + {{ end }} + {{ if .Values.wso2.deployment.dependencies.mysql }} + - name: mysql-connector-jar + emptyDir: {} + {{ end }} From a361f64e9311f8af615f2c4c80265782603c20a9 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Wed, 5 May 2021 09:31:24 +0530 Subject: [PATCH 06/34] Add service and update deployment for cp --- ...pattern-3-am-control-plane-deployment.yaml | 2 + ...am-pattern-3-am-control-plane-service.yaml | 38 +++++++++++++++++++ ...pattern-3-am-control-plane-deployment.yaml | 2 + ...am-pattern-3-am-control-plane-service.yaml | 38 +++++++++++++++++++ 4 files changed, 80 insertions(+) create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml index f17d67b9..7cbd5ff3 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -96,6 +96,8 @@ spec: - containerPort: 5672 protocol: "TCP" env: + - name: PROFILE_NAME + value: control-plane - name: NODE_IP valueFrom: fieldRef: diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml new file mode 100644 index 00000000..4839b28d --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml @@ -0,0 +1,38 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service + namespace : {{ .Release.Namespace }} +spec: + # label keys and values that must match in order to receive traffic for this service + selector: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1 + ports: + # ports that this service should serve on + - name: binary + protocol: TCP + port: 9611 + - name: binary-secure + protocol: TCP + port: 9711 + - name: jms-tcp + protocol: TCP + port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 \ No newline at end of file diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml index 66b4bd77..ef45c90b 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-deployment.yaml @@ -96,6 +96,8 @@ spec: - containerPort: 5672 protocol: "TCP" env: + - name: PROFILE_NAME + value: control-plane - name: NODE_IP valueFrom: fieldRef: diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml new file mode 100644 index 00000000..f1d09210 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml @@ -0,0 +1,38 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service + namespace : {{ .Release.Namespace }} +spec: + # label keys and values that must match in order to receive traffic for this service + selector: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + node: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2 + ports: + # ports that this service should serve on + - name: binary + protocol: TCP + port: 9611 + - name: binary-secure + protocol: TCP + port: 9711 + - name: jms-tcp + protocol: TCP + port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 \ No newline at end of file From fef89d23d97787cac2e877181a32b8027971c3b6 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Tue, 4 May 2021 20:28:02 +0530 Subject: [PATCH 07/34] Adding am-pattern-1 helm charts --- advanced/am-pattern-1/Chart.yaml | 6 +- advanced/am-pattern-1/README.md | 87 +-- advanced/am-pattern-1/auth.json | 2 +- advanced/am-pattern-1/requirements.yaml | 2 +- advanced/am-pattern-1/templates/NOTES.txt | 27 +- advanced/am-pattern-1/templates/_helpers.tpl | 2 +- ...-pattern-1-am-analytics-dashboard-bin.yaml | 330 ---------- ...pattern-1-am-analytics-dashboard-conf.yaml | 445 ------------- ...n-1-am-analytics-dashboard-deployment.yaml | 134 ---- ...tern-1-am-analytics-dashboard-service.yaml | 30 - ...2am-pattern-1-am-analytics-worker-bin.yaml | 330 ---------- ...am-pattern-1-am-analytics-worker-conf.yaml | 583 ------------------ ...-am-analytics-worker-headless-service.yaml | 54 -- ...ern-1-am-analytics-worker-statefulset.yaml | 137 ---- .../instance-1/wso2am-pattern-1-am-conf.yaml | 52 +- .../wso2am-pattern-1-am-deployment.yaml | 17 +- .../instance-2/wso2am-pattern-1-am-conf.yaml | 52 +- .../wso2am-pattern-1-am-deployment.yaml | 20 +- .../wso2am-pattern-1-am-conf-entrypoint.yaml | 22 +- .../am/wso2am-pattern-1-am-service.yaml | 6 + .../am/wso2am-pattern-1-am-volume-claims.yaml | 30 +- .../wso2am-pattern-1-am-websub-ingress.yaml | 35 ++ .../wso2am-pattern-1-mi-deployment.yaml | 94 +++ .../wso2am-pattern-1-mi-service.yaml} | 57 +- ...o2am-pattern-1-mi-management-ingress.yaml} | 16 +- ....yaml => wso2am-pattern-1-am-secrets.yaml} | 2 +- .../wso2am-pattern-1-mi-secrets.yaml | 29 + advanced/am-pattern-1/values.yaml | 196 ++---- 28 files changed, 363 insertions(+), 2434 deletions(-) delete mode 100644 advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml delete mode 100644 advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml create mode 100644 advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml create mode 100644 advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml rename advanced/am-pattern-1/templates/{am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml => mi/instance-1/wso2am-pattern-1-mi-service.yaml} (50%) rename advanced/am-pattern-1/templates/{am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml => mi/wso2am-pattern-1-mi-management-ingress.yaml} (60%) rename advanced/am-pattern-1/templates/{wso2am-pattern-1-secrets.yaml => wso2am-pattern-1-am-secrets.yaml} (94%) create mode 100644 advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml diff --git a/advanced/am-pattern-1/Chart.yaml b/advanced/am-pattern-1/Chart.yaml index 55ad51fa..d9ebb6cd 100644 --- a/advanced/am-pattern-1/Chart.yaml +++ b/advanced/am-pattern-1/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" -description: A Helm chart for the deployment of WSO2 API Manager Pattern 1 (HA All-In-One Deployment with Analytics) +appVersion: "4.0.0" +description: A Helm chart for the deployment of WSO2 API Manager Pattern 1 (HA All-In-One Deployment) name: am-pattern-1 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index abab3c45..099e7449 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of WSO2 API Manager with WSO2 API Manager Analytics +# Pattern 1: Helm Chart for Standard HA Deployment of WSO2 API Manager with WSO2 Micro Integrator -Resources for building a Helm chart for deployment of [All-In-One WSO2 API Manager with WSO2 API Manager Analytics -support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-1-single-node-all-in-one-deployment). +This deployment consists of an API-M cluster with two nodes of the API-M runtime and two nodes each of the integration runtimes (Micro Integrator/Streaming Integrator). You can use this pattern if you expect to receive low traffic to your deployment. -![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/1-single-node-deployment.png) +![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-ha-deployment.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/configuring-an-active-active-deployment/). +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment). ## Contents @@ -58,7 +57,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] Helm version 2 ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace + helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -66,7 +65,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] - Deploy the Kubernetes resources using the Helm Chart ``` - helm install wso2/am-pattern-1 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` #### Install Chart From Source @@ -98,7 +97,7 @@ git clone https://github.com/wso2/kubernetes-apim.git Helm version 2 ``` - helm install --dep-up --name /am-pattern-1 --version 3.2.0-1 --namespace + helm install --dep-up --name /am-pattern-1 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -106,7 +105,7 @@ git clone https://github.com/wso2/kubernetes-apim.git - Deploy the Kubernetes resources using the Helm Chart ``` - helm install /am-pattern-1 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-1 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,7 +116,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-1 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` ### 2. Obtain the external IP @@ -197,8 +196,6 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | Parameter | Description | Default Value | |---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | @@ -209,7 +206,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | | `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | | `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | @@ -224,48 +221,30 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | | `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | | `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Websub services | `websub.am.wso2.com` | +| `wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Websub | Community NGINX Ingress controller annotations | -**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). +###### Micro Integrator Server Configurations -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). ###### Kubernetes Specific Configurations diff --git a/advanced/am-pattern-1/auth.json b/advanced/am-pattern-1/auth.json index c06ae0ba..fbdc9cd0 100644 --- a/advanced/am-pattern-1/auth.json +++ b/advanced/am-pattern-1/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.Id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-1/requirements.yaml b/advanced/am-pattern-1/requirements.yaml index 4802ce9b..008768be 100644 --- a/advanced/am-pattern-1/requirements.yaml +++ b/advanced/am-pattern-1/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: mysql-am - version: "3.2.0-4" + version: "4.0.0-1" repository: "https://helm.wso2.com" condition: wso2.deployment.dependencies.mysql - name: nfs-server-provisioner diff --git a/advanced/am-pattern-1/templates/NOTES.txt b/advanced/am-pattern-1/templates/NOTES.txt index eb0ebba5..1e354ead 100644 --- a/advanced/am-pattern-1/templates/NOTES.txt +++ b/advanced/am-pattern-1/templates/NOTES.txt @@ -22,13 +22,6 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -37,12 +30,28 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ .Values.wso2.deployment.am.ingress.management.hostname }} {{ .Values.wso2.deployment.am.ingress.gateway.hostname }} 3. Navigate to the consoles in your browser of choice. API Manager Publisher: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/publisher API Manager DevPortal: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-1/templates/_helpers.tpl b/advanced/am-pattern-1/templates/_helpers.tpl index 7d19f297..b51897aa 100644 --- a/advanced/am-pattern-1/templates/_helpers.tpl +++ b/advanced/am-pattern-1/templates/_helpers.tpl @@ -1,5 +1,5 @@ {{/* -Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 9e0c30ed..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml deleted file mode 100644 index 28c302b3..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,445 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.dashboard.config }} - -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443 - devPortalUrl: https://{{ template "am-pattern-1.resource.prefix" . }}-am-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.ingress.management.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index c5ea0c34..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,134 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9713 - protocol: "TCP" - - containerPort: 9643 - protocol: "TCP" - - containerPort: 9613 - protocol: "TCP" - - containerPort: 7713 - protocol: "TCP" - - containerPort: 9091 - protocol: "TCP" - - containerPort: 7613 - protocol: "TCP" - volumeMounts: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml b/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml deleted file mode 100644 index 5e873404..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP - diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml deleted file mode 100644 index cea2448b..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml deleted file mode 100644 index 83b900a3..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml deleted file mode 100644 index 3b51d4de..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service - namespace: {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - - name: 'rest-api-port-1' - protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' - protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' - protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' - protocol: TCP - port: 7444 - - - name: 'event-sync-port-1' - protocol: TCP - port: 9893 diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 6aacc818..00000000 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9764 - protocol: "TCP" - - containerPort: 9444 - protocol: "TCP" - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 9090 - protocol: "TCP" - - containerPort: 7071 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml index 8c24d26d..63ba575d 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml @@ -20,18 +20,16 @@ metadata: {{ if .Values.wso2.deployment.am.config }} data: {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} - {{ else }} + {{ else }} data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" - node_ip = "$env{NODE_IP}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -80,7 +78,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -92,6 +90,11 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -122,23 +125,9 @@ data: #expiry_time = "2m" [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -186,11 +175,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] @@ -224,7 +215,7 @@ data: [[apim.throttling.url_group]] traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"] traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" + type = "failover" #[apim.workflow] #enable = false @@ -291,14 +282,6 @@ data: [transport.https.properties] proxyPort = 443 - [[apim.event_hub.publish.url_group]] - urls = ["tcp://localhost:9611"] - auth_urls = ["ssl://localhost:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"] - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" @@ -309,4 +292,5 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml index a8d3d9d5..d739923d 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml @@ -51,9 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -77,7 +74,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -110,10 +107,6 @@ spec: - name: JVM_MEM_OPTS value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-synapse-configs-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -135,15 +128,9 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-synapse-configs-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - name: wso2am-conf configMap: name: {{ template "am-pattern-1.resource.prefix" . }}-am-1-conf diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml index d770f5b8..0d8c9fdb 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml @@ -20,18 +20,16 @@ metadata: {{ if .Values.wso2.deployment.am.config }} data: {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} + {{ $index }}: |- + {{ tpl $content $ | indent 4 }} + {{- end }} - {{ else }} + {{ else }} data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.ingress.management.hostname }}" - node_ip = "$env{NODE_IP}" #offset=0 - mode = "single" #single or ha base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false server_role = "default" @@ -80,7 +78,7 @@ data: #key_password = "wso2carbon" [[apim.gateway.environment]] - name = "Production and Sandbox" + name = "Default" type = "hybrid" display_in_api_console = true description = "This is a hybrid gateway that handles both production and sandbox token traffic." @@ -92,6 +90,11 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.gateway.hostname }}" + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.ingress.websub.hostname }}" + + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] #[apim.cache.gateway_token] #enable = true @@ -122,23 +125,9 @@ data: #expiry_time = "2m" [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" @@ -186,11 +175,13 @@ data: #enable_ratings = true #enable_forum = true #enable_anonymous_mode=true + #enable_cross_tenant_subscriptions = true + #default_reserved_username = "apim_reserved_user" [apim.cors] allow_origins = "*" allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] + allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] allow_credentials = false [apim.throttling] @@ -224,7 +215,7 @@ data: [[apim.throttling.url_group]] traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"] traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" + type = "failover" #[apim.workflow] #enable = false @@ -291,14 +282,6 @@ data: [transport.https.properties] proxyPort = 443 - [[apim.event_hub.publish.url_group]] - urls = ["tcp://localhost:9611"] - auth_urls = ["ssl://localhost:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"] - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" @@ -309,4 +292,5 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{ end }} diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml index 988bcdae..d4e75d1b 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-deployment.yaml @@ -51,12 +51,6 @@ spec: - name: mysql-connector-jar mountPath: /mysql-connector-jar {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-am-instance-one - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager instance one deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-1-service 9443; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager instance one has started";'] containers: - name: wso2am {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} @@ -80,7 +74,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -113,10 +107,6 @@ spec: - name: JVM_MEM_OPTS value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-synapse-configs-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} @@ -138,15 +128,9 @@ spec: - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-synapse-configs-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - name: wso2am-conf configMap: name: {{ template "am-pattern-1.resource.prefix" . }}-am-2-conf diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml index 5ca1efc8..ab43090f 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-conf-entrypoint.yaml @@ -38,24 +38,6 @@ data: # check if the WSO2 product home exists test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - # Copying carbon_db if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db then @@ -80,10 +62,10 @@ data: if [[ -z "${PROFILE_NAME}" ]] then # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" else # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" fi {{ end }} diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml index 0a1e1633..3e083ae1 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-service.yaml @@ -35,3 +35,9 @@ spec: - name: servlet-https protocol: TCP port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml index 102f6744..ec4b240a 100644 --- a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-volume-claims.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,34 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-shared-synapse-configs-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} --- diff --git a/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml new file mode 100644 index 00000000..40e6ee4e --- /dev/null +++ b/advanced/am-pattern-1/templates/am/wso2am-pattern-1-am-websub-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-am-websub-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.ingress.websub.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.ingress.websub.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.ingress.websub.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-service + servicePort: 8021 diff --git a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml new file mode 100644 index 00000000..2b092f07 --- /dev/null +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml @@ -0,0 +1,94 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-1.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 + template: + metadata: + labels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 + spec: + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: wso2micro-integrator-deployment-creds + {{ end }} diff --git a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml similarity index 50% rename from advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml rename to advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml index 65e6b0e0..4c1e4ca1 100644 --- a/advanced/am-pattern-1/templates/am-analytics/worker/wso2am-pattern-1-am-analytics-worker-service.yaml +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,43 +11,40 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: Service metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker-service + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-service namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 +{{ include "am-pattern-1.labels" . | indent 4 }} spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-worker + type: ClusterIP ports: - # ports that this service should serve on - - - name: 'thrift' - port: 7612 - protocol: TCP - - - name: 'thrift-ssl' - port: 7712 + - port: 8290 + targetPort: 8290 protocol: TCP - - - name: 'rest-api-port-1' + name: pass-through-http + - port: 8253 + targetPort: 8253 protocol: TCP - port: 9444 - - - name: 'rest-api-port-2' + name: pass-through-https + - port: 9201 + targetPort: 9201 protocol: TCP - port: 9091 - - - name: 'rest-api-port-3' + name: metrics + - port: 9164 + targetPort: 9164 protocol: TCP - port: 7071 - - - name: 'rest-api-port-4' + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 protocol: TCP - port: 7444 - - - name: 'event-sync-port-1' - protocol: TCP - port: 9893 + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi + node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 diff --git a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml similarity index 60% rename from advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml rename to advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml index 2ec57f88..3a37bba7 100644 --- a/advanced/am-pattern-1/templates/am-analytics/dashboard/wso2am-pattern-1-am-analytics-dashboard-ingress.yaml +++ b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-ingress + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-management-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} {{- end }} spec: tls: - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} http: paths: - path: / backend: - serviceName: {{ template "am-pattern-1.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 + serviceName: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-service + servicePort: 9164 diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml similarity index 94% rename from advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml rename to advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml index db337c3f..b1cbaea5 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml @@ -22,7 +22,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-wso2-private-registry-creds + name: {{ template "am-pattern-1.resource.prefix" . }}-am-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml new file mode 100644 index 00000000..cb298e23 --- /dev/null +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -0,0 +1,29 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "reg.username" $username | replace "reg.password" $password | replace "reg.email" $email | replace "reg.auth" $auth | b64enc }} +{{ end }} diff --git a/advanced/am-pattern-1/values.yaml b/advanced/am-pattern-1/values.yaml index eed4cbd1..410a5721 100644 --- a/advanced/am-pattern-1/values.yaml +++ b/advanced/am-pattern-1/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -35,19 +35,11 @@ wso2: # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) storageClass: &storage_class "nfs" - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - # Persistent runtime artifacts for Apache Solr-based indexing apacheSolrIndexing: # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled # By default, this is disabled - enabled: false + enabled: true # Define capacities for persistent runtime artifact directories capacity: # For persisting the H2 based local Carbon database file @@ -60,7 +52,7 @@ wso2: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value # dockerRegistry: "" imageName: "wso2am" - imageTag: "3.2.0" + imageTag: "4.0.0" # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always @@ -98,11 +90,11 @@ wso2: # Maximum Heap size xmx: "1024m" - # If the deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) -# config: "" -# deployment.toml: |- -# # deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # config: "" + # deployment.toml: |- + # # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) # Configure Ingresses ingress: @@ -123,129 +115,67 @@ wso2: annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - - # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) - - # Configure Ingress - ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager WebSub service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - worker: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator + resources: + requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" kubernetes: # Name of Kubernetes service account From f914e858cdc4a449f7d93aa72b5155bd71109019 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Wed, 5 May 2021 11:17:49 +0530 Subject: [PATCH 08/34] Add common configs for control-plane --- ...rn-3-am-control-plane-conf-entrypoint.yaml | 89 +++++++++++++++++++ ...am-pattern-3-am-control-plane-ingress.yaml | 35 ++++++++ ...am-pattern-3-am-control-plane-service.yaml | 31 +++++++ ...tern-3-am-control-plane-volume-claims.yaml | 72 +++++++++++++++ 4 files changed, 227 insertions(+) create mode 100644 advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml create mode 100644 advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml new file mode 100644 index 00000000..8e22b6d5 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-conf-entrypoint.yaml @@ -0,0 +1,89 @@ +{{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-conf-entrypoint + namespace: {{ .Release.Namespace }} +data: + docker-entrypoint.sh: | + #!/bin/bash + set -e + + # volume mounts + config_volume=${WORKING_DIRECTORY}/wso2-config-volume + artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume + # home of the directories to be artifact synced within the WSO2 product home + deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server + # home of the directories with preserved, default deployment artifacts + original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp + + # check if the WSO2 non-root user home exists + test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 + + # check if the WSO2 product home exists + test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 + + # shared artifact directories + directories=("executionplans" "synapse-configs") + # if the original directory locations of artifacts to be synced between nodes are empty, + # copy the preserved, default content of these folders to these original locations + for shared_directory in ${directories[@]}; do + if test -d ${original_deployment_artifacts}/${shared_directory}; + then + if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then + if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; + then + echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" + exit 1 + fi + echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" + fi + fi + done + + # Copying carbon_db + if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db + then + echo "Copying WSO2CARBON_DB.mv.db" >&2 + cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ + fi + + # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable + if [[ ! -z "${PROFILE_NAME}" ]] + then + echo "Optimizing WSO2 Carbon Server" >&2 + sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} + fi + + # copy any configuration changes mounted to config_volume + test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ + # copy any artifact changes mounted to artifact_volume + test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ + + # start WSO2 Carbon server + echo "Start WSO2 Carbon server" >&2 + if [[ -z "${PROFILE_NAME}" ]] + then + # start the server with the provided startup arguments + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh "$@" + else + # start the server with the specified profile and provided startup arguments + sh ${WSO2_SERVER_HOME}/bin/api-manager.sh -Dprofile=${PROFILE_NAME} "$@" + fi + + {{ end }} diff --git a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml new file mode 100644 index 00000000..8c8dcbbd --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.cp.ingress.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.cp.ingress.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.cp.ingress.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.cp.ingress.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service + servicePort: 9443 diff --git a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml new file mode 100644 index 00000000..d5d362e6 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-service.yaml @@ -0,0 +1,31 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service + namespace : {{ .Release.Namespace }} +spec: + # label keys and values that must match in order to receive traffic for this service + selector: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-cp + ports: + # ports that this service should serve on + - name: servlet-http + protocol: TCP + port: 9763 + - name: servlet-https + protocol: TCP + port: 9443 diff --git a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml new file mode 100644 index 00000000..3f7a7678 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml @@ -0,0 +1,72 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-local-carbon-database-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-solr-indexed-data-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-local-carbon-database-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-solr-indexed-data-volume-claim + namespace : {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} + storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + {{ end }} From 4d2995633d01ad995b9d13c8a10b6f4d8f1931f2 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Wed, 5 May 2021 12:05:41 +0530 Subject: [PATCH 09/34] Update gateway profile confs --- .../wso2am-pattern-3-am-gateway-conf.yaml | 43 +++++++++---------- ...so2am-pattern-3-am-gateway-deployment.yaml | 24 +++-------- 2 files changed, 25 insertions(+), 42 deletions(-) diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index 1034654e..f5df4bb9 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -29,7 +29,6 @@ data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - node_ip = "$env{NODE_IP}" server_role = "gateway-worker" [user_store] @@ -60,7 +59,7 @@ data: # key manager implementation [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" username= "$ref{super_admin.username}" password= "$ref{super_admin.password}" @@ -75,37 +74,34 @@ data: #enable_user_claims = true #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever" + [apim.sync_runtime_artifacts.gateway] + gateway_labels =["Default"] + # Traffic Manager configurations [apim.throttling] username= "$ref{super_admin.username}" password= "$ref{super_admin.password}" - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/services/" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" + throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] enable_unlimited_tier = true enable_header_based_throttling = false enable_jwt_claim_based_throttling = false enable_query_param_based_throttling = false [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] type = "loadbalance" [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" [apim.analytics] - enable = "true" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" + enable = false + config_endpoint = "https://localhost:8080/auth/v1" + auth_token = "" # Caches [apim.cache.gateway_token] @@ -130,20 +126,21 @@ data: allow_credentials = false [transport.https.properties] + port = 9443 proxyPort = 443 [transport.passthru_https.sender.parameters] HostnameVerifier = "AllowAll" [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] + service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:9443" + event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] + urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] + auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] {{- end }} diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml index f9d14e52..e11cf1b6 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-deployment.yaml @@ -30,23 +30,14 @@ spec: template: metadata: annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml") . | sha256sum }} + checksum.am.gw.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml") . | sha256sum }} labels: deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway spec: initContainers: - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - - name: init-tm-1 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of TM instance one deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service 9611; do sleep 1; printf "-"; done; echo -e " >> TM instance one has started";'] - - name: init-tm-2 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of TM instance two deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service 9611; do sleep 1; printf "-"; done; echo -e " >> TM instance two has started";'] + - name: init-cp + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Control Plane deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service 9443; do sleep 1; printf "-"; done; echo -e " >> Control Plane has started";'] containers: - name: wso2am-gateway {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 8 }} @@ -80,7 +71,7 @@ spec: lifecycle: preStop: exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] + command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/api-manager.sh stop'] resources: requests: memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} @@ -100,8 +91,6 @@ spec: - containerPort: 9443 protocol: TCP volumeMounts: - - name: wso2am-gateway-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - name: wso2am-gateway-conf mountPath: /home/wso2carbon/wso2-config-volume/repository/conf serviceAccountName: {{ .Values.kubernetes.serviceAccount }} @@ -113,9 +102,6 @@ spec: - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds {{ end }} volumes: - - name: wso2am-gateway-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - name: wso2am-gateway-conf configMap: name: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-conf From 395f3cfe92726b86b8b837c1eaf44a78cf576853 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Wed, 5 May 2021 22:49:00 +0530 Subject: [PATCH 10/34] Adding am-pattern-2 helm charts --- advanced/am-pattern-2/Chart.yaml | 4 +- advanced/am-pattern-2/README.md | 184 +++--- advanced/am-pattern-2/auth.json | 2 +- advanced/am-pattern-2/requirements.yaml | 9 +- advanced/am-pattern-2/templates/NOTES.txt | 46 +- advanced/am-pattern-2/templates/_helpers.tpl | 2 +- ...-pattern-2-am-analytics-dashboard-bin.yaml | 330 ---------- ...pattern-2-am-analytics-dashboard-conf.yaml | 444 ------------- ...n-2-am-analytics-dashboard-deployment.yaml | 123 ---- ...tern-2-am-analytics-dashboard-ingress.yaml | 35 -- ...tern-2-am-analytics-dashboard-service.yaml | 28 - ...2am-pattern-2-am-analytics-worker-bin.yaml | 330 ---------- ...am-pattern-2-am-analytics-worker-conf.yaml | 583 ------------------ ...-am-analytics-worker-headless-service.yaml | 32 - ...pattern-2-am-analytics-worker-service.yaml | 31 - ...ern-2-am-analytics-worker-statefulset.yaml | 129 ---- .../wso2am-pattern-2-am-gateway-conf.yaml | 149 ----- ...so2am-pattern-2-am-gateway-deployment.yaml | 122 ---- .../wso2am-pattern-2-am-gateway-service.yaml | 41 -- ...2am-pattern-2-am-gateway-volume-claim.yaml | 26 - .../am/km/wso2am-pattern-2-am-km-conf.yaml | 110 ---- .../am/km/wso2am-pattern-2-am-km-service.yaml | 28 - .../wso2am-pattern-2-am-km-statefulset.yaml | 122 ---- .../instance-1/wso2am-pattern-2-am-conf.yaml | 313 ---------- .../wso2am-pattern-2-am-deployment.yaml | 156 ----- .../wso2am-pattern-2-am-service.yaml | 35 -- .../instance-2/wso2am-pattern-2-am-conf.yaml | 313 ---------- .../wso2am-pattern-2-am-deployment.yaml | 156 ----- .../wso2am-pattern-2-am-service.yaml | 35 -- .../wso2am-pattern-2-am-conf-entrypoint.yaml | 89 --- .../wso2am-pattern-2-am-ingress.yaml | 35 -- .../wso2am-pattern-2-am-service.yaml | 31 - .../wso2am-pattern-2-am-volume-claims.yaml | 89 --- .../wso2am-pattern-2-mi-deployment.yaml | 94 +++ .../wso2am-pattern-2-mi-service.yaml | 50 ++ ...o2am-pattern-2-mi-management-ingress.yaml} | 26 +- .../templates/wso2am-pattern-2-secrets.yaml | 4 +- .../wso2am-pattern-2-service-account.yaml | 19 - advanced/am-pattern-2/values.yaml | 467 +++++++------- 39 files changed, 496 insertions(+), 4326 deletions(-) delete mode 100644 advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml delete mode 100644 advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml delete mode 100644 advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml delete mode 100644 advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml delete mode 100644 advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml create mode 100644 advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml create mode 100644 advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml rename advanced/am-pattern-2/templates/{am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml => mi/wso2am-pattern-2-mi-management-ingress.yaml} (51%) delete mode 100644 advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml diff --git a/advanced/am-pattern-2/Chart.yaml b/advanced/am-pattern-2/Chart.yaml index 58d64d27..4f3c399d 100644 --- a/advanced/am-pattern-2/Chart.yaml +++ b/advanced/am-pattern-2/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" +appVersion: "4.0.0" description: A Helm chart for the deployment of WSO2 API Management deployment pattern 2 name: am-pattern-2 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 36264b82..3b507523 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of WSO2 API Manager with a separate Gateway and separate Key Manager along with WSO2 API Manager Analytics +# Pattern 2: Helm Chart for Standard HA Deployment of WSO2 API Manager with Multitenancy along with WSO2 Micro Integrator -Resources for building a Helm chart for deployment of [WSO2 API Manager with a separate Gateway and separate Key Manager along with -WSO2 API Manager Analytics](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-2-deployment-with-a-separate-gateway-and-separate-key-manager). +This deployment consists of two API-M nodes and two nodes each of the integration runtimes (Micro Integrator/Streaming Integrator) per tenant. You can use this pattern when traffic from different tenants in the API-M cluster needs to be handled in isolation. This deployment also allows you to direct the traffic of each tenant to a separate integration cluster. -![WSO2 API Manager pattern 2 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/2-separate-gateway-and-key-manager.png) +![WSO2 API Manager pattern 2 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-ha-with-multitenancy.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup/). +[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment-with-multitenancy). ## Contents @@ -58,7 +57,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] Helm version 2 ``` - helm install --name wso2/am-pattern-2 --version 3.2.0-1 --namespace + helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -66,7 +65,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] - Deploy the Kubernetes resources using the Helm Chart ``` - helm install wso2/am-pattern-2 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,10 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-2 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= +export SUBSCRIPTION_USERNAME= +export SUBSCRIPTION_PASSWORD= + +helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.subscription.username=$SUBSCRIPTION_USERNAME --set wso2.subscription.password=$SUBSCRIPTION_PASSWORD --set am-pattern-1.wso2.subscription.username=$SUBSCRIPTION_USERNAME --set am-pattern-1.wso2.subscription.password=$SUBSCRIPTION_PASSWORD ``` #### Install Chart From Source @@ -98,7 +100,7 @@ git clone https://github.com/wso2/kubernetes-apim.git Helm version 2 ``` - helm install --dep-up --name /am-pattern-2 --version 3.2.0-1 --namespace + helm install --dep-up --name /am-pattern-2 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -106,7 +108,7 @@ git clone https://github.com/wso2/kubernetes-apim.git - Deploy the Kubernetes resources using the Helm Chart ``` - helm install /am-pattern-2 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-2 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,39 +119,53 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-2 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-2 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. - + ``` kubectl get ing -n ``` - + The output under the relevant column stands for the following. API Manager Publisher-DevPortal -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-ingress`) -- HOSTS: Hostname of the WSO2 API Manager service (``) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-ingress`) +- HOSTS: Hostname of the WSO2 API Manager service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager service API Manager Gateway -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-gateway-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-gateway-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service -API Manager Analytics Dashboard +API Manager Websub + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Websub service + +Micro Integrator Management APIs of Tenant 1 + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-mi-1-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +Micro Integrator Management APIs of Tenant 2 + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-2-mi-2-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -160,16 +176,16 @@ If the defined hostnames are not backed by a DNS service, for the purpose of eva hostnames and the external IP in the `/etc/hosts` file at the client-side. ``` - + ``` ### 4. Access Management Consoles -- API Manager Publisher: `https:///publisher` +- API Manager Publisher: `https:///publisher` -- API Manager DevPortal: `https:///devportal` +- API Manager DevPortal: `https:///devportal` -- API Manager Analytics Dashboard: `https:///analytics-dashboard` +- API Manager Carbon Console: `https:///carbon` ## Configuration @@ -197,8 +213,6 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | Parameter | Description | Default Value | |---------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.persistentRuntimeArtifacts.storageClass` | Appropriate Kubernetes Storage Class | `nfs` | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans` | Capacity for execution plans shared between the Traffic Manager profile instances | 20M | -| `wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs` | Capacity for synapse artifacts of APIs shared between the Gateway profile instances | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled` | Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled | false | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase` | Capacity for persisting the H2 based local Carbon database file | 50M | | `wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData` | Capacity for persisting the Apache Solr indexed data | 50M | @@ -209,89 +223,51 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 1Gi | -| `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 1000m | -| `wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 2Gi | -| `wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 2000m | -| `wso2.deployment.am.gateway.ingress.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | -| `wso2.deployment.am.gateway.ingress.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.gateway.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Gateway | 60 | -| `wso2.deployment.am.gateway.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Gateway | 10 | -| `wso2.deployment.am.gateway.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Gateway | 60 | -| `wso2.deployment.am.gateway.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Gateway | 10 | -| `wso2.deployment.am.gateway.replicas` | Number of replicas of API Manager Gateway to be started | 2 | -| `wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.gateway.config` | Custom deployment configuration file for Gateway profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.km.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Key Manager | 60 | -| `wso2.deployment.am.km.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Key Manager | 10 | -| `wso2.deployment.am.km.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Key Manager | 60 | -| `wso2.deployment.am.km.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Key Manager | 10 | -| `wso2.deployment.am.km.replicas` | Number of replicas of API Manager Key Manager to be started | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.km.config` | Custom deployment configuration file for Key Manager profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.pubDevPortalTM.ingress.hostname` | Hostname for API Manager Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | -| `wso2.deployment.am.pubDevPortalTM.ingress.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | -| `wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | -| `wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | -| `wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | -| `wso2.deployment.am.pubDevPortalTM.resources.requests.memory` | The minimum amount of memory that should be allocated for API Manager All-In-One | 2Gi | -| `wso2.deployment.am.pubDevPortalTM.resources.requests.cpu` | The minimum amount of CPU that should be allocated for API Manager All-In-One | 2000m | -| `wso2.deployment.am.pubDevPortalTM.resources.limits.memory` | The maximum amount of memory that should be allocated for API Manager All-In-One | 3Gi | -| `wso2.deployment.am.pubDevPortalTM.resources.limits.cpu` | The maximum amount of CPU that should be allocated for API Manager All-In-One | 3000m | -| `wso2.deployment.am.pubDevPortalTM.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | +| `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | +| `wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager node | 180 | +| `wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager node | 10 | +| `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 2Gi | +| `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | +| `wso2.deployment.am.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 3Gi | +| `wso2.deployment.am.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 3000m | +| `wso2.deployment.am.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.am.ingress.management.hostname` | Hostname for API Manager Admin Portal, Publisher, DevPortal and Carbon Management Console | `am.wso2.com` | +| `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | +| `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Websub services | `websub.am.wso2.com` | +| `wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Websub | Community NGINX Ingress controller annotations | + +###### Micro Integrator Server Configurations -**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). ###### Kubernetes Specific Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| -| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-pattern-2-svc-account` | +| `kubernetes.serviceAccount` | Name of the Kubernetes Service Account to which the Pods are to be bound | `wso2am-pattern-1-svc-account` | ## Runtime Artifact Persistence and Sharing @@ -311,7 +287,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters * For advanced details with regards to managing custom Java keystores and truststores in a container based WSO2 product deployment please refer to the [official WSO2 container guide](https://github.com/wso2/container-guide/blob/master/deploy/Managing_Keystores_And_Truststores.md). - + ## Configuring SSL in Service Exposure * For WSO2 recommended best practices in configuring SSL when exposing the internal product services to outside of the Kubernetes cluster, diff --git a/advanced/am-pattern-2/auth.json b/advanced/am-pattern-2/auth.json index 88619f76..97387c87 100644 --- a/advanced/am-pattern-2/auth.json +++ b/advanced/am-pattern-2/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-2/requirements.yaml b/advanced/am-pattern-2/requirements.yaml index 7cbd9c07..f53f5fcb 100644 --- a/advanced/am-pattern-2/requirements.yaml +++ b/advanced/am-pattern-2/requirements.yaml @@ -13,11 +13,6 @@ # limitations under the License. dependencies: - - name: mysql-am - version: "3.2.0-4" + - name: am-pattern-1 + version: "4.0.0-1" repository: "https://helm.wso2.com" - condition: wso2.deployment.dependencies.mysql - - name: nfs-server-provisioner - version: "1.1.0" - repository: "https://helm.wso2.com" - condition: wso2.deployment.dependencies.nfsServerProvisioner diff --git a/advanced/am-pattern-2/templates/NOTES.txt b/advanced/am-pattern-2/templates/NOTES.txt index b2faa965..dee145ec 100644 --- a/advanced/am-pattern-2/templates/NOTES.txt +++ b/advanced/am-pattern-2/templates/NOTES.txt @@ -10,25 +10,18 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an API Manager Publisher-DevPortal - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-ingress) - - HOSTS: Hostname of the WSO2 API Manager service ({{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}) + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-ingress) + - HOSTS: Hostname of the WSO2 API Manager service ({{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager service API Manager Gateway - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-ingress) - - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ .Values.wso2.deployment.am.gateway.ingress.hostname }}) + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-am-gateway-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Gateway service ({{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "gateway" "hostname" }}) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -37,12 +30,35 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }} {{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "gateway" "hostname" }} 3. Navigate to the consoles in your browser of choice. - API Manager Publisher: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/publisher - API Manager DevPortal: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + API Manager Publisher: https://{{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}/publisher + API Manager DevPortal: https://{{ index .Values "am-pattern-1" "wso2" "deployment" "am" "ingress" "management" "hostname" }}/devportal + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Instance 1 Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ index .Values "am-pattern-1" "wso2" "deployment" "mi" "ingress" "management" "hostname" }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + + Micro Integrator Instance 2 Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-2.resource.prefix" . }}-mi-2-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ index .Values "am-pattern-1" "wso2" "deployment" "mi" "ingress" "management" "hostname" }} {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-2/templates/_helpers.tpl b/advanced/am-pattern-2/templates/_helpers.tpl index b801d4ea..90484fb1 100644 --- a/advanced/am-pattern-2/templates/_helpers.tpl +++ b/advanced/am-pattern-2/templates/_helpers.tpl @@ -1,5 +1,5 @@ {{/* -Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml deleted file mode 100644 index 9355acca..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.dashboard.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml deleted file mode 100644 index 6ac48d8f..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml +++ /dev/null @@ -1,444 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.analytics.dashboard.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.dashboard.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: wso2-am-analytics - # server name - name: WSO2 API Manager Analytics Server - # enable/disable hostname verifier - hostnameVerificationEnabled: false - # ports used by this server - ports: - # port offset - offset: 3 - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # HA Configuration - state.persistence: - enabled: false - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.FileSystemPersistenceStore - config: - location: siddhi-app-persistence - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - - # Data Sources Configuration - wso2.datasources: - dataSources: - # Dashboard data source - - name: WSO2_DASHBOARD_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/DASHBOARD_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DASHBOARD_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - name: BUSINESS_RULES_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/BUSINESS_RULES_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_BUSINESS_RULES_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 20 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Data source for APIM Analytics - - name: APIM_ANALYTICS_DB - description: Datasource used for APIM Analytics - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - #Main datasource used in API Manager - - name: AM_DB - description: Main datasource used by API Manager - jndiConfig: - name: jdbc/AM_DB - definition: - type: RDBMS - configuration: - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false" - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - wso2.business.rules.manager: - datasource: BUSINESS_RULES_DB - # rule template wise configuration for deploying business rules - deployment_configs: - - - # : of the Worker node - localhost:9444: - # UUIDs of rule templates that are needed to be deployed on the node - - stock-data-analysis - - stock-exchange-input - - stock-exchange-output - - identifying-continuous-production-decrease - - popular-tweets-analysis - - http-analytics-processing - - message-tracing-source-template - - message-tracing-app-template - # credentials for worker nodes - username: admin - password: admin - - wso2.transport.http: - transportProperties: - - name: "server.bootstrap.socket.timeout" - value: 60 - - name: "client.bootstrap.socket.timeout" - value: 60 - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - id: "default" - host: "0.0.0.0" - port: 9089 - - - id: "default-https" - host: "0.0.0.0" - port: 9640 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - ## Dashboard data provider authorization - data.provider.configs: - authorizingClass: org.wso2.analytics.apim.dashboards.core.data.provider.Authorizer - - ## Additional APIs that needs to be added to the server. - ## Should be provided as a key value pairs { API context path: Microservice implementation class } - ## The configured APIs will be available as https://{host}:{port}/analytics-dashboard/{API_context_path} - additional.apis: - /apis/analytics/v1.0/apim: org.wso2.analytics.apim.rest.api.proxy.ApimApi - /apis/v1.0/report: org.wso2.analytics.apim.rest.api.report.ReportApi - - report: - implClass: org.wso2.analytics.apim.rest.api.report.reportgen.DefaultReportGeneratorImpl - - ## Authentication configuration - auth.configs: - type: apim - ssoEnabled: true - properties: - adminScope: apim_analytics:admin_carbon.super - allScopes: apim_analytics:admin openid apim:api_view apim:subscribe apim_analytics:monitoring_dashboard:own apim_analytics:monitoring_dashboard:edit apim_analytics:monitoring_dashboard:view apim_analytics:business_analytics:own apim_analytics:business_analytics:edit apim_analytics:business_analytics:view apim_analytics:api_analytics:own apim_analytics:api_analytics:edit apim_analytics:api_analytics:view apim_analytics:application_analytics:own apim_analytics:application_analytics:edit apim_analytics:application_analytics:view - adminUsername: admin - adminPassword: admin - kmDcrUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443/client-registration/v0.17/register - kmTokenUrlForRedirection: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/oauth2 - kmTokenUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443/oauth2 - kmUsername: admin - kmPassword: admin - portalAppContext: analytics-dashboard - businessRulesAppContext : business-rules - cacheTimeout: 30 - baseUrl: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - grantType: authorization_code - publisherUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443 - devPortalUrl: https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443 - externalLogoutUrl: https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/oidc/logout - - wso2.dashboard: - roles: - creators: - - apim_analytics:admin_carbon.super - themeConfigProviderClass: org.wso2.carbon.dashboards.core.DefaultDashboardThemeConfigProvider - - ## RDBMS Data Provider configuration - wso2.rdbms.data.provider: - timeTypes: - - DATE - - TIME - - DATETIME - - TIMESTAMP - - TIMESTAMP WITHOUT TIME ZONE - {{- end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml deleted file mode 100644 index bd114b4d..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.analytics.dashboard.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - template: - metadata: - annotations: - checksum.am.analytics.dashboard.conf: {{ include (print $.Template.BasePath "/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-am - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager service has started";'] - containers: - - name: wso2am-analytics-dashboard -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.dashboard) | indent 8 }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9643 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/dashboard.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.dashboard.resources.limits.cpu }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.dashboard.imagePullPolicy }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9643 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-dashboard-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/dashboard/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-dashboard-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/dashboard/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.analytics.dashboard.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-analytics-dashboard-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-conf - - name: wso2am-analytics-dashboard-bin - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml deleted file mode 100644 index 843d550f..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-ingress - namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.analytics.dashboard.ingress.annotations }} - annotations: -{{ toYaml .Values.wso2.deployment.analytics.dashboard.ingress.annotations | indent 4 }} -{{- end }} -spec: - tls: - - hosts: - - {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - rules: - - host: {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-service - servicePort: 9643 diff --git a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml b/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml deleted file mode 100644 index 52caf88c..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/dashboard/wso2am-pattern-2-am-analytics-dashboard-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-dashboard - ports: - # ports that this service should serve on - - name: 'analytics-dashboard' - port: 9643 - protocol: TCP diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml deleted file mode 100644 index 7db6b747..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-bin.yaml +++ /dev/null @@ -1,330 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-bin - namespace : {{ .Release.Namespace }} -data: - carbon.sh: |- - #!/bin/sh - # --------------------------------------------------------------------------- - # Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # ---------------------------------------------------------------------------- - # Main Script for the WSO2 Carbon Server - # - # Environment Variable Prequisites - # - # CARBON_HOME Home of WSO2 Carbon installation. If not set I will try - # to figure it out. - # RUNTIME_HOME Home of WSO2 Carbon Runtime. . - # - # JAVA_HOME Must point at your Java Development Kit installation. - # - # JAVA_OPTS (Optional) Java runtime options used when the commands - # is executed. - # - # NOTE: Borrowed generously from Apache Tomcat startup scripts. - # ----------------------------------------------------------------------------- - - # OS specific support. $var _must_ be set to either true or false. - #ulimit -n 100000 - - cygwin=false; - darwin=false; - os400=false; - mingw=false; - case "`uname`" in - CYGWIN*) cygwin=true;; - MINGW*) mingw=true;; - OS400*) os400=true;; - Darwin*) darwin=true - if [ -z "$JAVA_VERSION" ] ; then - JAVA_VERSION="CurrentJDK" - else - echo "Using Java version: $JAVA_VERSION" - fi - if [ -z "$JAVA_HOME" ] ; then - JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home - fi - ;; - esac - - # resolve links - $0 may be a softlink - PRG="$0" - - while [ -h "$PRG" ]; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '.*/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`/"$link" - fi - done - - # Get standard environment variables - TEMPCURDIR=`dirname "$PRG"` - - # Only set RUNTIME_HOME if not already set - [ -z "$RUNTIME_HOME" ] && RUNTIME_HOME=`cd "$TEMPCURDIR/.." ; pwd` - - # Only set CARBON_HOME if not already set - [ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$TEMPCURDIR/../../../" ; pwd` - - # Only set RUNTIME if not already set - [ -z "$RUNTIME" ] && RUNTIME=${RUNTIME_HOME##*/} - - # For Cygwin, ensure paths are in UNIX format before anything is touched - if $cygwin; then - [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` - [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` - [ -n "$RUNTIME_HOME" ] && RUNTIME_HOME=`cygpath --unix "$RUNTIME_HOME"` - fi - - # For OS400 - if $os400; then - # Set job priority to standard for interactive (interactive - 6) by using - # the interactive priority - 6, the helper threads that respond to requests - # will be running at the same priority as interactive jobs. - COMMAND='chgjob job('$JOBNAME') runpty(6)' - system $COMMAND - - # Enable multi threading - QIBM_MULTI_THREADED=Y - export QIBM_MULTI_THREADED - fi - - # For Migwn, ensure paths are in UNIX format before anything is touched - if $mingw ; then - [ -n "$CARBON_HOME" ] && - CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" - [ -n "$JAVA_HOME" ] && - JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" - # TODO classpath? - fi - - if [ -z "$JAVACMD" ] ; then - if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - else - JAVACMD=java - fi - fi - - if [ ! -x "$JAVACMD" ] ; then - echo "Error: JAVA_HOME is not defined correctly." - echo " CARBON cannot execute $JAVACMD" - exit 1 - fi - - # if JAVA_HOME is not set we're not happy - if [ -z "$JAVA_HOME" ]; then - echo "You must set the JAVA_HOME variable before running CARBON." - exit 1 - fi - - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - PID=`cat "$RUNTIME_HOME"/runtime.pid` - fi - - # ----- Process the input command ---------------------------------------------- - args="" - for c in $* - do - if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then - CMD="--debug" - continue - elif [ "$CMD" = "--debug" ]; then - if [ -z "$PORT" ]; then - PORT=$c - fi - elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then - CMD="stop" - elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then - CMD="start" - elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then - CMD="version" - elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then - CMD="restart" - elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then - CMD="test" - else - args="$args $c" - fi - done - - if [ "$CMD" = "--debug" ]; then - if [ "$PORT" = "" ]; then - echo " Please specify the debug port after the --debug option" - exit 1 - fi - if [ -n "$JAVA_OPTS" ]; then - echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." - fi - CMD="RUN" - JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" - echo "Please start the remote debugging client to continue..." - elif [ "$CMD" = "start" ]; then - if [ -e "$RUNTIME_HOME/runtime.pid" ]; then - if ps -p $PID > /dev/null ; then - echo "Process is already running" - exit 0 - fi - fi - export CARBON_HOME=$CARBON_HOME - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "stop" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - exit 0 - elif [ "$CMD" = "restart" ]; then - export CARBON_HOME=$CARBON_HOME - kill -term `cat $RUNTIME_HOME/runtime.pid` - process_status=0 - pid=`cat $RUNTIME_HOME/runtime.pid` - while [ "$process_status" -eq "0" ] - do - sleep 1; - ps -p$pid 2>&1 > /dev/null - process_status=$? - done - - # using nohup bash to avoid erros in solaris OS.TODO - nohup bash $RUNTIME_HOME/bin/carbon.sh $args > /dev/null 2>&1 & - exit 0 - elif [ "$CMD" = "test" ]; then - JAVACMD="exec "$JAVACMD"" - elif [ "$CMD" = "version" ]; then - cat $CARBON_HOME/bin/kernel-version.txt - exit 0 - fi - - # ---------- Handle the SSL Issue with proper JDK version -------------------- - java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') - java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') - if [ $java_version_formatted -lt 0108 ] || [ $java_version_formatted -gt 1100 ]; then - echo " Starting WSO2 Carbon (in unsupported JDK)" - echo " [ERROR] CARBON is supported only on JDK 1.8 and 11" - fi - - CARBON_XBOOTCLASSPATH="" - for f in "$CARBON_HOME"/bin/bootstrap/xboot/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/xboot/*.jar" ];then - CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f - fi - done - - JAVA_ENDORSED_DIRS="$CARBON_HOME/bin/bootstrap/endorsed":"$JAVA_HOME/jre/lib/endorsed":"$JAVA_HOME/lib/endorsed" - - CARBON_CLASSPATH="" - if [ -e "$JAVA_HOME/bin/bootstrap/tools.jar" ]; then - CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" - fi - for f in "$CARBON_HOME"/bin/bootstrap/*.jar - do - if [ "$f" != "$CARBON_HOME/bin/bootstrap/*.jar" ];then - CARBON_CLASSPATH="$CARBON_CLASSPATH":$f - fi - done - for t in "$CARBON_HOME"/bin/bootstrap/commons-lang*.jar - do - CARBON_CLASSPATH="$CARBON_CLASSPATH":$t - done - # For Cygwin, switch paths to Windows format before running java - if $cygwin; then - JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` - CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` - RUNTIME_HOME=`cygpath --absolute --windows "$RUNTIME_HOME"` - CLASSPATH=`cygpath --path --windows "$CLASSPATH"` - if [ $java_version_formatted -le 0108 ]; then - JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` - fi - CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` - CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` - fi - - # ----- Execute The Requested Command ----------------------------------------- - - echo JAVA_HOME environment variable is set to $JAVA_HOME - echo CARBON_HOME environment variable is set to $CARBON_HOME - echo RUNTIME_HOME environment variable is set to $RUNTIME_HOME - - cd "$RUNTIME_HOME" - - START_EXIT_STATUS=121 - status=$START_EXIT_STATUS - - #To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. - # -Djava.rmi.server.hostname="your.IP.goes.here" - - JAVA_VER_BASED_OPTS="" - if [ $java_version_formatted -le 0108 ]; then - JAVA_VER_BASED_OPTS="-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS" - fi - - if [ $java_version_formatted -ge 1100 ] ; then - JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" - fi - - while [ "$status" = "$START_EXIT_STATUS" ] - do - $JAVACMD \ - -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ - -Xms{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.analytics.worker.resources.jvm.heap.memory.xmx }} \ - -XX:+HeapDumpOnOutOfMemoryError \ - -XX:HeapDumpPath="$RUNTIME_HOME/logs/heap-dump.hprof" \ - $JAVA_OPTS \ - -classpath "$CARBON_CLASSPATH" \ - $JAVA_VER_BASED_OPTS \ - -Djava.io.tmpdir="$CARBON_HOME/tmp" \ - -Dcarbon.registry.root=/ \ - -Djava.command="$JAVACMD" \ - -Dcarbon.home="$CARBON_HOME" \ - -Dwso2.runtime.path="$RUNTIME_HOME" \ - -Dwso2.runtime="$RUNTIME" \ - -Djavax.xml.bind.JAXBContextFactory="com.sun.xml.bind.v2.ContextFactory" \ - -Djava.util.logging.config.file="$RUNTIME_HOME/bin/bootstrap/logging.properties" \ - -Djava.security.egd=file:/dev/./urandom \ - -Dfile.encoding=UTF8 \ - -Djavax.net.ssl.keyStore="$CARBON_HOME/resources/security/wso2carbon.jks" \ - -Djavax.net.ssl.keyStorePassword="wso2carbon" \ - -Djavax.net.ssl.trustStore="$CARBON_HOME/resources/security/client-truststore.jks" \ - -Djavax.net.ssl.trustStorePassword="wso2carbon" \ - -Dio.netty.tryReflectionSetAccessible=false \ - org.wso2.carbon.launcher.Main $* - status=$? - done diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml deleted file mode 100644 index 47af4bc2..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml +++ /dev/null @@ -1,583 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.analytics.worker.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.analytics.worker.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.yaml: |- - ################################################################################ - # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved - # - # Licensed under the Apache License, Version 2.0 (the \"License\"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an \"AS IS\" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - ################################################################################ - - # Carbon Configuration Parameters - wso2.carbon: - type: wso2-apim-analytics - # value to uniquely identify a server - id: ${NODE_ID} - # server name - name: WSO2 API Manager Analytics Server - # ports used by this server - ports: - # port offset - offset: 1 - - wso2.transport.http: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 9090 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 9443 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - senderConfigurations: - - - id: "http-sender" - - siddhi.stores.query.api: - transportProperties: - - - name: "server.bootstrap.socket.timeout" - value: 60 - - - name: "client.bootstrap.socket.timeout" - value: 60 - - - name: "latency.metrics.enabled" - value: true - - listenerConfigurations: - - - id: "default" - host: "0.0.0.0" - port: 7071 - - - id: "msf4j-https" - host: "0.0.0.0" - port: 7444 - scheme: https - keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks" - keyStorePassword: wso2carbon - certPass: wso2carbon - - # Configuration used for the databridge communication - databridge.config: - # No of worker threads to consume events - # THIS IS A MANDATORY FIELD - workerThreads: 10 - # Maximum amount of messages that can be queued internally in MB - # THIS IS A MANDATORY FIELD - maxEventBufferCapacity: 10000000 - # Queue size; the maximum number of events that can be stored in the queue - # THIS IS A MANDATORY FIELD - eventBufferSize: 2000 - # Keystore file path - # THIS IS A MANDATORY FIELD - keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks - # Keystore password - # THIS IS A MANDATORY FIELD - keyStorePassword : wso2carbon - # Session Timeout value in mins - # THIS IS A MANDATORY FIELD - clientTimeoutMin: 30 - # Data receiver configurations - # THIS IS A MANDATORY FIELD - dataReceivers: - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Thrift - # Data receiver properties - properties: - tcpPort: '7611' - sslPort: '7711' - - - - # Data receiver configuration - dataReceiver: - # Data receiver type - # THIS IS A MANDATORY FIELD - type: Binary - # Data receiver properties - properties: - tcpPort: '9611' - sslPort: '9711' - tcpReceiverThreadPoolSize: '100' - sslReceiverThreadPoolSize: '100' - hostName: 0.0.0.0 - - # Configuration of the Data Agents - to publish events through databridge - data.agent.config: - # Data agent configurations - # THIS IS A MANDATORY FIELD - agents: - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Thrift - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - - # Data agent configuration - agentConfiguration: - # Data agent name - # THIS IS A MANDATORY FIELD - name: Binary - # Data endpoint class - # THIS IS A MANDATORY FIELD - dataEndpointClass: org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint - # Data publisher strategy - publishingStrategy: async - # Trust store path - trustStorePath: '${sys:carbon.home}/resources/security/client-truststore.jks' - # Trust store password - trustStorePassword: 'wso2carbon' - # Queue Size - queueSize: 32768 - # Batch Size - batchSize: 200 - # Core pool size - corePoolSize: 1 - # Socket timeout in milliseconds - socketTimeoutMS: 30000 - # Maximum pool size - maxPoolSize: 1 - # Keep alive time in pool - keepAliveTimeInPool: 20 - # Reconnection interval - reconnectionInterval: 30 - # Max transport pool size - maxTransportPoolSize: 250 - # Max idle connections - maxIdleConnections: 250 - # Eviction time interval - evictionTimePeriod: 5500 - # Min idle time in pool - minIdleTimeInPool: 5000 - # Secure max transport pool size - secureMaxTransportPoolSize: 250 - # Secure max idle connections - secureMaxIdleConnections: 250 - # secure eviction time period - secureEvictionTimePeriod: 5500 - # Secure min idle time in pool - secureMinIdleTimeInPool: 5000 - # SSL enabled protocols - sslEnabledProtocols: TLSv1.1,TLSv1.2 - # Ciphers - ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - - # This is the main configuration for metrics - wso2.metrics: - # Enable Metrics - enabled: false - reporting: - console: - - # The name for the Console Reporter - name: Console - - # Enable Console Reporter - enabled: false - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and printing in the console - pollingPeriod: 5 - - wso2.metrics.jdbc: - # Data Source Configurations for JDBC Reporters - dataSource: - # Default Data Source Configuration - - &JDBC01 - # JNDI name of the data source to be used by the JDBC Reporter. - # This data source should be defined in a *-datasources.xml file in conf/datasources directory. - dataSourceName: java:comp/env/jdbc/WSO2MetricsDB - # Schedule regular deletion of metrics data older than a set number of days. - # It is recommended that you enable this job to ensure your metrics tables do not get extremely large. - # Deleting data older than seven days should be sufficient. - scheduledCleanup: - # Enable scheduled cleanup to delete Metrics data in the database. - enabled: true - - # The scheduled job will cleanup all data older than the specified days - daysToKeep: 3 - - # This is the period for each cleanup operation in seconds. - scheduledCleanupPeriod: 86400 - - # The JDBC Reporter is in the Metrics JDBC Core feature - reporting: - # The JDBC Reporter configurations will be ignored if the Metrics JDBC Core feature is not available in runtime - jdbc: - - # The name for the JDBC Reporter - name: JDBC - - # Enable JDBC Reporter - enabled: true - - # Source of Metrics, which will be used to identify each metric in database --> - # Commented to use the hostname by default - # source: Carbon - - # Alias referring to the Data Source configuration - dataSource: *JDBC01 - - # Polling Period in seconds. - # This is the period for polling metrics from the metric registry and updating the database with the values - pollingPeriod: 60 - - # Deployment configuration parameters - wso2.artifact.deployment: - # Scheduler update interval - updateInterval: 5 - - # Periodic Persistence Configuration - state.persistence: - enabled: true - intervalInMin: 1 - revisionsToKeep: 2 - persistenceStore: org.wso2.carbon.streaming.integrator.core.persistence.DBPersistenceStore - config: - datasource: PERSISTENCE_DB # A datasource with this name should be defined in wso2.datasources namespace - table: PERSISTENCE_TABLE - - # Secure Vault Configuration - wso2.securevault: - secretRepository: - type: org.wso2.carbon.secvault.repository.DefaultSecretRepository - parameters: - privateKeyAlias: wso2carbon - keystoreLocation: ${sys:carbon.home}/resources/security/securevault.jks - secretPropertiesFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/secrets.properties - masterKeyReader: - type: org.wso2.carbon.secvault.reader.DefaultMasterKeyReader - parameters: - masterKeyReaderFile: ${sys:carbon.home}/conf/${sys:wso2.runtime}/master-keys.yaml - - # Datasource Configurations - wso2.datasources: - dataSources: - # carbon metrics data source - - name: WSO2_METRICS_DB - description: The datasource used for dashboard feature - jndiConfig: - name: jdbc/WSO2MetricsDB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/dashboard/database/metrics;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 30 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: WSO2_PERMISSIONS_DB - description: The datasource used for permission feature - jndiConfig: - name: jdbc/PERMISSION_DB - useJndiReference: true - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_PERMISSIONS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 10 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - name: GEO_LOCATION_DATA - description: "The data source used for geo location database" - jndiConfig: - name: jdbc/GEO_LOCATION_DATA - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:h2:${sys:carbon.home}/wso2/worker/database/GEO_LOCATION_DATA;AUTO_SERVER=TRUE' - username: wso2carbon - password: wso2carbon - driverClassName: org.h2.Driver - maxPoolSize: 50 - idleTimeout: 60000 - validationTimeout: 30000 - isAutoCommit: false - - - name: APIM_ANALYTICS_DB - description: "The datasource used for APIM statistics aggregated data." - jndiConfig: - name: jdbc/APIM_ANALYTICS_DB - definition: - type: RDBMS - configuration: - jdbcUrl: 'jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_STATS_DB?useSSL=false' - username: wso2carbon - password: wso2carbon - driverClassName: com.mysql.cj.jdbc.Driver - maxPoolSize: 50 - idleTimeout: 60000 - connectionTestQuery: SELECT 1 - validationTimeout: 30000 - isAutoCommit: false - - - - name: WSO2_CLUSTER_DB - description: "The datasource used by cluster coordinators in HA deployment" - jndiConfig: - name: jdbc/WSO2_CLUSTER_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_CLUSTER_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - - - name: PERSISTENCE_DB - description: "Datasource used for persistence" - jndiConfig: - name: jdbc/PERSISTENCE_DB - definition: - type: RDBMS - configuration: - connectionTestQuery: "SELECT 1" - driverClassName: com.mysql.cj.jdbc.Driver - idleTimeout: 60000 - isAutoCommit: false - jdbcUrl: "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2_PERSISTENCE_DB?useSSL=false" - maxPoolSize: 50 - password: wso2carbon - username: wso2carbon - validationTimeout: 30000 - - siddhi: - # properties: - # partitionById: true - # shardId: 1 - refs: - - ref: - name: 'grpcSource' - type: 'grpc' - properties: - receiver.url : grpc://localhost:9806/org.wso2.analytics.mgw.grpc.service.AnalyticsSendService/sendAnalytics - extensions: - - - extension: - name: 'findCountryFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - - - extension: - name: 'findCityFromIP' - namespace: 'geo' - properties: - geoLocationResolverClass: org.wso2.extension.siddhi.execution.geo.internal.impl.DefaultDBBasedGeoLocationResolver - isCacheEnabled: true - cacheSize: 10000 - isPersistInDatabase: true - datasource: GEO_LOCATION_DATA - #Enabling GRPC Service with an Extension - - - extension: - name: 'grpc' - namespace: 'source' - properties: - keyStoreFile : ${sys:carbon.home}/resources/security/wso2carbon.jks - keyStorePassword : wso2carbon - keyStoreAlgorithm : SunX509 - trustStoreFile : ${sys:carbon.home}/resources/security/client-truststore.jks - trustStorePassword : wso2carbon - trustStoreAlgorithm : SunX509 - # Provides the regular expression collection to parse the user-agent header - - - extension: - name: 'getUserAgentProperty' - namespace: 'env' - properties: - regexFilePath : ${sys:carbon.home}/conf/worker/regexes.yaml - - # Cluster Configuration - cluster.config: - enabled: true - groupId: sp - coordinationStrategyClass: org.wso2.carbon.cluster.coordinator.rdbms.RDBMSCoordinationStrategy - strategyConfig: - datasource: WSO2_CLUSTER_DB - heartbeatInterval: 5000 - heartbeatMaxRetry: 5 - eventPollingInterval: 5000 - - # Authentication configuration - auth.configs: - type: 'local' # Type of the IdP client used - userManager: - adminRole: admin # Admin role which is granted all permissions - userStore: # User store - users: - - - user: - username: admin - password: YWRtaW4= - roles: 1 - roles: - - - role: - id: 1 - displayName: admin - - # Configuration to enable apim alerts - #analytics.solutions: - # APIM-alerts.enabled: true - - # Sample of deployment.config for Two node HA - deployment.config: - type: ha - passiveNodeDetailsWaitTimeOutMillis: 300000 - passiveNodeDetailsRetrySleepTimeMillis: 500 - eventByteBufferQueueCapacity: 20000 - byteBufferExtractorThreadPoolSize: 5 - eventSyncServer: - host: ${NODE_IP} - port: 9893 - advertisedHost: ${NODE_IP} - advertisedPort: 9893 - bossThreads: 10 - workerThreads: 10 - eventSyncClientPool: - maxActive: 10 - maxTotal: 10 - maxIdle: 10 - maxWait: 60000 - minEvictableIdleTimeMillis: 120000 - - # Sample of deployment.config for Distributed deployment - #deployment.config: - # type: distributed - # httpsInterface: - # host: 192.168.1.3 - # port: 9443 - # username: admin - # password: admin - # leaderRetryInterval: 10000 - # resourceManagers: - # - host: 192.168.1.1 - # port: 9543 - # username: admin - # password: admin - # - host: 192.168.1.2 - # port: 9543 - # username: admin - # password: admin - {{- end }} diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml deleted file mode 100644 index 25bbf785..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-headless-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift' - port: 7612 - protocol: TCP - - name: 'thrift-ssl' - port: 7712 - protocol: TCP diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml deleted file mode 100644 index 0f9bc1b1..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - ports: - # ports that this service should serve on - - name: 'thrift-ssl' - port: 7712 - protocol: TCP - - name: 'rest-api-port-1' - protocol: TCP - port: 7444 diff --git a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml b/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml deleted file mode 100644 index 12e66bea..00000000 --- a/advanced/am-pattern-2/templates/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-statefulset.yaml +++ /dev/null @@ -1,129 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service - template: - metadata: - annotations: - checksum.am.analytics.worker.conf: {{ include (print $.Template.BasePath "/am-analytics/worker/wso2am-pattern-2-am-analytics-worker-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-analytics-worker - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - containers: - - name: wso2am-analytics-worker -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.analytics.worker) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.analytics.worker.imagePullPolicy }} - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9444 - initialDelaySeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.analytics.worker.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/worker.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.analytics.worker.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.analytics.worker.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 7612 - protocol: "TCP" - - containerPort: 7712 - protocol: "TCP" - - containerPort: 7444 - protocol: "TCP" - volumeMounts: - - name: wso2am-analytics-worker-conf - mountPath: /home/wso2carbon/wso2-config-volume/conf/worker/deployment.yaml - subPath: deployment.yaml - - name: wso2am-analytics-worker-bin - mountPath: /home/wso2carbon/wso2-config-volume/wso2/worker/bin/carbon.sh - subPath: carbon.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/lib - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-analytics-worker-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-conf - - name: wso2am-analytics-worker-bin - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-bin - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml deleted file mode 100644 index 717c419f..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml +++ /dev/null @@ -1,149 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.gateway.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.gateway.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role = "gateway-worker" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.shared_db] - type = "h2" - url = "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE" - username = "wso2carbon" - password = "wso2carbon" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - # JWT Generation - [apim.jwt] - enable = true - encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - claim_dialect = "http://wso2.org/claims" - header = "X-JWT-Assertion" - signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever" - - # Traffic Manager configurations - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - enable_unlimited_tier = true - enable_header_based_throttling = false - enable_jwt_claim_based_throttling = false - enable_query_param_based_throttling = false - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - [apim.analytics] - enable = "true" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - # Caches - [apim.cache.gateway_token] - enable = true - expiry_time = 15 - - [apim.cache.resource] - enable = true - - [apim.cache.jwt_claim] - enable = true - expiry_time = 900 - - [apim.oauth_config] - remove_outbound_auth_header = true - auth_header = "Authorization" - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction"] - allow_credentials = false - - [transport.https.properties] - proxyPort = 443 - - [transport.passthru_https.sender.parameters] - HostnameVerifier = "AllowAll" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml deleted file mode 100644 index a206a02d..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-deployment.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.wso2.deployment.am.gateway.replicas }} - strategy: - rollingUpdate: - maxSurge: {{ .Values.wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge }} - maxUnavailable: {{ .Values.wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable }} - type: RollingUpdate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/gateway/wso2am-pattern-2-am-gateway-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - spec: - initContainers: - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - - name: init-apim-1 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager instance one deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-1-service 9611; do sleep 1; printf "-"; done; echo -e " >> API Manager instance one has started";'] - - name: init-apim-2 - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager instance two deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-2-service 9611; do sleep 1; printf "-"; done; echo -e " >> API Manager instance two has started";'] - containers: - - name: wso2am-gateway -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 8 }} - env: - - name: PROFILE_NAME - value: gateway-worker - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 8243 - initialDelaySeconds: {{ .Values.wso2.deployment.am.gateway.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.gateway.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 8243 - initialDelaySeconds: {{ .Values.wso2.deployment.am.gateway.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.gateway.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 8280 - protocol: TCP - - containerPort: 8243 - protocol: TCP - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-gateway-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/synapse-configs - - name: wso2am-gateway-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-gateway-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - - name: wso2am-gateway-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-conf diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml deleted file mode 100644 index 4b39c96e..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway - ports: - # ports that this service should serve on - - - name: pass-through-http - protocol: TCP - port: 8280 - - - name: pass-through-https - protocol: TCP - port: 8243 - - - name: servlet-http - protocol: TCP - port: 9763 - - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml b/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml deleted file mode 100644 index 4bdec299..00000000 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-volume-claim.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml b/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml deleted file mode 100644 index 4f13e8cf..00000000 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-conf.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.km.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.km.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ template "am-pattern-2.resource.prefix" . }}-km" - node_ip = "$env{NODE_IP}" - server_role = "api-key-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml b/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml deleted file mode 100644 index c2005137..00000000 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-km-service -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - sessionAffinity: ClientIP - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml b/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml deleted file mode 100644 index 9f6bb26c..00000000 --- a/advanced/am-pattern-2/templates/am/km/wso2am-pattern-2-am-km-statefulset.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-statefulset - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - replicas: {{ .Values.wso2.deployment.am.km.replicas }} - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-km-service - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/km/wso2am-pattern-2-am-km-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-km - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - containers: - - name: wso2am-km -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: api-key-manager - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.km.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.km.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.km.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.km.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-km-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-km-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-km-conf - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml deleted file mode 100644 index 7155ec70..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml +++ /dev/null @@ -1,313 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - #offset=0 - mode = "single" #single or ha - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Production and Sandbox" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://localhost:9099" - wss_endpoint = "wss://localhost:8099" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - [apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - revoke_endpoint = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] - allow_credentials = false - - [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 443 - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml deleted file mode 100644 index 748dae1e..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-deployment.yaml +++ /dev/null @@ -1,156 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 - template: - metadata: - annotations: - checksum.am.conf: {{ include (print $.Template.BasePath "/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 - spec: - initContainers: - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - containers: - - name: wso2am -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - - containerPort: 9711 - protocol: "TCP" - - containerPort: 9611 - protocol: "TCP" - - containerPort: 5672 - protocol: "TCP" - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xmx }}" - volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-solr-indexed-data-storage - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-1-local-carbon-database-volume-claim - - name: wso2am-solr-indexed-data-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-1-solr-indexed-data-volume-claim - - name: wso2am-conf-entrypoint - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint - defaultMode: 0407 - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml deleted file mode 100644 index d1cd0de3..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-1/wso2am-pattern-2-am-service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-1 - ports: - # ports that this service should serve on - - name: binary - protocol: TCP - port: 9611 - - name: binary-secure - protocol: TCP - port: 9711 - - name: jms-tcp - protocol: TCP - port: 5672 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml deleted file mode 100644 index acdde69e..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml +++ /dev/null @@ -1,313 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - #offset=0 - mode = "single" #single or ha - base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" - #discard_empty_caches = false - server_role = "default" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [user_store] - type = "database_unique_id" - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - #[keystore.primary] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - #[keystore.internal] - #file_name = "wso2carbon.jks" - #type = "JKS" - #password = "wso2carbon" - #alias = "wso2carbon" - #key_password = "wso2carbon" - - [[apim.gateway.environment]] - name = "Production and Sandbox" - type = "hybrid" - display_in_api_console = true - description = "This is a hybrid gateway that handles both production and sandbox token traffic." - show_as_token_endpoint_url = true - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint = "ws://localhost:9099" - wss_endpoint = "wss://localhost:8099" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - - #[apim.cache.gateway_token] - #enable = true - #expiry_time = "900s" - - #[apim.cache.resource] - #enable = true - #expiry_time = "900s" - - #[apim.cache.km_token] - #enable = false - #expiry_time = "15m" - - #[apim.cache.recent_apis] - #enable = false - - #[apim.cache.scopes] - #enable = true - - #[apim.cache.publisher_roles] - #enable = true - - #[apim.cache.jwt_claim] - #enable = true - #expiry_time = "15m" - - #[apim.cache.tags] - #expiry_time = "2m" - - [apim.analytics] - enable = true - store_api_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service:7444" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #event_publisher_type = "default" - #event_publisher_impl = "org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher" - #publish_response_size = true - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - #[[apim.analytics.url_group]] - #analytics_url =["tcp://analytics1:7612","tcp://analytics2:7612"] - #analytics_auth_url =["ssl://analytics1:7712","ssl://analytics2:7712"] - #type = "failover" - - [apim.key_manager] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #pool.init_idle_capacity = 50 - #pool.max_idle = 100 - #key_validation_handler_type = "default" - #key_validation_handler_type = "custom" - #key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" - - #[apim.idp] - #server_url = "https://localhost:${mgt.transport.https.port}" - #authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" - #oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" - #oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" - - #[apim.jwt] - #enable = true - #encoding = "base64" # base64,base64url - #generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" - #claim_dialect = "http://wso2.org/claims" - #convert_dialect = false - #header = "X-JWT-Assertion" - #signing_algorithm = "SHA256withRSA" - #enable_user_claims = true - #claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" - - [apim.oauth_config] - #enable_outbound_auth_header = false - #auth_header = "Authorization" - revoke_endpoint = "https://{{ template "am-pattern-2.resource.prefix" . }}-km-service:${mgt.transport.https.port}/revoke" - #enable_token_encryption = false - #enable_token_hashing = false - - [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }}/devportal" - #enable_application_sharing = false - #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl - #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" - #display_multiple_versions = false - #display_deprecated_apis = false - #enable_comments = true - #enable_ratings = true - #enable_forum = true - #enable_anonymous_mode=true - - [apim.cors] - allow_origins = "*" - allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] - allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey", "testKey"] - allow_credentials = false - - [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672"] - service_url = "https://{{ template "am-pattern-2.resource.prefix" . }}-am-service:${mgt.transport.https.port}/services/" - #enable_data_publishing = true - #enable_policy_deploy = true - #enable_blacklist_condition = true - #enable_persistence = true - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:5672","tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:5672"] - - #[apim.throttling.blacklist_condition] - #start_delay = "5m" - #period = "1h" - - #[apim.throttling.jms] - #start_delay = "5m" - - #[apim.throttling.event_sync] - #hostName = "0.0.0.0" - #port = 11224 - - #[apim.throttling.event_management] - #hostName = "0.0.0.0" - #port = 10005 - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - type = "loadbalance" - - #[apim.workflow] - #enable = false - #service_url = "https://localhost:9445/bpmn" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" - #callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" - #token_endpoint = "https://localhost:${https.nio.port}/token" - #client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" - #client_registration_username = "$ref{super_admin.username}" - #client_registration_password = "$ref{super_admin.password}" - - #data bridge config - #[transport.receiver] - #type = "binary" - #worker_threads = 10 - #session_timeout = "30m" - #keystore.file_name = "$ref{keystore.tls.file_name}" - #keystore.password = "$ref{keystore.tls.password}" - #tcp_port = 9611 - #ssl_port = 9711 - #ssl_receiver_thread_pool_size = 100 - #tcp_receiver_thread_pool_size = 100 - #ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] - #ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] - - #[apim.notification] - #from_address = "APIM.com" - #username = "APIM" - #password = "APIM+123" - #hostname = "localhost" - #port = 3025 - #enable_start_tls = false - #enable_authentication = true - - #[apim.token.revocation] - #notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" - #enable_realtime_notifier = true - #realtime_notifier.ttl = 5000 - #enable_persistent_notifier = true - #persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" - #persistent_notifier.ttl = 5000 - #persistent_notifier.username = "root" - #persistent_notifier.password = "root" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [service_provider] - sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [transport.https.properties] - proxyPort = 443 - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-2.resource.prefix" . }}-am-2-service:9711"] - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml deleted file mode 100644 index 8abd064c..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-deployment.yaml +++ /dev/null @@ -1,156 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 - template: - metadata: - annotations: - checksum.am.conf: {{ include (print $.Template.BasePath "/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 - spec: - initContainers: - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of MySQL Server deployment"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{ end }} - - name: init-am-analytics-worker - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-2.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - containers: - - name: wso2am -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.pubDevPortalTM.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.pubDevPortalTM.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - - containerPort: 9711 - protocol: "TCP" - - containerPort: 9611 - protocol: "TCP" - - containerPort: 5672 - protocol: "TCP" - env: - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.pubDevPortalTM.resources.jvm.heap.memory.xmx }}" - volumeMounts: - - name: wso2am-executionplans-storage - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-solr-indexed-data-storage - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-executionplans-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - - name: wso2am-conf - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-2-local-carbon-database-volume-claim - - name: wso2am-solr-indexed-data-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-2.resource.prefix" . }}-am-2-solr-indexed-data-volume-claim - - name: wso2am-conf-entrypoint - configMap: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint - defaultMode: 0407 - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml deleted file mode 100644 index 1eb4743d..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/instance-2/wso2am-pattern-2-am-service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - node: {{ template "am-pattern-2.resource.prefix" . }}-am-2 - ports: - # ports that this service should serve on - - name: binary - protocol: TCP - port: 9611 - - name: binary-secure - protocol: TCP - port: 9711 - - name: jms-tcp - protocol: TCP - port: 5672 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml deleted file mode 100644 index 58a3d053..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-conf-entrypoint.yaml +++ /dev/null @@ -1,89 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # Copying carbon_db - if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db - then - echo "Copying WSO2CARBON_DB.mv.db" >&2 - cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ - fi - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi - - {{ end }} diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml deleted file mode 100644 index 34079adf..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-ingress - namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.pubDevPortalTM.ingress.annotations }} - annotations: -{{ toYaml .Values.wso2.deployment.am.pubDevPortalTM.ingress.annotations | indent 4 }} -{{- end }} -spec: - tls: - - hosts: - - {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} - rules: - - host: {{ .Values.wso2.deployment.am.pubDevPortalTM.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-service - servicePort: 9443 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml deleted file mode 100644 index 624c1c8e..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-2.resource.prefix" . }}-am - ports: - # ports that this service should serve on - - name: servlet-http - protocol: TCP - port: 9763 - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml b/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml deleted file mode 100644 index bf4a05b8..00000000 --- a/advanced/am-pattern-2/templates/am/pub-devportal-tm/wso2am-pattern-2-am-volume-claims.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-1-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-2-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - {{ end }} diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml new file mode 100644 index 00000000..e89d7f66 --- /dev/null +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml @@ -0,0 +1,94 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-2.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 + template: + metadata: + labels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 + spec: + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-2.resource.prefix" . }}-mi-wso2-private-registry-creds + {{ end }} diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml new file mode 100644 index 00000000..cad50efd --- /dev/null +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-service + namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 +{{ include "am-pattern-2.labels" . | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8290 + targetPort: 8290 + protocol: TCP + name: pass-through-http + - port: 8253 + targetPort: 8253 + protocol: TCP + name: pass-through-https + - port: 9201 + targetPort: 9201 + protocol: TCP + name: metrics + - port: 9164 + targetPort: 9164 + protocol: TCP + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 + protocol: TCP + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi + node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 diff --git a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml b/advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml similarity index 51% rename from advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml rename to advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml index 01c349b9..76ddefec 100644 --- a/advanced/am-pattern-2/templates/am/gateway/wso2am-pattern-2-am-gateway-ingress.yaml +++ b/advanced/am-pattern-2/templates/mi/wso2am-pattern-2-mi-management-ingress.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,21 +15,21 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-ingress + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-management-ingress namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.gateway.ingress.annotations }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} annotations: -{{ toYaml .Values.wso2.deployment.am.gateway.ingress.annotations | indent 4 }} +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} {{- end }} spec: tls: - - hosts: - - {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} + - hosts: + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} rules: - - host: {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-2.resource.prefix" . }}-am-gateway-service - servicePort: 8243 + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-service + servicePort: 9164 diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml index 1872c2df..b354d7ed 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml +++ b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml @@ -16,13 +16,13 @@ {{- $username := .Values.wso2.subscription.username }} {{- $password := .Values.wso2.subscription.password }} {{- $email := .Values.wso2.subscription.username }} -{{- $regId := default "docker.wso2.com" .Values.wso2.dockerRegistry }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} {{- $auth := printf "%s:%s" $username $password | b64enc }} {{- $files := .Files }} apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-wso2-private-registry-creds + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml deleted file mode 100644 index ab2a50fa..00000000 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-service-account.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.kubernetes.serviceAccount }} - namespace : {{ .Values.namespace }} diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index 5f89ebb0..ca59836c 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,172 +17,129 @@ wso2: # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) # for this deployment subscription: - username: "" - password: "" + username: "sajithal@wso2.com" + password: "Sajicapn@sv123@#" deployment: - dependencies: - # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster - mysql: true - # Enable NFS dynamic provisioner for Kubernetes - nfsServerProvisioner: true - - # Persisted and shared runtime artifacts for API Manager - # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) - persistentRuntimeArtifacts: - # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes - # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) - # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) - storageClass: &storage_class "nfs" - - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - - # Persistent runtime artifacts for Apache Solr-based indexing - apacheSolrIndexing: - # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled - # By default, this is disabled - enabled: false - # Define capacities for persistent runtime artifact directories - capacity: - # For persisting the H2 based local Carbon database file - carbonDatabase: 50M - # For persisting the indexed data - solrIndexedData: 50M - - am: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. # dockerRegistry: "" - imageName: "wso2am" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator resources: - # These are the resource recommendations for running WSO2 API Management product profiles with profile optimization - # Resource configurations defined here are applicable for Gateway and Key Manager profile deployments, which use profile optimization requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod cpu: "1000m" - limits: - memory: "2Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "512m" - # Maximum Heap size - xmx: "512m" - - # API Manager's Gateway specific configurations - gateway: - # Indicates whether the container is running - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - # Number of deployment replicas - replicas: 2 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods - maxSurge: 2 - # The maximum number of pods that can be unavailable during the update - maxUnavailable: 0 - - # If the deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> gateway -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false - # Configure Ingress - ingress: - # Hostname for Gateway profile - hostname: "gateway.am.wso2.com" - # Annotations for the API Manager Gateway service Ingress + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "tenant2.management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - # API Manager's Key Manager specific configurations - km: - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - # Indicates whether the container is ready to service requests - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 60 - # How often (in seconds) to perform the probe - periodSeconds: 10 - - # Number of deployment replicas - replicas: 2 - - # If the deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> km -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) +kubernetes: + # Name of Kubernetes service account + serviceAccount: &service_account "wso2am-pattern-2-svc-account" + +am-pattern-1: + wso2: + # WSO2 Subscription parameters (https://wso2.com/subscription/) + # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) + # for this deployment + subscription: + username: "sajithal@wso2.com" + password: "Sajicapn@sv123@#" + + deployment: + dependencies: + # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster + mysql: true + # Enable NFS dynamic provisioner for Kubernetes + nfsServerProvisioner: true + + # Persisted and shared runtime artifacts for API Manager + # See official documentation (from https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/common-runtime-and-configuration-artifacts/#persistent-runtime-artifacts) + persistentRuntimeArtifacts: + # Kubernetes Storage Class to be used to dynamically provision the relevant Persistent Volumes + # Only persistent storage solutions supporting ReadWriteMany access mode are applicable (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) + storageClass: &storage_class "nfs" + + # Persistent runtime artifacts for Apache Solr-based indexing + apacheSolrIndexing: + # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled + # By default, this is disabled + enabled: false + # Define capacities for persistent runtime artifact directories + capacity: + # For persisting the H2 based local Carbon database file + carbonDatabase: 50M + # For persisting the indexed data + solrIndexedData: 50M + + am: + # Container image configurations + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value + # dockerRegistry: "" + imageName: "wso2am" + imageTag: "4.0.0" + # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) + imagePullPolicy: Always - pubDevPortalTM: # Indicates whether the container is running livenessProbe: # Number of seconds after the container has started before liveness probes are initiated initialDelaySeconds: 180 # How often (in seconds) to perform the probe periodSeconds: 10 - # Indicates whether the container is ready to service requests + # Indicates whether the container is ready to service requests readinessProbe: # Number of seconds after the container has started before readiness probes are initiated initialDelaySeconds: 180 # How often (in seconds) to perform the probe periodSeconds: 10 - # If the deployment configurations for the Publisher-Store-TM of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> pubDevPortalTM -> instanceTwo -> config -> deployment.toml) -# config: "" -# deployment.toml: |- -# # deployment configurations for All-In-One WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # Configure Ingress - ingress: - # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal - hostname: "am.wso2.com" - # Annotations for the API Manager Publisher-DevPortal services Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - resources: - # These are the resource recommendations for running WSO2 API Management All-In-One deployment + # These are the minimum resource recommendations for running WSO2 API Management product profiles # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) requests: memory: "2Gi" @@ -202,138 +159,154 @@ wso2: # Maximum Heap size xmx: "1024m" - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), + # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) + # config: "" + # deployment.toml: |- + # # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) + # Configure Ingresses + ingress: + management: + # Hostname for API Manager Carbon Management Console, Publisher, DevPortal and Admin Portal + hostname: "am.wso2.com" + # Annotations for the API Manager Publisher-DevPortal services Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/session-cookie-name: "route" + nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" + gateway: + # Hostname for Gateway profile + hostname: "gateway.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + websub: + hostname: "websub.am.wso2.com" + # Annotations for the API Manager WebSub service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations + replicas: 2 strategy: rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods + # The maximum number of pods that can be scheduled above the desired number of pods. maxSurge: 1 - # The maximum number of pods that can be unavailable during the update + # The maximum number of pods that can be unavailable during the update. maxUnavailable: 0 - - # Indicates whether the container is running + # Indicates whether the container is running. livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. periodSeconds: 10 - # Indicates whether the container is ready to service requests + # Indicates whether the container is ready to service requests. readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. periodSeconds: 10 - - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) - + # These are the minimum resource recommendations for running WSO2 Micro Integrator resources: - # These are the resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - - # Configure Ingress + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false + + # Configure Ingresses ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - - worker: - # Container image configurations + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "tenant1.management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + mi2: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 # Indicates whether the container is running. livenessProbe: # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 + initialDelaySeconds: 35 # How often (in seconds) to perform the probe. periodSeconds: 10 # Indicates whether the container is ready to service requests. readinessProbe: # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 + initialDelaySeconds: 35 # How often (in seconds) to perform the probe. periodSeconds: 10 - - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) - + # These are the minimum resource recommendations for running WSO2 Micro Integrator resources: - # These are the resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - -kubernetes: - # Name of Kubernetes service account - serviceAccount: "wso2am-pattern-2-svc-account" - -# Override sub chart parameters -mysql-am: - mysql: - persistence: - storageClass: *storage_class + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false + + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "tenant2.management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + + kubernetes: + # Name of Kubernetes service account + serviceAccount: *service_account + + # Override sub chart parameters + mysql-am: + mysql: + persistence: + storageClass: *storage_class From 4ec1f4621d9bd40ebec3ea78288b5e0229e4bd30 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 09:56:01 +0530 Subject: [PATCH 11/34] Remove old profiles from pattern-3 --- ...2am-pattern-3-am-devportal-deployment.yaml | 148 ---------------- ...2am-pattern-3-am-devportal-deployment.yaml | 148 ---------------- ...attern-3-am-devportal-conf-entrypoint.yaml | 89 ---------- .../wso2am-pattern-3-am-devportal-conf.yaml | 163 ------------------ ...wso2am-pattern-3-am-devportal-ingress.yaml | 35 ---- ...wso2am-pattern-3-am-devportal-service.yaml | 28 --- ...-pattern-3-am-devportal-volume-claims.yaml | 75 -------- .../am/km/wso2am-pattern-3-am-km-conf.yaml | 110 ------------ .../am/km/wso2am-pattern-3-am-km-service.yaml | 28 --- .../wso2am-pattern-3-am-km-statefulset.yaml | 122 ------------- ...2am-pattern-3-am-publisher-deployment.yaml | 148 ---------------- ...2am-pattern-3-am-publisher-deployment.yaml | 148 ---------------- ...attern-3-am-publisher-conf-entrypoint.yaml | 89 ---------- .../wso2am-pattern-3-am-publisher-conf.yaml | 160 ----------------- ...wso2am-pattern-3-am-publisher-ingress.yaml | 35 ---- ...wso2am-pattern-3-am-publisher-service.yaml | 28 --- ...-pattern-3-am-publisher-volume-claims.yaml | 76 -------- ...so2am-pattern-3-am-tm-conf-entrypoint.yaml | 90 ---------- .../am/tm/wso2am-pattern-3-am-tm-conf.yaml | 81 --------- ...o2am-pattern-3-am-tm-headless-service.yaml | 38 ---- .../am/tm/wso2am-pattern-3-am-tm-service.yaml | 29 ---- .../wso2am-pattern-3-am-tm-statefulset.yaml | 139 --------------- .../wso2am-pattern-3-am-tm-volume-claim.yaml | 26 --- 23 files changed, 2033 deletions(-) delete mode 100644 advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml delete mode 100644 advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml delete mode 100644 advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml diff --git a/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml b/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml deleted file mode 100644 index 4fb6d516..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/instance-1/wso2am-pattern-3-am-devportal-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - template: - metadata: - annotations: - checksum.am.devportal.conf: {{ include (print $.Template.BasePath "/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-devportal -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-devportal - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-devportal-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-devportal-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-devportal-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-devportal-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint - defaultMode: 0407 - - name: wso2am-devportal-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-local-carbon-database-volume-claim - - name: wso2am-devportal-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml b/advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml deleted file mode 100644 index 131e24cd..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/instance-2/wso2am-pattern-3-am-devportal-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - template: - metadata: - annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-devportal -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-devportal - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-devportal-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-devportal-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-devportal-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-devportal-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-devportal-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint - defaultMode: 0407 - - name: wso2am-devportal-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-local-carbon-database-volume-claim - - name: wso2am-devportal-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml deleted file mode 100644 index d75257e1..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf-entrypoint.yaml +++ /dev/null @@ -1,89 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # Copying carbon_db - if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db - then - echo "Copying WSO2CARBON_DB.mv.db" >&2 - cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ - fi - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml deleted file mode 100644 index 3501078c..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-conf.yaml +++ /dev/null @@ -1,163 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.devportal.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.devportal.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role="api-devportal" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.gateway.environment]] - name= "Production and Sandbox" - type= "hybrid" - display_in_api_console= true - description= "This is a hybrid gateway that handles both production and sandbox token traffic." - service_url= "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" - username= "${admin.username}" - password= "${admin.password}" - ws_endpoint= "ws://api.gw.wso2.com:9099" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - show_as_token_endpoint_url = true - - [apim.analytics] - enable = "true" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - [apim.cache.recent_apis] - enable = false - - [apim.cache.scopes] - enable = true - - [apim.cache.tags] - expiry_time = 120000 - - [apim.devportal] - enable_application_sharing = true - application_sharing_type = "default" #changed to type, saml, default - #application_sharing_impl = "org.wso2.carbon.apimgt.impl.DefaultGroupIDExtractorImpl" - display_multiple_versions = false - display_deprecated_apis = false - enable_comments = true - enable_ratings = true - enable_forum = true - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - # Traffic Manager configurations - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [transport.https.properties] - proxyPort = 443 - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml deleted file mode 100644 index 4cfe2bc4..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-ingress - namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.devportal.ingress.annotations }} - annotations: -{{ toYaml .Values.wso2.deployment.am.devportal.ingress.annotations | indent 4 }} -{{- end }} -spec: - tls: - - hosts: - - {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} - rules: - - host: {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service - servicePort: 9443 diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml deleted file mode 100644 index 73dda963..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml b/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml deleted file mode 100644 index d92ff7fb..00000000 --- a/advanced/am-pattern-3/templates/am/devportal/wso2am-pattern-3-am-devportal-volume-claims.yaml +++ /dev/null @@ -1,75 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-1-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-2-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml b/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml deleted file mode 100644 index 561287d9..00000000 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-conf.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-conf - namespace : {{ .Release.Namespace }} - {{ if .Values.wso2.deployment.am.km.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.km.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{ else }} -data: - deployment.toml: |- - [server] - hostname = "{{ template "am-pattern-3.resource.prefix" . }}-km" - node_ip = "$env{NODE_IP}" - server_role = "api-key-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[event_handler]] - name="userPostSelfRegistration" - subscriptions=["POST_ADD_USER"] - - [[event_listener]] - id = "token_revocation" - type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" - name = "org.wso2.is.notification.ApimOauthEventInterceptor" - order = 1 - [event_listener.properties] - notification_endpoint = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/internal/data/v1/notify" - username = "${admin.username}" - password = "${admin.password}" - 'header.X-WSO2-KEY-MANAGER' = "default" - - [apim.throttling] - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml b/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml deleted file mode 100644 index f9e7f4c2..00000000 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-km-service -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - sessionAffinity: ClientIP - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml b/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml deleted file mode 100644 index e71e243a..00000000 --- a/advanced/am-pattern-3/templates/am/km/wso2am-pattern-3-am-km-statefulset.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-statefulset - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - replicas: {{ .Values.wso2.deployment.am.km.replicas }} - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-km-service - template: - metadata: - annotations: - checksum.am.km.conf: {{ include (print $.Template.BasePath "/am/km/wso2am-pattern-3-am-km-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-km - spec: - {{ if .Values.wso2.deployment.dependencies.mysql }} - initContainers: - - name: init-mysql-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> MySQL Server has started";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - containers: - - name: wso2am-km -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: api-key-manager - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9763 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-km-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf/deployment.toml - subPath: deployment.toml - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-km-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-km-conf - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml b/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml deleted file mode 100644 index 13866eb9..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/instance-1/wso2am-pattern-3-am-publisher-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - template: - metadata: - annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-publisher -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-publisher - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-publisher-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-publisher-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-publisher-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-publisher-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - defaultMode: 0407 - - name: wso2am-publisher-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-local-carbon-database-volume-claim - - name: wso2am-publisher-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml b/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml deleted file mode 100644 index b31d7b5b..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/instance-2/wso2am-pattern-3-am-publisher-deployment.yaml +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-deployment - namespace: {{ .Release.Namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - template: - metadata: - annotations: - checksum.am.publisher.conf: {{ include (print $.Template.BasePath "/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-apim-analytics - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of WSO2 API Manager Analytics Worker deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service 7712; do sleep 1; printf "-"; done; echo -e " >> WSO2 API Manager Analytics Worker has started";'] - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-publisher -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9443 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - ports: - - containerPort: 9763 - protocol: "TCP" - - containerPort: 9443 - protocol: "TCP" - env: - - name: PROFILE_NAME - value: api-publisher - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - securityContext: - runAsUser: 802 - volumeMounts: - - name: wso2am-publisher-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-local-carbon-database-storage - mountPath: /home/wso2carbon/solr/database - - name: wso2am-publisher-indexed-data-volume - mountPath: /home/wso2carbon/solr/indexed-data - - name: wso2am-publisher-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{- end }} - volumes: - - name: wso2am-publisher-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - - name: wso2am-publisher-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - defaultMode: 0407 - - name: wso2am-publisher-local-carbon-database-storage - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-local-carbon-database-volume-claim - - name: wso2am-publisher-indexed-data-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-solr-indexed-data-volume-claim - {{ end }} - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml deleted file mode 100644 index b70ac005..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf-entrypoint.yaml +++ /dev/null @@ -1,89 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # Copying carbon_db - if ! test -f /home/wso2carbon/solr/database/WSO2CARBON_DB.mv.db - then - echo "Copying WSO2CARBON_DB.mv.db" >&2 - cp ${WSO2_SERVER_HOME}/repository/database/WSO2CARBON_DB.mv.db /home/wso2carbon/solr/database/ - fi - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml deleted file mode 100644 index dea69af3..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-conf.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.am.publisher.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.publisher.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} -data: - deployment.toml: |- - [server] - hostname = "{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}" - node_ip = "$env{NODE_IP}" - server_role = "api-publisher" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - [[apim.gateway.environment]] - name= "Production and Sandbox" - type= "hybrid" - display_in_api_console= true - description= "This is a hybrid gateway that handles both production and sandbox token traffic." - service_url= "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/" - username= "${admin.username}" - password= "${admin.password}" - http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [apim.analytics] - enable = "true" - store_api_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-service:7444" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - - [[apim.analytics.url_group]] - analytics_url =["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7612"] - analytics_auth_url =["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712","ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-analytics-worker-headless-service:7712"] - type = "failover" - - # Traffic Manager configurations - [apim.throttling] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:${mgt.transport.https.port}/services/" - username= "$ref{super_admin.username}" - password= "$ref{super_admin.password}" - throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [[apim.throttling.url_group]] - traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - type = "loadbalance" - - [apim.cache.scopes] - enable = true - - [apim.cache.publisher_roles] #check the usage and move to dev role - enable = true - - [apim.devportal] - url = "https://{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}/devportal" - - [apim.workflow] - enable = false - service_url = "https://localhost:9445/bpmn" - username = "$ref{super_admin.username}" - password = "$ref{super_admin.password}" - callback_endpoint = "https://localhost:9443/api/am/publisher/v0.16/workflows/update-workflow-status" - token_endpoint = "https://localhost:8243/token" - client_registration_endpoint = "https://localhost:9443/client-registration/v0.17/register" - client_registration_username = "$ref{super_admin.username}" - client_registration_password = "$ref{super_admin.password}" - - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-0.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-1.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:9711"] - - [transport.https.properties] - proxyPort = 443 - - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - [database.local] - url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - - [indexing] - location = "/home/wso2carbon/solr/indexed-data" - {{ else }} - [database.local] - url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" - {{ end }} - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml deleted file mode 100644 index 85df644f..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-ingress - namespace : {{ .Release.Namespace }} -{{- if .Values.wso2.deployment.am.publisher.ingress.annotations }} - annotations: -{{ toYaml .Values.wso2.deployment.am.publisher.ingress.annotations | indent 4 }} -{{- end }} -spec: - tls: - - hosts: - - {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} - rules: - - host: {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service - servicePort: 9443 diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml deleted file mode 100644 index 31c66c50..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-service - namespace : {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher - ports: - # ports that this service should serve on - - name: servlet-https - protocol: TCP - port: 9443 diff --git a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml b/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml deleted file mode 100644 index 2fe40a73..00000000 --- a/advanced/am-pattern-3/templates/am/publisher/wso2am-pattern-3-am-publisher-volume-claims.yaml +++ /dev/null @@ -1,76 +0,0 @@ - {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} - -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-1-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-local-carbon-database-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-2-solr-indexed-data-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.solrIndexedData }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} - - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml deleted file mode 100644 index 45f8e3a0..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf-entrypoint.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf-entrypoint - namespace: {{ .Release.Namespace }} -data: - docker-entrypoint.sh: | - #!/bin/bash - set -e - - # volume mounts - config_volume=${WORKING_DIRECTORY}/wso2-config-volume - artifact_volume=${WORKING_DIRECTORY}/wso2-artifact-volume - # home of the directories to be artifact synced within the WSO2 product home - deployment_volume=${WSO2_SERVER_HOME}/repository/deployment/server - # home of the directories with preserved, default deployment artifacts - original_deployment_artifacts=${WORKING_DIRECTORY}/wso2-tmp - # statefulset array index of the Traffic Manager node - index=${HOSTNAME##*-} - - # check if the WSO2 non-root user home exists - test ! -d ${WORKING_DIRECTORY} && echo "WSO2 Docker non-root user home does not exist" && exit 1 - - # check if the WSO2 product home exists - test ! -d ${WSO2_SERVER_HOME} && echo "WSO2 Docker product home does not exist" && exit 1 - - # shared artifact directories - directories=("executionplans" "synapse-configs") - # if the original directory locations of artifacts to be synced between nodes are empty, - # copy the preserved, default content of these folders to these original locations - for shared_directory in ${directories[@]}; do - if test -d ${original_deployment_artifacts}/${shared_directory}; - then - if [[ -z "$(ls -A ${deployment_volume}/${shared_directory})" ]]; then - if ! cp -R ${original_deployment_artifacts}/${shared_directory}/* ${deployment_volume}/${shared_directory}; - then - echo "Failed to copy the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - exit 1 - fi - echo "Successfully copied the preserved, default artifacts to original location (${deployment_volume}/${shared_directory})" - fi - fi - done - - # optimize WSO2 Carbon Server, if the profile name is defined as an environment variable - if [[ ! -z "${PROFILE_NAME}" ]] - then - echo "Optimizing WSO2 Carbon Server" >&2 - sh ${WSO2_SERVER_HOME}/bin/profileSetup.sh -Dprofile=${PROFILE_NAME} - fi - - # copy any configuration changes mounted to config_volume - test -d ${config_volume} && [[ "$(ls -A ${config_volume})" ]] && cp -RL ${config_volume}/* ${WSO2_SERVER_HOME}/ - # copy any artifact changes mounted to artifact_volume - test -d ${artifact_volume} && [[ "$(ls -A ${artifact_volume})" ]] && cp -RL ${artifact_volume}/* ${WSO2_SERVER_HOME}/ - - # override the event duplicate URL based on the instance index - if [ "${index}" = "0" ]; then - sed -ir "s/TM_INDEX/1/g" ${WSO2_SERVER_HOME}/repository/conf/deployment.toml - elif [ "${index}" = "1" ]; then - sed -ir "s/TM_INDEX/0/g" ${WSO2_SERVER_HOME}/repository/conf/deployment.toml - else - echo "Invalid Traffic Manager index" - exit 1 - fi - - # start WSO2 Carbon server - echo "Start WSO2 Carbon server" >&2 - if [[ -z "${PROFILE_NAME}" ]] - then - # start the server with the provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh "$@" - else - # start the server with the specified profile and provided startup arguments - sh ${WSO2_SERVER_HOME}/bin/wso2server.sh -Dprofile=${PROFILE_NAME} "$@" - fi diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml deleted file mode 100644 index b0c5e998..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-conf.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf - namespace : {{ .Release.Namespace }} - {{- if .Values.wso2.deployment.am.tm.config }} -data: - {{- range $index, $content := .Values.wso2.deployment.am.tm.config }} - {{ $index }}: |- - {{ tpl $content $ | indent 4 }} - {{- end }} - - {{- else }} - -data: - deployment.toml: |- - [server] - #hostname = "{{ template "am-pattern-3.resource.prefix" . }}-tm" - node_ip = "$env{NODE_IP}" - server_role = "traffic-manager" - - [user_store] - type = "database_unique_id" - - [super_admin] - username = "admin" - password = "admin" - create_admin_account = true - - [database.apim_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [database.shared_db] - type = "mysql" - url = "jdbc:mysql://wso2am-mysql-db-service:3306/WSO2AM_SHARED_DB?useSSL=false&autoReconnect=true&requireSSL=false&verifyServerCertificate=false" - username = "wso2carbon" - password = "wso2carbon" - driver = "com.mysql.cj.jdbc.Driver" - - [keystore.tls] - file_name = "wso2carbon.jks" - type = "JKS" - password = "wso2carbon" - alias = "wso2carbon" - key_password = "wso2carbon" - - [truststore] - file_name = "client-truststore.jks" - type = "JKS" - password = "wso2carbon" - - # key manager implementation - [apim.key_manager] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:9443/services/" - - [apim.oauth_config] - revoke_endpoint = "https://{{ template "am-pattern-3.resource.prefix" . }}-km-service:9443/oauth2/revoke" - enable_token_encryption = false - enable_token_hashing = false - - [apim.throttling] - event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset-TM_INDEX.{{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service:5672"] - {{- end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml deleted file mode 100644 index 44041d3b..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-headless-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service - namespace: {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - clusterIP: None - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - ports: - # ports that this service should serve on - - name: binary - port: 9611 - protocol: TCP - targetPort: 9611 - - name: binary-secure - port: 9711 - protocol: TCP - targetPort: 9711 - - name: jms-tcp - port: 5672 - protocol: TCP - targetPort: 5672 diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml deleted file mode 100644 index 626836c0..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-service.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-service - namespace: {{ .Release.Namespace }} -spec: - # label keys and values that must match in order to receive traffic for this service - selector: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - ports: - # ports that this service should serve on - - name: service - port: 9443 - protocol: TCP - targetPort: 9443 diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml deleted file mode 100644 index 9cbef179..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-statefulset.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-statefulset - namespace: {{ .Release.Namespace }} -spec: - replicas: 2 - selector: - matchLabels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-headless-service - template: - metadata: - annotations: - checksum.am.tm.conf: {{ include (print $.Template.BasePath "/am/tm/wso2am-pattern-3-am-tm-conf.yaml") . | sha256sum }} - labels: - deployment: {{ template "am-pattern-3.resource.prefix" . }}-am-tm - spec: - initContainers: - {{- if .Values.wso2.deployment.dependencies.mysql }} - - name: init-apim-db - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of DBMS service"; while ! nc -z "wso2am-mysql-db-service" 3306; do sleep 1; printf "-"; done; echo -e " >> DBMS service is available";'] - - name: init-mysql-connector-download - image: busybox:1.32 - command: - - /bin/sh - - "-c" - - | - set -e - connector_version=8.0.17 - wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/${connector_version}/mysql-connector-java-${connector_version}.jar -P /mysql-connector-jar/ - volumeMounts: - - name: mysql-connector-jar - mountPath: /mysql-connector-jar - {{- end }} - - name: init-km - image: busybox:1.32 - command: ['sh', '-c', 'echo -e "Checking for the availability of Key Manager deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-km-service 9443; do sleep 1; printf "-"; done; echo -e " >> Key Manager has started";'] - containers: - - name: wso2am-tm -{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }} - imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }} - env: - - name: PROFILE_NAME - value: "traffic-manager" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: JVM_MEM_OPTS - value: "-Xms{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xms }} -Xmx{{ .Values.wso2.deployment.am.resources.jvm.heap.memory.xmx }}" - livenessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9611 - initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/sh - - -c - - nc -z localhost 9611 - initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ['sh', '-c', '${WSO2_SERVER_HOME}/bin/wso2server.sh stop'] - resources: - requests: - memory: {{ .Values.wso2.deployment.am.resources.requests.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.requests.cpu }} - limits: - memory: {{ .Values.wso2.deployment.am.resources.limits.memory }} - cpu: {{ .Values.wso2.deployment.am.resources.limits.cpu }} - securityContext: - runAsUser: 802 - ports: - - containerPort: 9611 - protocol: TCP - - containerPort: 9711 - protocol: TCP - - containerPort: 5672 - protocol: TCP - - containerPort: 9443 - protocol: TCP - volumeMounts: - - name: wso2am-tm-shared-storage-volume - mountPath: /home/wso2carbon/wso2am-3.2.0/repository/deployment/server/executionplans - - name: wso2am-tm-conf - mountPath: /home/wso2carbon/wso2-config-volume/repository/conf - - name: wso2am-tm-conf-entrypoint - mountPath: /home/wso2carbon/docker-entrypoint.sh - subPath: docker-entrypoint.sh - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - mountPath: /home/wso2carbon/wso2-artifact-volume/repository/components/dropins - {{ end }} - serviceAccountName: {{ .Values.kubernetes.serviceAccount }} - {{- if .Values.wso2.deployment.am.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.wso2.deployment.am.imagePullSecrets }} - {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} - imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-wso2-private-registry-creds - {{ end }} - volumes: - - name: wso2am-tm-shared-storage-volume - persistentVolumeClaim: - claimName: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-shared-executionplans-volume-claim - - name: wso2am-tm-conf - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf - - name: wso2am-tm-conf-entrypoint - configMap: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-conf-entrypoint - defaultMode: 0407 - {{ if .Values.wso2.deployment.dependencies.mysql }} - - name: mysql-connector-jar - emptyDir: {} - {{ end }} diff --git a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml b/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml deleted file mode 100644 index d88705f3..00000000 --- a/advanced/am-pattern-3/templates/am/tm/wso2am-pattern-3-am-tm-volume-claim.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-tm-shared-executionplans-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.executionPlans }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} From 4b3ec676eab1a9a4464619cc521709ef186024a5 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Wed, 5 May 2021 22:53:28 +0530 Subject: [PATCH 12/34] update pattern-1 secret and readme files --- advanced/am-pattern-1/README.md | 22 ++++++++++++------- advanced/am-pattern-1/auth.json | 2 +- advanced/am-pattern-1/templates/NOTES.txt | 2 +- .../wso2am-pattern-1-mi-deployment.yaml | 2 +- ...so2am-pattern-1-mi-management-ingress.yaml | 2 +- .../wso2am-pattern-1-am-secrets.yaml | 2 +- .../wso2am-pattern-1-mi-secrets.yaml | 2 +- advanced/am-pattern-1/values.yaml | 2 +- advanced/am-pattern-2/values.yaml | 8 +++---- 9 files changed, 25 insertions(+), 19 deletions(-) diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index 099e7449..73296a0b 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -143,12 +143,19 @@ API Manager Gateway - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service -API Manager Analytics Dashboard +API Manager Websub -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Websub service + +Micro Integrator Management APIs + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-mi-1-management-ingress`) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -159,7 +166,7 @@ If the defined hostnames are not backed by a DNS service, for the purpose of eva hostnames and the external IP in the `/etc/hosts` file at the client-side. ``` - + ``` ### 4. Access Management Consoles @@ -168,8 +175,7 @@ hostnames and the external IP in the `/etc/hosts` file at the client-side. - API Manager DevPortal: `https:///devportal` -- API Manager Analytics Dashboard: `https:///analytics-dashboard` - +- API Manager Carbon Console: `https:///carbon` ## Configuration diff --git a/advanced/am-pattern-1/auth.json b/advanced/am-pattern-1/auth.json index fbdc9cd0..453e366c 100644 --- a/advanced/am-pattern-1/auth.json +++ b/advanced/am-pattern-1/auth.json @@ -1,6 +1,6 @@ { "auths": { - "reg.Id": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-1/templates/NOTES.txt b/advanced/am-pattern-1/templates/NOTES.txt index 1e354ead..07014b61 100644 --- a/advanced/am-pattern-1/templates/NOTES.txt +++ b/advanced/am-pattern-1/templates/NOTES.txt @@ -45,7 +45,7 @@ Please follow these steps to assess Micro Integrator. Micro Integrator Management APIs - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-management-ingress) + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress) - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the Micro Integrator service diff --git a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml index 2b092f07..fc270b2e 100644 --- a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml @@ -90,5 +90,5 @@ spec: - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: wso2micro-integrator-deployment-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-wso2-private-registry-creds {{ end }} diff --git a/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml index 3a37bba7..544fa865 100644 --- a/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml +++ b/advanced/am-pattern-1/templates/mi/wso2am-pattern-1-mi-management-ingress.yaml @@ -15,7 +15,7 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-management-ingress + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-management-ingress namespace : {{ .Release.Namespace }} {{- if .Values.wso2.deployment.mi.ingress.management.annotations }} annotations: diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml index b1cbaea5..390f651c 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-am-secrets.yaml @@ -16,7 +16,7 @@ {{- $username := .Values.wso2.subscription.username }} {{- $password := .Values.wso2.subscription.password }} {{- $email := .Values.wso2.subscription.username }} -{{- $regId := default "docker.wso2.com" .Values.wso2.dockerRegistry }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.am.dockerRegistry }} {{- $auth := printf "%s:%s" $username $password | b64enc }} {{- $files := .Files }} apiVersion: v1 diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml index cb298e23..8f5f1ad5 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -25,5 +25,5 @@ metadata: namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: - .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "reg.username" $username | replace "reg.password" $password | replace "reg.email" $email | replace "reg.auth" $auth | b64enc }} + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} {{ end }} diff --git a/advanced/am-pattern-1/values.yaml b/advanced/am-pattern-1/values.yaml index 410a5721..45ff071d 100644 --- a/advanced/am-pattern-1/values.yaml +++ b/advanced/am-pattern-1/values.yaml @@ -39,7 +39,7 @@ wso2: apacheSolrIndexing: # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled # By default, this is disabled - enabled: true + enabled: false # Define capacities for persistent runtime artifact directories capacity: # For persisting the H2 based local Carbon database file diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index ca59836c..123fb960 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -17,8 +17,8 @@ wso2: # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) # for this deployment subscription: - username: "sajithal@wso2.com" - password: "Sajicapn@sv123@#" + username: "" + password: "" deployment: mi: @@ -86,8 +86,8 @@ am-pattern-1: # If provided, these parameters will be used to obtain official WSO2 product Docker images available at WSO2 Private Docker Registry (https://docker.wso2.com/) # for this deployment subscription: - username: "sajithal@wso2.com" - password: "Sajicapn@sv123@#" + username: "" + password: "" deployment: dependencies: From a20af8469f5fc8f2d24e5f61bcf5b88b1b656717 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 10:11:18 +0530 Subject: [PATCH 13/34] Update service urls for cp and gateway --- ...so2am-pattern-3-am-control-plane-conf.yaml | 5 ++-- ...so2am-pattern-3-am-control-plane-conf.yaml | 6 +++-- ...tern-3-am-control-plane-volume-claims.yaml | 2 ++ .../wso2am-pattern-3-am-gateway-conf.yaml | 1 + ...2am-pattern-3-am-gateway-volume-claim.yaml | 26 ------------------- 5 files changed, 10 insertions(+), 30 deletions(-) delete mode 100644 advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml index a5e75a31..a310b09d 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml @@ -122,8 +122,8 @@ data: [apim.key_manager] service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" + username = "$ref{super_admin.username}" + password = "$ref{super_admin.password}" #pool.init_idle_capacity = 50 #pool.max_idle = 100 #key_validation_handler_type = "default" @@ -265,3 +265,4 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{- end }} diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml index da69f592..4777dd94 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml @@ -29,6 +29,7 @@ data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}" + node_ip = "$env{NODE_IP}" #offset=0 base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" #discard_empty_caches = false @@ -122,8 +123,8 @@ data: [apim.key_manager] service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" - #username = "$ref{super_admin.username}" - #password = "$ref{super_admin.password}" + username = "$ref{super_admin.username}" + password = "$ref{super_admin.password}" #pool.init_idle_capacity = 50 #pool.max_idle = 100 #key_validation_handler_type = "default" @@ -265,3 +266,4 @@ data: [database.local] url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" {{ end }} + {{- end }} diff --git a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml index 3f7a7678..fe3ee17c 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/wso2am-pattern-3-am-control-plane-volume-claims.yaml @@ -25,6 +25,8 @@ spec: storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.capacity.carbonDatabase }} storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} + --- apiVersion: v1 diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index f5df4bb9..6e40b33a 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -29,6 +29,7 @@ data: deployment.toml: |- [server] hostname = "{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" + node_ip = "$env{NODE_IP}" server_role = "gateway-worker" [user_store] diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml deleted file mode 100644 index 074e6d7a..00000000 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-volume-claim.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-shared-synapse-configs-volume-claim - namespace : {{ .Release.Namespace }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.sharedArtifacts.capacity.synapseConfigs }} - storageClassName: {{ .Values.wso2.deployment.persistentRuntimeArtifacts.storageClass }} From dbd4b955388ecc0bba4d54d29d825015b1b35f36 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 15:58:41 +0530 Subject: [PATCH 14/34] Add MI deployment configs for pattern-3 --- .../wso2am-pattern-3-mi-deployment.yaml | 101 ++++++++++++++++++ ...so2am-pattern-3-mi-management-ingress.yaml | 35 ++++++ .../mi/wso2am-pattern-3-mi-service.yaml | 50 +++++++++ 3 files changed, 186 insertions(+) create mode 100644 advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml create mode 100644 advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml create mode 100644 advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml diff --git a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml new file mode 100644 index 00000000..7d5e1816 --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml @@ -0,0 +1,101 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-deployment + namespace: {{ .Release.Namespace }} + labels: +{{ include "am-pattern-3.labels" . | indent 4 }} +spec: + replicas: {{ .Values.wso2.deployment.mi.replicas }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxSurge }} + maxUnavailable: {{ .Values.wso2.deployment.mi.strategy.rollingUpdate.maxUnavailable }} + type: RollingUpdate + selector: + matchLabels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 + template: + metadata: + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 + spec: + initContainers: + - name: init-cp + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Control Plane deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-cp-service 9443; do sleep 1; printf "-"; done; echo -e " >> Control Plane has started";'] + - name: init-gw + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of Gateway deployment"; while ! nc -z {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service 8243; do sleep 1; printf "-"; done; echo -e " >> Gateway has started";'] + containers: + - name: wso2micro-integrator +{{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + args: + - "-DsynapseTest=true" + {{- end }} + livenessProbe: + exec: + command: + - /bin/sh + - -c + - nc -z localhost 8290 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /healthz + port: 9201 + initialDelaySeconds: {{ .Values.wso2.deployment.mi.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.wso2.deployment.mi.readinessProbe.periodSeconds }} + resources: + requests: + memory: {{ .Values.wso2.deployment.mi.resources.requests.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.requests.cpu }} + limits: + memory: {{ .Values.wso2.deployment.mi.resources.limits.memory }} + cpu: {{ .Values.wso2.deployment.mi.resources.limits.cpu }} + imagePullPolicy: Always + securityContext: + runAsUser: 802 + ports: + - containerPort: 8290 + protocol: TCP + - containerPort: 9201 + protocol: TCP + - containerPort: 9164 + protocol: TCP + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - containerPort: 9008 + protocol: TCP + {{- end }} + {{- if .Values.wso2.deployment.mi.envs }} + env: + {{- range $key, $val := .Values.wso2.deployment.mi.envs }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + serviceAccountName: {{ .Values.kubernetes.serviceAccount }} + {{- if .Values.wso2.deployment.mi.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} + {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} + imagePullSecrets: + - name: {{ template "am-pattern-3.resource.prefix" . }}-mi-wso2-private-registry-creds + {{ end }} diff --git a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml new file mode 100644 index 00000000..a7b75364 --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-management-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-management-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.mi.ingress.management.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.mi.ingress.management.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} + rules: + - host: {{ .Values.wso2.deployment.mi.ingress.management.hostname | quote }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-service + servicePort: 9164 diff --git a/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml b/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml new file mode 100644 index 00000000..628b81c6 --- /dev/null +++ b/advanced/am-pattern-3/templates/mi/wso2am-pattern-3-mi-service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-service + namespace : {{ .Release.Namespace }} + labels: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 +{{ include "am-pattern-3.labels" . | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8290 + targetPort: 8290 + protocol: TCP + name: pass-through-http + - port: 8253 + targetPort: 8253 + protocol: TCP + name: pass-through-https + - port: 9201 + targetPort: 9201 + protocol: TCP + name: metrics + - port: 9164 + targetPort: 9164 + protocol: TCP + name: management + {{- if .Values.wso2.deployment.mi.synapseTest.enabled }} + - port: 9008 + targetPort: 9008 + protocol: TCP + name: synapse-test + {{- end}} + selector: + deployment: {{ template "am-pattern-3.resource.prefix" . }}-mi + node: {{ template "am-pattern-3.resource.prefix" . }}-mi-1 From ed8e3471ebaa8c901e7d1c419bd945e700c71aaa Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 15:59:47 +0530 Subject: [PATCH 15/34] Add websub ingress and other changes --- ...so2am-pattern-3-am-control-plane-conf.yaml | 3 +- ...so2am-pattern-3-am-control-plane-conf.yaml | 3 +- .../wso2am-pattern-3-am-gateway-service.yaml | 6 ++++ .../wso2am-pattern-3-am-websub-ingress.yaml | 35 +++++++++++++++++++ .../wso2am-pattern-3-mi-secrets.yaml | 30 ++++++++++++++++ 5 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml create mode 100644 advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml index a310b09d..6609c04b 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml @@ -90,7 +90,8 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" #[apim.cache.gateway_token] #enable = true diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml index 4777dd94..d4d56ad3 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml @@ -91,7 +91,8 @@ data: wss_endpoint = "wss://localhost:8099" http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}" - + websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" + websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}" #[apim.cache.gateway_token] #enable = true diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml index 8bbe2480..5b86382b 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml @@ -35,3 +35,9 @@ spec: - name: servlet-https protocol: TCP port: 9443 + - name: websub-http + protocol: TCP + port: 9021 + - name: websub-https + protocol: TCP + port: 8021 diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml new file mode 100644 index 00000000..08e40266 --- /dev/null +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-websub-ingress.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-am-websub-ingress + namespace : {{ .Release.Namespace }} +{{- if .Values.wso2.deployment.am.websub.ingress.annotations }} + annotations: +{{ toYaml .Values.wso2.deployment.am.websub.ingress.annotations | indent 4 }} +{{- end }} +spec: + tls: + - hosts: + - {{ .Values.wso2.deployment.am.websub.ingress.hostname }} + rules: + - host: {{ .Values.wso2.deployment.am.websub.ingress.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service + servicePort: 8021 diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml new file mode 100644 index 00000000..6792a2ba --- /dev/null +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -0,0 +1,30 @@ +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $username := .Values.wso2.subscription.username }} +{{- $password := .Values.wso2.subscription.password }} +{{- $email := .Values.wso2.subscription.username }} +{{- $regId := default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry }} +{{- $auth := printf "%s:%s" $username $password | b64enc }} +{{- $files := .Files }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-wso2-private-registry-creds + namespace: {{ .Release.Namespace }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $files.Get "auth.json" | replace "reg.id" $regId | replace "docker.wso2.com.username" $username | replace "docker.wso2.com.password" $password | replace "docker.wso2.com.email" $email | replace "docker.wso2.com.auth" $auth | b64enc }} +{{ end }} From e7e0ed184b7b203931c2ab2e669674ffa7a1fed9 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 16:03:19 +0530 Subject: [PATCH 16/34] Update helm configs for pattern-3 configs --- advanced/am-pattern-3/Chart.yaml | 4 +- advanced/am-pattern-3/README.md | 158 ++++++------- advanced/am-pattern-3/auth.json | 2 +- advanced/am-pattern-3/requirements.yaml | 2 +- advanced/am-pattern-3/templates/NOTES.txt | 50 +++-- advanced/am-pattern-3/values.yaml | 258 ++++++++-------------- 6 files changed, 190 insertions(+), 284 deletions(-) diff --git a/advanced/am-pattern-3/Chart.yaml b/advanced/am-pattern-3/Chart.yaml index 79aeae2b..716c07ed 100644 --- a/advanced/am-pattern-3/Chart.yaml +++ b/advanced/am-pattern-3/Chart.yaml @@ -13,8 +13,8 @@ # limitations under the License. apiVersion: v1 -appVersion: "3.2.0" +appVersion: "4.0.0" description: A Helm chart for the deployment of WSO2 API Management deployment pattern 3 name: am-pattern-3 -version: 3.2.0-4 +version: 4.0.0-1 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg diff --git a/advanced/am-pattern-3/README.md b/advanced/am-pattern-3/README.md index 0bc4cbd6..ef6ff7e8 100644 --- a/advanced/am-pattern-3/README.md +++ b/advanced/am-pattern-3/README.md @@ -1,9 +1,8 @@ -# Helm Chart for deployment of a Fully Distributed Setup of WSO2 API Manager with WSO2 API Manager Analytics +# Pattern 3: Helm Chart for deployment of a Simple Scalable Deployment of WSO2 API Manager -Resources for building a Helm chart for deployment of a [fully distributed setup of WSO2 API Manager with WSO2 API Manager Analytics -support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-3-fully-distributed-setup). +Resources for building a Helm chart for deployment of a [simple scalable deployment of WSO2 API Manager](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-overview/#simple-scalable-deployment). -![WSO2 API Manager pattern 3 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/3-fully-distributed-setup.png) +![WSO2 API Manager pattern 3 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/basic-scalable-deployment.png) For advanced details on the deployment pattern, please refer to the official [documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup/). @@ -58,7 +57,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] Helm version 2 ``` - helm install --name wso2/am-pattern-3 --version 3.2.0-1 --namespace + helm install --name wso2/am-pattern-3 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -66,7 +65,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] - Deploy the Kubernetes resources using the Helm Chart ``` - helm install wso2/am-pattern-3 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-3 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` #### Install Chart From Source @@ -98,7 +97,7 @@ git clone https://github.com/wso2/kubernetes-apim.git Helm version 2 ``` - helm install --dep-up --name /am-pattern-3 --version 3.2.0-1 --namespace + helm install --dep-up --name /am-pattern-3 --version 4.0.0-1 --namespace ``` Helm version 3 @@ -106,7 +105,7 @@ git clone https://github.com/wso2/kubernetes-apim.git - Deploy the Kubernetes resources using the Helm Chart ``` - helm install /am-pattern-3 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-pattern-3 --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,7 +116,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-3 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-pattern-3 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` ### 2. Obtain the external IP @@ -130,33 +129,33 @@ kubectl get ing -n The output under the relevant column stands for the following. -API Manager Publisher +API Manager Control Plane -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-publisher-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's Publisher service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Publisher service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager's Publisher service - -API Manager DevPortal - -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-devportal-ingress`) -- HOSTS: Hostname of the WSO2 API Manager's DevPortal service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's DevPortal service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager service +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-cp-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Control Plane service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Control Plane service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager's Control Plane service API Manager Gateway - NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-gateway-ingress`) - HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager's DevPortal service +- PORTS: Externally exposed service ports of the API Manager's Gateway service + +API Manager Websub -API Manager Analytics Dashboard +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to wso2am-pattern-1-am-websub-ingress) +- HOSTS: Hostname of the WSO2 API Manager's Websub service (``) +- ADDRESS: External IP (EXTERNAL-IP) exposing the API Manager's Websub service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager's Websub service -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-3-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service +Micro Integrator Management APIs + +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to wso2am-pattern-1-mi-1-management-ingress) +- HOSTS: Hostname of the WSO2 Micro Integrator service (``) +- ADDRESS: External IP (EXTERNAL-IP) exposing the Micro Integrator service to outside of the Kubernetes environment +PORTS: Externally exposed service ports of the Micro Integrator service ### 3. Add a DNS record mapping the hostnames and the external IP @@ -166,18 +165,11 @@ the external IP (`EXTERNAL-IP`) in the relevant DNS service. If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. -``` - -``` - ### 4. Access Management Consoles -- API Manager Publisher: `https:///publisher` - -- API Manager DevPortal: `https:///devportal` - -- API Manager Analytics Dashboard: `https:///analytics-dashboard` +- API Manager Publisher: `https:///publisher` +- API Manager DevPortal: `https:///devportal` ## Configuration @@ -216,7 +208,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | | `wso2.deployment.am.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager product profiles with profile optimization | 1Gi | | `wso2.deployment.am.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API Manager product profiles with profile optimization | 1000m | @@ -226,65 +218,49 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager optimized profile | 10 | | `wso2.deployment.am.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager optimized profile | 60 | | `wso2.deployment.am.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager optimized profile | 10 | +| `wso2.deployment.am.websub.ingress.hostname` | Hostname for API Manager WebSub service | `websub.am.wso2.com` | +| `wso2.deployment.am.websub.ingress.annotations` | Ingress resource annotations for API Manager WebSub | Community NGINX Ingress controller annotations | | `wso2.deployment.am.gateway.ingress.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | | `wso2.deployment.am.gateway.ingress.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | | `wso2.deployment.am.gateway.replicas` | Number of replicas of API Manager Gateway to be started | 2 | | `wso2.deployment.am.gateway.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | | `wso2.deployment.am.gateway.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | | `wso2.deployment.am.gateway.config` | Custom deployment configuration file for Gateway profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.km.replicas` | Number of replicas of API Manager Key Manager to be started | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 2 | -| `wso2.deployment.am.km.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.am.km.config` | Custom deployment configuration file for Key Manager profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.publisher.ingress.hostname` | Hostname for API Manager Publisher | `publisher.am.wso2.com` | -| `wso2.deployment.am.publisher.ingress.annotations` | Ingress resource annotations for API Manager Publisher | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.publisher.config` | Custom deployment configuration file for Publisher profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.devportal.ingress.hostname` | Hostname for API Manager DevPortal | `devportal.am.wso2.com` | -| `wso2.deployment.am.devportal.ingress.annotations` | Ingress resource annotations for API Manager DevPortal | Community NGINX Ingress controller annotations | -| `wso2.deployment.am.devportal.config` | Custom deployment configuration file for DevPortal profile (`/repository/conf/deployment.toml`) | - | -| `wso2.deployment.am.tm.config` | Custom deployment configuration file for Traffic Manager profile (`/repository/conf/deployment.toml`) | - | - -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | - -###### Kubernetes Specific Configurations +| `wso2.deployment.am.cp.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Control Plane profile | 60 | +| `wso2.deployment.am.cp.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Control Plane profile | 10 | +| `wso2.deployment.am.cp.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Control Plane profile | 60 | +| `wso2.deployment.am.cp.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Control Plane profile | 10 | +| `wso2.deployment.am.cp.ingress.hostname` | Hostname for API Manager Control Plane | `am.wso2.com` | +| `wso2.deployment.am.cp.ingress.annotations` | Ingress resource annotations for API Manager Control Plane | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.cp.resources.requests.memory` | The minimum amount of memory that should be allocated for running API Manager API Manager Control Plane | 1Gi | +| `wso2.deployment.am.cp.resources.requests.cpu` | The minimum amount of CPU that should be allocated for running API ManagerAPI Manager Control Plane | 1000m | +| `wso2.deployment.am.cp.resources.limits.memory` | The maximum amount of memory that should be allocated for running API Manager API Manager Control Plane | 2Gi | +| `wso2.deployment.am.cp.resources.limits.cpu` | The maximum amount of CPU that should be allocated for running API Manager API Manager Control Plane | 2000m | +| `wso2.deployment.am.cp.config` | Custom deployment configuration file for Control Plane profile (`/repository/conf/deployment.toml`) | - | + +###### Micro Integrator Server Configurations + +| Parameter | Description | Default Value | +|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| +| `wso2.deployment.mi.dockerRegistry` | Registry location of the Docker image to be used to create Micro Integrator instances | - | +| `wso2.deployment.mi.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2mi` | +| `wso2.deployment.mi.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | +| `wso2.deployment.mi.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | +| `wso2.deployment.mi.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.livenessProbe.periodSeconds` | Period of the live-ness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for Micro Integrator node | 35 | +| `wso2.deployment.mi.readinessProbe.periodSeconds` | Period of the readiness probe for Micro Integrator node | 10 | +| `wso2.deployment.mi.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 512Mi | +| `wso2.deployment.mi.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 500m | +| `wso2.deployment.mi.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 1Gi | +| `wso2.deployment.mi.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 1000m | +| `wso2.deployment.mi.config` | Custom deployment configuration file (`/repository/conf/deployment.toml`) | - | +| `wso2.deployment.mi.ingress.management.hostname` | Hostname for Micro Integrator management apis | `management.mi.wso2.com` | +| `wso2.deployment.mi.ingress.management.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | + +**Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). + +## Kubernetes Specific Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| diff --git a/advanced/am-pattern-3/auth.json b/advanced/am-pattern-3/auth.json index 88619f76..97387c87 100644 --- a/advanced/am-pattern-3/auth.json +++ b/advanced/am-pattern-3/auth.json @@ -1,6 +1,6 @@ { "auths": { - "docker.wso2.com": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/advanced/am-pattern-3/requirements.yaml b/advanced/am-pattern-3/requirements.yaml index 7cbd9c07..687ffdad 100644 --- a/advanced/am-pattern-3/requirements.yaml +++ b/advanced/am-pattern-3/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: mysql-am - version: "3.2.0-4" + version: "4.0.0-1" repository: "https://helm.wso2.com" condition: wso2.deployment.dependencies.mysql - name: nfs-server-provisioner diff --git a/advanced/am-pattern-3/templates/NOTES.txt b/advanced/am-pattern-3/templates/NOTES.txt index ecad5daa..dd124a5f 100644 --- a/advanced/am-pattern-3/templates/NOTES.txt +++ b/advanced/am-pattern-3/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher, DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. @@ -8,19 +8,12 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an The output under the relevant column stands for the following. - API Manager Publisher + API Manager Control Plane - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-publisher-ingress) - - HOSTS: Hostname of the WSO2 API Manager's Publisher service ({{ .Values.wso2.deployment.am.publisher.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Publisher service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager's Publisher service - - API Manager DevPortal - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-devportal-ingress) - - HOSTS: Hostname of the WSO2 API Manager's DevPortal service ({{ .Values.wso2.deployment.am.devportal.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's DevPortal service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager service + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-cp-ingress) + - HOSTS: Hostname of the WSO2 API Manager's Control Plane service ({{ .Values.wso2.deployment.am.cp.ingress.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Control PLane service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the API Manager's Control Plane service API Manager Gateway @@ -29,13 +22,6 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager's DevPortal service - API Manager Analytics Dashboard - - - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-am-analytics-dashboard-ingress) - - HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service ({{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}) - - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment - - PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - 2. Add a DNS record mapping the hostnames (in step 1) and the external IP. If the defined hostnames (in step 1) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -44,12 +30,28 @@ Please follow these steps to access API Manager Publisher, DevPortal consoles an If the defined hostnames are not backed by a DNS service, for the purpose of evaluation you may add an entry mapping the hostnames and the external IP in the `/etc/hosts` file at the client-side. - {{ .Values.wso2.deployment.am.publisher.ingress.hostname }} {{ .Values.wso2.deployment.am.devportal.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} {{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }} + {{ .Values.wso2.deployment.am.cp.ingress.hostname }} {{ .Values.wso2.deployment.am.gateway.ingress.hostname }} 3. Navigate to the consoles in your browser of choice. - API Manager Publisher: https://{{ .Values.wso2.deployment.am.publisher.ingress.hostname }}/publisher - API Manager DevPortal: https://{{ .Values.wso2.deployment.am.devportal.ingress.hostname }}/devportal - API Manager Analytics Dashboard: https://{{ .Values.wso2.deployment.analytics.dashboard.ingress.hostname }}/analytics-dashboard + API Manager Publisher: https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/publisher + API Manager DevPortal: https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal + +Please follow these steps to assess Micro Integrator. + +1. Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses. + + kubectl get ing -n {{ .Release.Namespace }} + + Micro Integrator Management APIs + + - NAME: Metadata name of the Kubernetes Ingress resource (defaults to {{ template "am-pattern-3.resource.prefix" . }}-mi-1-management-ingress) + - HOSTS: Hostname of the WSO2 Micro Integrator service ({{ .Values.wso2.deployment.mi.ingress.management.hostname }}) + - ADDRESS: External IP (`EXTERNAL-IP`) exposing the Micro Integrator service to outside of the Kubernetes environment + - PORTS: Externally exposed service ports of the Micro Integrator service + +2. Add the above host as an entry in /etc/hosts file as follows: + + {{ .Values.wso2.deployment.mi.ingress.management.hostname }} Please refer the official documentation at https://apim.docs.wso2.com/en/latest/ for additional information on WSO2 API Manager. diff --git a/advanced/am-pattern-3/values.yaml b/advanced/am-pattern-3/values.yaml index 66085133..bed051ef 100644 --- a/advanced/am-pattern-3/values.yaml +++ b/advanced/am-pattern-3/values.yaml @@ -35,14 +35,6 @@ wso2: # Defaults to Kubernetes Storage Class generated using the NFS Server Provisioner (https://github.com/helm/charts/tree/master/stable/nfs-server-provisioner) storageClass: &storage_class "nfs" - # Define capacities for persistent runtime artifact directories which are shared between instances of the relevant API Manager profile - sharedArtifacts: - capacity: - # For execution plans shared between the Traffic Manager profile instances - executionPlans: 20M - # For synapse artifacts of APIs shared between the Gateway profile instances - synapseConfigs: 50M - # Persistent runtime artifacts for Apache Solr-based indexing apacheSolrIndexing: # Indicates if persistence of the runtime artifacts for Apache Solr-based indexing is enabled @@ -60,7 +52,7 @@ wso2: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value # dockerRegistry: "" imageName: "wso2am" - imageTag: "3.2.0" + imageTag: "4.0.0" # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always @@ -98,6 +90,17 @@ wso2: # How often (in seconds) to perform the probe periodSeconds: 10 + # API Manager's WebSub specific configurations + websub: + # Configure Ingress + ingress: + # Hostname for Gateway profile + hostname: "websub.am.wso2.com" + # Annotations for the API Manager Gateway service Ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + # API Manager's Gateway specific configurations gateway: # Configure Ingress @@ -126,190 +129,115 @@ wso2: # deployment.toml: |- # # deployment configurations for the Gateway profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - # API Manager's Key Manager specific configurations - km: - # Number of deployment replicas - replicas: 2 - - # If the deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> km -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Key Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # API Manager's Publisher specific configurations - publisher: - # Configure Ingress - ingress: - # Hostname for Publisher profile - hostname: "publisher.am.wso2.com" - # Annotations for the API Manager Publisher service Ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - # If the deployment configurations for the Publisher profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> publisher -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the Publisher profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) + # API Manager's Control Plane specific configurations + cp: + # Indicates whether the container is running + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 + # Indicates whether the container is ready to service requests + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated + initialDelaySeconds: 180 + # How often (in seconds) to perform the probe + periodSeconds: 10 - # API Manager's DevPortal specific configurations - devportal: # Configure Ingress ingress: - # Hostname for DevPortal profile - hostname: "devportal.am.wso2.com" - # Annotations for the API Manager DevPortal service Ingress + # Hostname for Gateway profile + hostname: "am.wso2.com" + # Annotations for the API Manager Gateway service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" nginx.ingress.kubernetes.io/affinity: "cookie" nginx.ingress.kubernetes.io/session-cookie-name: "route" nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" - - # If the deployment configurations for the DevPortal profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> devportal -> config -> deployment.toml) -# config: -# deployment.toml: |- -# # deployment configurations for the DevPortal profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - # API Manager's Traffic Manager specific configurations - tm: - # If the deployment configurations for the Traffic Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), - # add the customized configuration file under (wso2 -> deployment -> am -> tm -> instanceOne -> config -> deployment.toml) - config: "" -# deployment.toml: |- -# # deployment configurations for the Traffic Manager profile of WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) - - analytics: - dashboard: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2am-analytics-dashboard" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - # Number of deployment replicas - replicas: 1 - - # Kubernetes RollingUpdate strategy configurations - strategy: - rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods. - maxSurge: 1 - # The maximum number of pods that can be unavailable during the update. - maxUnavailable: 0 - - # Indicates whether the container is running. - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # Indicates whether the container is ready to service requests. - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - -# # If the deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml), -# # add the customized configuration file under (wso2 -> deployment -> analytics -> dashboard -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Dashboard profile of WSO2 API Manager Analytics v3.2.0 (/conf/dashboard/deployment.yaml) + replicas: 2 resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). + # These are the minimum resource recommendations for running WSO2 API Management Control Plane deployment + # as per official documentation (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) requests: - memory: "4Gi" + memory: "2Gi" cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. limits: - memory: "4Gi" - cpu: "2000m" + memory: "3Gi" + cpu: "3000m" # JVM settings # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) + # Refer to the official documentation for advanced details (https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/) jvm: # Resource allocation for the Java Heap heap: memory: # Initial and minimum Heap size - xms: "2048m" + xms: "1024m" # Maximum Heap size - xmx: "2048m" + xmx: "1024m" - # Configure Ingress - ingress: - # Hostname for API Manager Analytics Dashboard - hostname: "analytics.am.wso2.com" - # Annotations for the API Manager Analytics Dashboard service Ingress +# config: +# deployment.toml: |- +# # deployment configurations for the Control Plane profile of WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) + + mi: + # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. + # dockerRegistry: "" + imageName: "wso2mi" + imageTag: "4.0.0" + # Number of deployment replicas + replicas: 2 + strategy: + rollingUpdate: + # The maximum number of pods that can be scheduled above the desired number of pods. + maxSurge: 1 + # The maximum number of pods that can be unavailable during the update. + maxUnavailable: 0 + # Indicates whether the container is running. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # Indicates whether the container is ready to service requests. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 35 + # How often (in seconds) to perform the probe. + periodSeconds: 10 + # These are the minimum resource recommendations for running WSO2 Micro Integrator + resources: + requests: + # The minimum amount of memory that should be allocated for a Pod + memory: "512Mi" + # The minimum amount of CPU that should be allocated for a Pod + cpu: "500m" + limits: + # The maximum amount of memory that should be allocated for a Pod + memory: "1Gi" + # The maximum amount of CPU that should be allocated for a Pod + cpu: "1000m" + # Environment variables for the Micro integrator deployment. + envs: + # ENV_NAME: ENV_VALUE + # Configure synapse testing. + synapseTest: + enabled: false + + # Configure Ingresses + ingress: + # Configure management ingress + management: + # Hostname for the Micro Integrator management endpoint. + hostname: "management.mi.wso2.com" + # Annotations for the Micro Integrator management Ingress. annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - worker: - # Container image configurations - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2am-analytics-worker" - imageTag: "3.2.0" - # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) - imagePullPolicy: Always - - # Indicates whether the container is running. - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # Indicates whether the container is ready to service requests. - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 20 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - - # If the deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml), - # add the customized configuration file under (wso2 -> deployment -> analytics -> worker -> config -> deployment.yaml) -# config: -# deployment.yaml: |- -# # deployment configurations for the Worker profile of WSO2 API Manager Analytics v3.2.0 (/conf/worker/deployment.yaml) - - resources: - # These are the minimum resource recommendations for running WSO2 Stream Processor based server profiles - # as per official documentation (https://docs.wso2.com/display/SP440/Installation+Prerequisites). - requests: - memory: "4Gi" - cpu: "2000m" - # Please see the official documentation on WSO2 Stream Processor based Performance Analysis and Resource recommendations - # (https://docs.wso2.com/display/SP440/Performance+Analysis+Results) and tune the limits according to your needs - # where necessary. - limits: - memory: "4Gi" - cpu: "2000m" - # JVM settings - # These are the resource allocation configurations associated with the JVM - # Refer to the official documentation for advanced details (https://docs.wso2.com/display/SP440/Installation+Prerequisites) - jvm: - # Resource allocation for the Java Heap - heap: - memory: - # Initial and minimum Heap size - xms: "2048m" - # Maximum Heap size - xmx: "2048m" - kubernetes: # Name of Kubernetes service account serviceAccount: "wso2am-pattern-3-svc-account" From 16e5c7969485fe8d7edbc89d631c82639392ea30 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Thu, 6 May 2021 16:37:59 +0530 Subject: [PATCH 17/34] Fix review comments --- .../wso2am-pattern-3-am-control-plane-service.yaml | 2 +- .../wso2am-pattern-3-am-control-plane-service.yaml | 2 +- advanced/am-pattern-3/values.yaml | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml index 4839b28d..8bfb47c4 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-service.yaml @@ -35,4 +35,4 @@ spec: port: 5672 - name: servlet-https protocol: TCP - port: 9443 \ No newline at end of file + port: 9443 diff --git a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml index f1d09210..44f72d15 100644 --- a/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml +++ b/advanced/am-pattern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-service.yaml @@ -35,4 +35,4 @@ spec: port: 5672 - name: servlet-https protocol: TCP - port: 9443 \ No newline at end of file + port: 9443 diff --git a/advanced/am-pattern-3/values.yaml b/advanced/am-pattern-3/values.yaml index bed051ef..8ecde483 100644 --- a/advanced/am-pattern-3/values.yaml +++ b/advanced/am-pattern-3/values.yaml @@ -94,9 +94,9 @@ wso2: websub: # Configure Ingress ingress: - # Hostname for Gateway profile + # Hostname for Gateway (WebSub) service hostname: "websub.am.wso2.com" - # Annotations for the API Manager Gateway service Ingress + # Annotations for the API Manager Gateway (WebSub) service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" @@ -146,9 +146,9 @@ wso2: # Configure Ingress ingress: - # Hostname for Gateway profile + # Hostname for Control Plane profile hostname: "am.wso2.com" - # Annotations for the API Manager Gateway service Ingress + # Annotations for the API Manager Control Plane service Ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" From 7259b68e6f4a2ee324e4a683d915a4cd0c2ece06 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Thu, 6 May 2021 19:54:51 +0530 Subject: [PATCH 18/34] update patterns README.md files --- advanced/am-pattern-1/README.md | 45 +++++++++++++++++++++++---------- advanced/am-pattern-2/README.md | 17 +++++++++++++ advanced/am-pattern-3/README.md | 17 +++++++++++++ 3 files changed, 65 insertions(+), 14 deletions(-) diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index 73296a0b..09ce1ca1 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -35,7 +35,7 @@ For advanced details on the deployment pattern, please refer to the official * An already setup [Kubernetes cluster](https://kubernetes.io/docs/setup).

* Install [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/deploy/).

- + * Add the WSO2 Helm chart repository. ``` @@ -54,15 +54,15 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] #### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) - Helm version 2 - - ``` - helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace - ``` +Deploy the Kubernetes resources using the Helm Chart + +- Helm version 2 - Helm version 3 + ``` + helm install --name wso2/am-pattern-1 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --create-namespace @@ -94,15 +94,15 @@ git clone https://github.com/wso2/kubernetes-apim.git ##### Deploy Helm chart for WSO2 API Manager Pattern 1 deployment. - Helm version 2 +Deploy the Kubernetes resources using the Helm Chart - ``` - helm install --dep-up --name /am-pattern-1 --version 4.0.0-1 --namespace - ``` +- Helm version 2 - Helm version 3 + ``` + helm install --dep-up --name /am-pattern-1 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` helm install /am-pattern-1 --version 4.0.0-1 --namespace --dependency-update --create-namespace @@ -119,6 +119,23 @@ Please see the following example. helm install --name /am-pattern-1 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` +Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/latest/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/latest/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 3b507523..54671a48 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -122,6 +122,23 @@ Please see the following example. helm install --name /am-pattern-2 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` +Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/latest/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/latest/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. diff --git a/advanced/am-pattern-3/README.md b/advanced/am-pattern-3/README.md index ef6ff7e8..ee5acba7 100644 --- a/advanced/am-pattern-3/README.md +++ b/advanced/am-pattern-3/README.md @@ -119,6 +119,23 @@ Please see the following example. helm install --name /am-pattern-3 --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` +Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file. + + +> **Note:**
+From the above Helm commands, base image of a Micro Integrator is deployed (without any integration solution). To deploy your integration solution with the Helm charts follow the below steps.

+>1. [Create an integration service using WSO2 Integration Studio and expose it as a Managed API](https://apim.docs.wso2.com/en/latest/tutorials/integration-tutorials/service-catalog-tutorial/#exposing-an-integration-service-as-a-managed-api). Then [create a Docker image](https://apim.docs.wso2.com/en/latest/integrate/develop/create-docker-project/#creating-docker-exporter) and push it to your private or public Docker registry.

+ - `INTEGRATION_IMAGE_REGISTRY` will refer to the Docker registry that created Docker image has been pushed
+ - `INTEGRATION_IMAGE_NAME` will refer to the name of the created Docker image
+ - `INTEGRATION_IMAGE_TAG` will refer to the tag of the created Docker image

+>2. If your Docker registry is a private registry, [create an imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).

+ - `IMAGE_PULL_SECRET` will refer to the created image pull secret

+>3. Deploy the helm resource using following command.

+> ``` +> helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= +> ``` + + ### 2. Obtain the external IP Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. From 3cb0e1cce300dd3ce6e5530a8270b33b237bf796 Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Fri, 7 May 2021 11:00:33 +0530 Subject: [PATCH 19/34] Add analytics configs and update docs for single-node --- simple/am-single/README.md | 104 +++++++----------- simple/am-single/templates/NOTES.txt | 2 +- .../instance/wso2am-single-node-am-conf.yaml | 11 +- simple/am-single/values.yaml | 9 +- 4 files changed, 54 insertions(+), 72 deletions(-) diff --git a/simple/am-single/README.md b/simple/am-single/README.md index abab3c45..2206337a 100644 --- a/simple/am-single/README.md +++ b/simple/am-single/README.md @@ -1,12 +1,11 @@ -# Helm Chart for deployment of WSO2 API Manager with WSO2 API Manager Analytics +# Helm Chart for deployment of WSO2 API Manager -Resources for building a Helm chart for deployment of [All-In-One WSO2 API Manager with WSO2 API Manager Analytics -support](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-patterns/#pattern-1-single-node-all-in-one-deployment). +Resources for building a Helm chart for deployment of [Single Node API Manager](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/all-in-one-deployment-overview/#single-node-deployment). -![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/1-single-node-deployment.png) +![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/latest/assets/img/setup-and-install/single-node-apim-deployment.png) For advanced details on the deployment pattern, please refer to the official -[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/configuring-an-active-active-deployment/). +[documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/single-node/all-in-one-deployment-overview/#active-active-deployment). ## Contents @@ -58,7 +57,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] Helm version 2 ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace + helm install --name wso2/am-single-node --version 4.0.0-1 --namespace ``` Helm version 3 @@ -66,7 +65,7 @@ You can install the relevant Helm chart either from [WSO2 Helm Chart Repository] - Deploy the Kubernetes resources using the Helm Chart ``` - helm install wso2/am-pattern-1 --version 3.2.0-1 --namespace --create-namespace + helm install wso2/am-single-node --version 4.0.0-1 --namespace --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -77,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name wso2/am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` #### Install Chart From Source @@ -85,7 +84,7 @@ Please see the following example. >In the context of this document,
>* `KUBERNETES_HOME` will refer to a local copy of the [`wso2/kubernetes-apim`](https://github.com/wso2/kubernetes-apim/) Git repository.
->* `HELM_HOME` will refer to `/advanced`.
+>* `HELM_HOME` will refer to `/simple`.
##### Clone the Helm Resources for WSO2 API Manager Git repository. @@ -98,7 +97,7 @@ git clone https://github.com/wso2/kubernetes-apim.git Helm version 2 ``` - helm install --dep-up --name /am-pattern-1 --version 3.2.0-1 --namespace + helm install --dep-up --name /am-single --version 4.0.0-1 --namespace ``` Helm version 3 @@ -106,7 +105,7 @@ git clone https://github.com/wso2/kubernetes-apim.git - Deploy the Kubernetes resources using the Helm Chart ``` - helm install /am-pattern-1 --version 3.2.0-1 --namespace --dependency-update --create-namespace + helm install /am-single --version 4.0.0-1 --namespace --dependency-update --create-namespace ``` The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub. @@ -117,8 +116,19 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. ``` - helm install --name /am-pattern-1 --version 3.2.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= + helm install --name /am-single --version 4.0.0-1 --namespace --set wso2.subscription.username= --set wso2.subscription.password= ``` +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +``` +helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP @@ -132,25 +142,23 @@ The output under the relevant column stands for the following. API Manager Publisher-DevPortal -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-ingress`) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-ingress`) - HOSTS: Hostname of the WSO2 API Manager service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager service API Manager Gateway -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-gateway-ingress`) +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-gateway-ingress`) - HOSTS: Hostname of the WSO2 API Manager's Gateway service (``) - ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment - PORTS: Externally exposed service ports of the API Manager' Gateway service -API Manager Analytics Dashboard - -- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-pattern-1-am-analytics-dashboard-ingress`) -- HOSTS: Hostname of the WSO2 API Manager Analytics Dashboard service (``) -- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager Analytics Dashboard service to outside of the Kubernetes environment -- PORTS: Externally exposed service ports of the API Manager Analytics Dashboard service - +API Manager WebSub +- NAME: Metadata name of the Kubernetes Ingress resource (defaults to `wso2am-single-node-am-websub-ingress`) +- HOSTS: Hostname of the WSO2 API Manager's Gateway (WebSub) service (``) +- ADDRESS: External IP (`EXTERNAL-IP`) exposing the API Manager's Gateway service to outside of the Kubernetes environment +- PORTS: Externally exposed service ports of the API Manager' Gateway (WebSub) service ### 3. Add a DNS record mapping the hostnames and the external IP If the defined hostnames (in the previous step) are backed by a DNS service, add a DNS record mapping the hostnames and @@ -160,7 +168,7 @@ If the defined hostnames are not backed by a DNS service, for the purpose of eva hostnames and the external IP in the `/etc/hosts` file at the client-side. ``` - + ``` ### 4. Access Management Consoles @@ -169,9 +177,6 @@ hostnames and the external IP in the `/etc/hosts` file at the client-side. - API Manager DevPortal: `https:///devportal` -- API Manager Analytics Dashboard: `https:///analytics-dashboard` - - ## Configuration The following tables lists the configurable parameters of the chart and their default values. @@ -182,6 +187,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. @@ -209,7 +217,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.deployment.am.dockerRegistry` | Registry location of the Docker image to be used to create API Manager instances | - | | `wso2.deployment.am.imageName` | Name of the Docker image to be used to create API Manager instances | `wso2am` | -| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 3.2.0 | +| `wso2.deployment.am.imageTag` | Tag of the image used to create API Manager instances | 4.0.0 | | `wso2.deployment.am.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | | `wso2.deployment.am.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager node | 180 | | `wso2.deployment.am.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager node | 10 | @@ -224,50 +232,12 @@ If you do not have an active WSO2 subscription, **do not change** the parameters | `wso2.deployment.am.ingress.management.annotations` | Ingress resource annotations for API Manager management consoles | Community NGINX Ingress controller annotations | | `wso2.deployment.am.ingress.gateway.hostname` | Hostname for API Manager Gateway | `gateway.am.wso2.com` | | `wso2.deployment.am.ingress.gateway.annotations` | Ingress resource annotations for API Manager Gateway | Community NGINX Ingress controller annotations | +| `wso2.deployment.am.ingress.websub.hostname` | Hostname for API Manager Gateway WebSub service | `gateway.am.wso2.com` | +| `wso2.deployment.am.ingress.websub.annotations` | Ingress resource annotations for API Manager Gateway WebSub | Community NGINX Ingress controller annotations | **Note**: The above mentioned default, minimum resource amounts for running WSO2 API Manager server profiles are based on its [official documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/). -###### Analytics Dashboard Runtime Configurations - -| Parameter | Description | Default Value | -|-------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.dashboard.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.dashboard.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-dashboard` | -| `wso2.deployment.analytics.dashboard.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.dashboard.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.dashboard.replicas` | Number of replicas of API Manager Analytics to be started | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxSurge` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 1 | -| `wso2.deployment.analytics.dashboard.strategy.rollingUpdate.maxUnavailable` | Refer to [doc](https://v1-14.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#deploymentstrategy-v1-apps) | 0 | -| `wso2.deployment.analytics.dashboard.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.dashboard.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.dashboard.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.dashboard.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.dashboard.config` | Custom deployment configuration file (`/conf/dashboard/deployment.yaml`) | - | -| `wso2.deployment.analytics.dashboard.ingress.hostname` | Hostname for API Manager Analytics Dashboard | `analytics.am.wso2.com` | -| `wso2.deployment.analytics.dashboard.ingress.annotations` | Ingress resource annotations for API Manager Analytics Dashboard | Community NGINX Ingress controller annotations | - -###### Analytics Worker Runtime Configurations - -| Parameter | Description | Default Value | -|----------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|-----------------------------| -| `wso2.deployment.analytics.worker.dockerRegistry` | Registry location of the Docker image to be used to create an API Manager Analytics instance | - | -| `wso2.deployment.analytics.worker.imageName` | Name of the Docker image to be used to create an API Manager Analytics instance | `wso2am-analytics-worker` | -| `wso2.deployment.analytics.worker.imageTag` | Tag of the image used to create an API Manager Analytics instance | 3.2.0 | -| `wso2.deployment.analytics.worker.imagePullPolicy` | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images) | `Always` | -| `wso2.deployment.analytics.worker.livenessProbe.initialDelaySeconds` | Initial delay for the live-ness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.livenessProbe.periodSeconds` | Period of the live-ness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.readinessProbe.initialDelaySeconds` | Initial delay for the readiness probe for API Manager Analytics node | 20 | -| `wso2.deployment.analytics.worker.readinessProbe.periodSeconds` | Period of the readiness probe for API Manager Analytics node | 10 | -| `wso2.deployment.analytics.worker.resources.requests.memory` | The minimum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.requests.cpu` | The minimum amount of CPU that should be allocated for a Pod | 2000m | -| `wso2.deployment.analytics.worker.resources.limits.memory` | The maximum amount of memory that should be allocated for a Pod | 4Gi | -| `wso2.deployment.analytics.worker.resources.limits.cpu` | The maximum amount of CPU that should be allocated for a Pod | 2000m | - -###### Kubernetes Specific Configurations +## Kubernetes Specific Configurations | Parameter | Description | Default Value | |---------------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------| diff --git a/simple/am-single/templates/NOTES.txt b/simple/am-single/templates/NOTES.txt index bb9b557e..63bb20c5 100644 --- a/simple/am-single/templates/NOTES.txt +++ b/simple/am-single/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher, DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. diff --git a/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml index f4b52e74..50dedcda 100644 --- a/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml +++ b/simple/am-single/templates/am/instance/wso2am-single-node-am-conf.yaml @@ -123,11 +123,18 @@ data: #[apim.cache.tags] #expiry_time = "2m" - + + {{ if .Values.wso2.choreoAnalytics.enabled }} + [apim.analytics] + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} [apim.analytics] enable = false - config_endpoint = "https://localhost:8080/auth/v1" + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" diff --git a/simple/am-single/values.yaml b/simple/am-single/values.yaml index b6de1a8d..ecd00ddb 100644 --- a/simple/am-single/values.yaml +++ b/simple/am-single/values.yaml @@ -20,6 +20,11 @@ wso2: username: "" password: "" + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + deployment: dependencies: # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster @@ -50,9 +55,9 @@ wso2: am: # Container image configurations # If a custom image must be used, uncomment 'dockerRegistry' and provide its value - dockerRegistry: "192.168.1.5:5000" + # dockerRegistry: "" imageName: "wso2am" - imageTag: "4.0.0-rc" + imageTag: "4.0.0" # Refer to the Kubernetes documentation on updating images (https://kubernetes.io/docs/concepts/containers/images/#updating-images) imagePullPolicy: Always From 36b1d05b68022a3b1bfd9d7c877c3d65fea77cbf Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Fri, 7 May 2021 11:01:17 +0530 Subject: [PATCH 20/34] Add analytics configs to patterns and update docs --- advanced/am-pattern-1/README.md | 15 ++++++++++++++- .../am/instance-1/wso2am-pattern-1-am-conf.yaml | 9 ++++++++- .../am/instance-2/wso2am-pattern-1-am-conf.yaml | 9 ++++++++- advanced/am-pattern-1/values.yaml | 5 +++++ advanced/am-pattern-2/README.md | 14 ++++++++++++++ advanced/am-pattern-2/values.yaml | 5 +++++ advanced/am-pattern-3/README.md | 14 ++++++++++++++ .../gateway/wso2am-pattern-3-am-gateway-conf.yaml | 12 ++++++++++++ advanced/am-pattern-3/values.yaml | 5 +++++ 9 files changed, 85 insertions(+), 3 deletions(-) diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index 09ce1ca1..08a8a847 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -135,6 +135,17 @@ From the above Helm commands, base image of a Micro Integrator is deployed (with > helm install wso2/am-pattern-1 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= > ``` +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +``` +helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP @@ -204,7 +215,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | - +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. ###### Chart Dependencies diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml index 63ba575d..e947cf77 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml @@ -124,10 +124,17 @@ data: #[apim.cache.tags] #expiry_time = "2m" + {{ if .Values.wso2.choreoAnalytics.enabled }} + [apim.analytics] + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} [apim.analytics] enable = false - config_endpoint = "https://localhost:8080/auth/v1" + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml index 0d8c9fdb..c9ba345c 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml @@ -124,10 +124,17 @@ data: #[apim.cache.tags] #expiry_time = "2m" + {{ if .Values.wso2.choreoAnalytics.enabled }} + [apim.analytics] + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} [apim.analytics] enable = false - config_endpoint = "https://localhost:8080/auth/v1" + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" auth_token = "" + {{ end }} #[apim.key_manager] #service_url = "https://localhost:${mgt.transport.https.port}/services/" diff --git a/advanced/am-pattern-1/values.yaml b/advanced/am-pattern-1/values.yaml index 45ff071d..994bc639 100644 --- a/advanced/am-pattern-1/values.yaml +++ b/advanced/am-pattern-1/values.yaml @@ -20,6 +20,11 @@ wso2: username: "" password: "" + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + deployment: dependencies: # The configuration should be set to be 'true' if a MySQL database should be spawned as a pod within the cluster diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 54671a48..4a380c81 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -138,6 +138,17 @@ From the above Helm commands, base image of a Micro Integrator is deployed (with > helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= > ``` +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +``` +helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP @@ -215,6 +226,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index 123fb960..0f35ce54 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -20,6 +20,11 @@ wso2: username: "" password: "" + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" + deployment: mi: # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. diff --git a/advanced/am-pattern-3/README.md b/advanced/am-pattern-3/README.md index ee5acba7..4324f309 100644 --- a/advanced/am-pattern-3/README.md +++ b/advanced/am-pattern-3/README.md @@ -135,6 +135,17 @@ From the above Helm commands, base image of a Micro Integrator is deployed (with > helm install wso2/am-pattern-3 --version 4.0.0-1 --namespace --set wso2.deployment.mi.dockerRegistry= --set wso2.deployment.mi.imageName= --set wso2.deployment.mi.imageTag= --set wso2.deployment.mi.imagePullSecrets= > ``` +### Choreo Analytics + +If you need to enable Choreo Analytics with WSO2 API Manager, please follow the documentation on [Register for Analytics](https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/) to obtain the on-prem key for Analytics. + +The following example shows how to enable Analytics with the helm charts. + +``` +helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= +``` + +You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP @@ -198,6 +209,9 @@ The following tables lists the configurable parameters of the chart and their de |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------| | `wso2.subscription.username` | Your WSO2 Subscription username | - | | `wso2.subscription.password` | Your WSO2 Subscription password | - | +| `wso2.choreoAnalytics.enabled` | Chorero Analytics enabled or not | false | +| `wso2.choreoAnalytics.endpoint` | Choreo Analytics endpoint | https://analytics-event-auth.choreo.dev/auth/v1 | +| `wso2.choreoAnalytics.onpremKey` | On-prem key for Choreo Analytics | - | If you do not have an active WSO2 subscription, **do not change** the parameters `wso2.subscription.username` and `wso2.subscription.password`. diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index 6e40b33a..61cb94ee 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -58,6 +58,18 @@ data: type = "JKS" password = "wso2carbon" + {{ if .Values.wso2.choreoAnalytics.enabled }} + [apim.analytics] + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} + # key manager implementation [apim.key_manager] service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" diff --git a/advanced/am-pattern-3/values.yaml b/advanced/am-pattern-3/values.yaml index 8ecde483..4f98585a 100644 --- a/advanced/am-pattern-3/values.yaml +++ b/advanced/am-pattern-3/values.yaml @@ -19,6 +19,11 @@ wso2: subscription: username: "" password: "" + + choreoAnalytics: + enabled: false + endpoint: "" + onpremKey: "" deployment: dependencies: From 381d98dad2ece57c081a24da568e5305aafe1dbf Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Fri, 7 May 2021 11:13:55 +0530 Subject: [PATCH 21/34] Update docs for analytics --- advanced/am-pattern-1/README.md | 8 ++++++++ advanced/am-pattern-1/values.yaml | 2 ++ advanced/am-pattern-2/README.md | 8 ++++++++ advanced/am-pattern-2/values.yaml | 2 ++ advanced/am-pattern-3/README.md | 8 ++++++++ advanced/am-pattern-3/values.yaml | 2 ++ simple/am-single/README.md | 8 ++++++++ simple/am-single/values.yaml | 2 ++ 8 files changed, 40 insertions(+) diff --git a/advanced/am-pattern-1/README.md b/advanced/am-pattern-1/README.md index 08a8a847..52b429d8 100644 --- a/advanced/am-pattern-1/README.md +++ b/advanced/am-pattern-1/README.md @@ -141,10 +141,18 @@ If you need to enable Choreo Analytics with WSO2 API Manager, please follow the The following example shows how to enable Analytics with the helm charts. +Helm v2 + ``` helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= ``` +Helm v3 + +``` +helm install wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP diff --git a/advanced/am-pattern-1/values.yaml b/advanced/am-pattern-1/values.yaml index 994bc639..cd6608cc 100644 --- a/advanced/am-pattern-1/values.yaml +++ b/advanced/am-pattern-1/values.yaml @@ -20,6 +20,8 @@ wso2: username: "" password: "" + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). choreoAnalytics: enabled: false endpoint: "" diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 4a380c81..1ad7a9f7 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -144,10 +144,18 @@ If you need to enable Choreo Analytics with WSO2 API Manager, please follow the The following example shows how to enable Analytics with the helm charts. +Helm v2 + ``` helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= ``` +Helm v3 + +``` +helm install wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index 0f35ce54..69a0d96f 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -20,6 +20,8 @@ wso2: username: "" password: "" + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). choreoAnalytics: enabled: false endpoint: "" diff --git a/advanced/am-pattern-3/README.md b/advanced/am-pattern-3/README.md index 4324f309..b93a1d23 100644 --- a/advanced/am-pattern-3/README.md +++ b/advanced/am-pattern-3/README.md @@ -141,10 +141,18 @@ If you need to enable Choreo Analytics with WSO2 API Manager, please follow the The following example shows how to enable Analytics with the helm charts. +Helm v2 + ``` helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= ``` +Helm v3 + +``` +helm install wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP diff --git a/advanced/am-pattern-3/values.yaml b/advanced/am-pattern-3/values.yaml index 4f98585a..917e7d9b 100644 --- a/advanced/am-pattern-3/values.yaml +++ b/advanced/am-pattern-3/values.yaml @@ -20,6 +20,8 @@ wso2: username: "" password: "" + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). choreoAnalytics: enabled: false endpoint: "" diff --git a/simple/am-single/README.md b/simple/am-single/README.md index 2206337a..89a4c9ea 100644 --- a/simple/am-single/README.md +++ b/simple/am-single/README.md @@ -124,10 +124,18 @@ If you need to enable Choreo Analytics with WSO2 API Manager, please follow the The following example shows how to enable Analytics with the helm charts. +Helm v2 + ``` helm install --name wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= ``` +Helm v3 + +``` +helm install wso2/am-single-node --version 4.0.0-1 --namespace --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint= --set wso2.choreoAnalytics.onpremKey= --create-namespace +``` + You will be able to see the Analytics data when you log into Choreo Analytics Portal. ### 2. Obtain the external IP diff --git a/simple/am-single/values.yaml b/simple/am-single/values.yaml index ecd00ddb..e79c2126 100644 --- a/simple/am-single/values.yaml +++ b/simple/am-single/values.yaml @@ -20,6 +20,8 @@ wso2: username: "" password: "" + # WSO2 Choreo Analytics Parameters + # If provided, these parameters will be used publish analytics data to Choreo Analytics environment (https://apim.docs.wso2.com/en/latest/observe/api-manager-analytics/configure-analytics/register-for-analytics/). choreoAnalytics: enabled: false endpoint: "" From 7300e9732e636937b61512c15472d203371b36dc Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Fri, 7 May 2021 11:42:30 +0530 Subject: [PATCH 22/34] Add initContainers and update docs --- advanced/am-pattern-1/templates/NOTES.txt | 2 +- .../mi/instance-1/wso2am-pattern-1-mi-deployment.yaml | 4 ++++ advanced/am-pattern-2/templates/NOTES.txt | 2 +- .../mi/instance-2/wso2am-pattern-2-mi-deployment.yaml | 4 ++++ .../am/gateway/wso2am-pattern-3-am-gateway-conf.yaml | 5 ----- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/advanced/am-pattern-1/templates/NOTES.txt b/advanced/am-pattern-1/templates/NOTES.txt index 07014b61..940feff1 100644 --- a/advanced/am-pattern-1/templates/NOTES.txt +++ b/advanced/am-pattern-1/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher and DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. diff --git a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml index fc270b2e..1b7ed1bb 100644 --- a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml @@ -35,6 +35,10 @@ spec: deployment: {{ template "am-pattern-1.resource.prefix" . }}-mi node: {{ template "am-pattern-1.resource.prefix" . }}-mi-1 spec: + initContainers: + - name: init-am + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager has started";'] containers: - name: wso2micro-integrator {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} diff --git a/advanced/am-pattern-2/templates/NOTES.txt b/advanced/am-pattern-2/templates/NOTES.txt index dee145ec..3ed9cd07 100644 --- a/advanced/am-pattern-2/templates/NOTES.txt +++ b/advanced/am-pattern-2/templates/NOTES.txt @@ -1,6 +1,6 @@ Thank you for installing WSO2 API Manager. -Please follow these steps to access API Manager Publisher, DevPortal consoles and Analytics Dashboard. +Please follow these steps to access API Manager Publisher and DevPortal consoles. 1. Obtain the external IP (`EXTERNAL-IP`) of the API Manager Ingress resources, by listing down the Kubernetes Ingresses. diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml index e89d7f66..d0b61a81 100644 --- a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml @@ -35,6 +35,10 @@ spec: deployment: {{ template "am-pattern-2.resource.prefix" . }}-mi node: {{ template "am-pattern-2.resource.prefix" . }}-mi-2 spec: + initContainers: + - name: init-am + image: busybox:1.32 + command: ['sh', '-c', 'echo -e "Checking for the availability of API Manager deployment"; while ! nc -z {{ template "am-pattern-1.resource.prefix" . }}-am-service 9443; do sleep 1; printf "-"; done; echo -e " >> API Manager has started";'] containers: - name: wso2micro-integrator {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.mi) | indent 10 }} diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index 61cb94ee..23426795 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -111,11 +111,6 @@ data: traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" - [apim.analytics] - enable = false - config_endpoint = "https://localhost:8080/auth/v1" - auth_token = "" - # Caches [apim.cache.gateway_token] enable = true From b27fa827cc4153a4377893635f8f978ba1b51777 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 11:44:51 +0530 Subject: [PATCH 23/34] override pattern-1 prefix in pattern-2 --- advanced/am-pattern-2/templates/_helpers.tpl | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/advanced/am-pattern-2/templates/_helpers.tpl b/advanced/am-pattern-2/templates/_helpers.tpl index 90484fb1..3feba3d3 100644 --- a/advanced/am-pattern-2/templates/_helpers.tpl +++ b/advanced/am-pattern-2/templates/_helpers.tpl @@ -64,6 +64,13 @@ Common prefix prepended to Kubernetes resources of this chart {{- "wso2am-pattern-2" }} {{- end -}} +{{/* +Common prefix prepended to Kubernetes resources of this chart +*/}} +{{- define "am-pattern-1.resource.prefix" -}} +{{- "wso2am-pattern-2" }} +{{- end -}} + {{- define "image" }} {{- $imageName := .deployment.imageName }} {{- $imageTag := .deployment.imageTag | default "" }} From 13f482adc1c4bdba4bf82a82ae1a700fe386b710 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 12:59:21 +0530 Subject: [PATCH 24/34] adding condition to imageName definition in helpers --- advanced/am-pattern-1/templates/_helpers.tpl | 2 +- advanced/am-pattern-2/templates/_helpers.tpl | 2 +- advanced/am-pattern-3/templates/_helpers.tpl | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/am-pattern-1/templates/_helpers.tpl b/advanced/am-pattern-1/templates/_helpers.tpl index b51897aa..f26bdc34 100644 --- a/advanced/am-pattern-1/templates/_helpers.tpl +++ b/advanced/am-pattern-1/templates/_helpers.tpl @@ -73,7 +73,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} diff --git a/advanced/am-pattern-2/templates/_helpers.tpl b/advanced/am-pattern-2/templates/_helpers.tpl index 3feba3d3..962fe5eb 100644 --- a/advanced/am-pattern-2/templates/_helpers.tpl +++ b/advanced/am-pattern-2/templates/_helpers.tpl @@ -80,7 +80,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} diff --git a/advanced/am-pattern-3/templates/_helpers.tpl b/advanced/am-pattern-3/templates/_helpers.tpl index a0c6813e..59870ce6 100644 --- a/advanced/am-pattern-3/templates/_helpers.tpl +++ b/advanced/am-pattern-3/templates/_helpers.tpl @@ -73,7 +73,7 @@ image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}{{- {{- else }} {{- $dockerRegistry := .deployment.dockerRegistry | default "docker.wso2.com" }} {{- $parts := len (split "." $imageTag) }} -{{- if eq $parts 3 }} +{{- if and (eq $parts 3) (eq $dockerRegistry "docker.wso2.com") }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}.0{{- end }} {{- else }} image: {{ $dockerRegistry }}/{{ $imageName }}{{- if not (eq $imageTag "") }}:{{ $imageTag }}{{- end }} From d06aae7b3e3ba13e7d4e05efd17a01e2421ba6f7 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 12:59:55 +0530 Subject: [PATCH 25/34] adding condition to create secret yaml for mi deployments --- .../am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml | 2 +- advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml | 2 +- .../am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml index 8f5f1ad5..a1d84d06 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} # Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml index b354d7ed..f63b7704 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml +++ b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml index 6792a2ba..8d8b40e8 100644 --- a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); From ab48945848cfab5416bcfb30caa77002bc8b411d Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 13:20:21 +0530 Subject: [PATCH 26/34] update the pattern 2 readme file --- advanced/am-pattern-2/README.md | 40 +++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/advanced/am-pattern-2/README.md b/advanced/am-pattern-2/README.md index 1ad7a9f7..270e84df 100644 --- a/advanced/am-pattern-2/README.md +++ b/advanced/am-pattern-2/README.md @@ -49,20 +49,20 @@ For advanced details on the deployment pattern, please refer to the official You can install the relevant Helm chart either from [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) or by source. **Note:** - +* This Helm chart has been implemented by extending the `advance/am-pattern-1` Helm resource. * `NAMESPACE` should be the Kubernetes Namespace in which the resources are deployed. #### Install Chart From [WSO2 Helm Chart Repository](https://hub.helm.sh/charts/wso2) - Helm version 2 +Deploy the Kubernetes resources using the Helm Chart - ``` - helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace - ``` +- Helm version 2 - Helm version 3 + ``` + helm install --name wso2/am-pattern-2 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` helm install wso2/am-pattern-2 --version 4.0.0-1 --namespace --create-namespace @@ -75,6 +75,18 @@ please provide your WSO2 Subscription credentials via input values (using `--set Please see the following example. +- To provide WSO2 Subscription credentials for WSO2 API Manager and WSO2 Micro Integrator as in pattern 1 + ``` + --set am-pattern-1.wso2.subscription.username=$SUBSCRIPTION_USERNAME --set am-pattern-1.wso2.subscription.password=$SUBSCRIPTION_PASSWORD + ``` + +- To provide WSO2 Subscription credentials for additional WSO2 Micro Integrator deployment for the new tenant + ``` + --set wso2.subscription.username=$SUBSCRIPTION_USERNAME --set wso2.subscription.password=$SUBSCRIPTION_PASSWORD + ``` + +Below example is to provide WSO2 Subscription credentials for all WSO2 API Manager and WSO2 Micro Integrator tenant 1 and tenant 2 deployments + ``` export SUBSCRIPTION_USERNAME= export SUBSCRIPTION_PASSWORD= @@ -97,15 +109,15 @@ git clone https://github.com/wso2/kubernetes-apim.git ##### Deploy Helm chart for WSO2 API Manager Pattern 2 deployment. - Helm version 2 - - ``` - helm install --dep-up --name /am-pattern-2 --version 4.0.0-1 --namespace - ``` +Deploy the Kubernetes resources using the Helm Chart + +- Helm version 2 - Helm version 3 + ``` + helm install --dep-up --name /am-pattern-2 --version 4.0.0-1 --namespace + ``` - - Deploy the Kubernetes resources using the Helm Chart +- Helm version 3 ``` helm install /am-pattern-2 --version 4.0.0-1 --namespace --dependency-update --create-namespace From 7887bb5459ea002eb9c0bbd213601bb9a240f644 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 14:06:07 +0530 Subject: [PATCH 27/34] refactoring mi-secret yaml configs --- .../mi/instance-1/wso2am-pattern-1-mi-deployment.yaml | 2 +- .../am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml | 4 ++-- .../mi/instance-2/wso2am-pattern-2-mi-deployment.yaml | 2 +- advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml | 4 ++-- .../mi/instance-1/wso2am-pattern-3-mi-deployment.yaml | 2 +- .../am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml index 1b7ed1bb..e19a266c 100644 --- a/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml +++ b/advanced/am-pattern-1/templates/mi/instance-1/wso2am-pattern-1-mi-deployment.yaml @@ -94,5 +94,5 @@ spec: - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-wso2-private-registry-creds + - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-wso2-private-registry-creds {{ end }} diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml index a1d84d06..072cc697 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} # Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-1.resource.prefix" . }}-mi-wso2-private-registry-creds + name: {{ template "am-pattern-1.resource.prefix" . }}-mi-1-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml index d0b61a81..e3c18adf 100644 --- a/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml +++ b/advanced/am-pattern-2/templates/mi/instance-2/wso2am-pattern-2-mi-deployment.yaml @@ -94,5 +94,5 @@ spec: - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-2.resource.prefix" . }}-mi-wso2-private-registry-creds + - name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-wso2-private-registry-creds {{ end }} diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml index f63b7704..0888bf85 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml +++ b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -22,7 +22,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-2.resource.prefix" . }}-mi-wso2-private-registry-creds + name: {{ template "am-pattern-2.resource.prefix" . }}-mi-2-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: diff --git a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml index 7d5e1816..815d31ca 100644 --- a/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml +++ b/advanced/am-pattern-3/templates/mi/instance-1/wso2am-pattern-3-mi-deployment.yaml @@ -97,5 +97,5 @@ spec: - name: {{ .Values.wso2.deployment.mi.imagePullSecrets }} {{- else if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) }} imagePullSecrets: - - name: {{ template "am-pattern-3.resource.prefix" . }}-mi-wso2-private-registry-creds + - name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-wso2-private-registry-creds {{ end }} diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml index 8d8b40e8..6d6fe4a1 100644 --- a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -22,7 +22,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "am-pattern-3.resource.prefix" . }}-mi-wso2-private-registry-creds + name: {{ template "am-pattern-3.resource.prefix" . }}-mi-1-wso2-private-registry-creds namespace: {{ .Release.Namespace }} type: kubernetes.io/dockerconfigjson data: From 5e1a4e81e3a15671f4af034a085ebfb102199c9d Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 14:08:29 +0530 Subject: [PATCH 28/34] refactoring pattern-2 values yaml configs --- advanced/am-pattern-2/values.yaml | 55 ------------------- .../wso2am-pattern-3-mi-secrets.yaml | 2 +- 2 files changed, 1 insertion(+), 56 deletions(-) diff --git a/advanced/am-pattern-2/values.yaml b/advanced/am-pattern-2/values.yaml index 69a0d96f..e1c90e8e 100644 --- a/advanced/am-pattern-2/values.yaml +++ b/advanced/am-pattern-2/values.yaml @@ -253,61 +253,6 @@ am-pattern-1: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - mi2: - # If a custom image must be used, uncomment 'dockerRegistry' and provide its value. - # dockerRegistry: "" - imageName: "wso2mi" - imageTag: "4.0.0" - # Number of deployment replicas - replicas: 2 - strategy: - rollingUpdate: - # The maximum number of pods that can be scheduled above the desired number of pods. - maxSurge: 1 - # The maximum number of pods that can be unavailable during the update. - maxUnavailable: 0 - # Indicates whether the container is running. - livenessProbe: - # Number of seconds after the container has started before liveness probes are initiated. - initialDelaySeconds: 35 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # Indicates whether the container is ready to service requests. - readinessProbe: - # Number of seconds after the container has started before readiness probes are initiated. - initialDelaySeconds: 35 - # How often (in seconds) to perform the probe. - periodSeconds: 10 - # These are the minimum resource recommendations for running WSO2 Micro Integrator - resources: - requests: - # The minimum amount of memory that should be allocated for a Pod - memory: "512Mi" - # The minimum amount of CPU that should be allocated for a Pod - cpu: "500m" - limits: - # The maximum amount of memory that should be allocated for a Pod - memory: "1Gi" - # The maximum amount of CPU that should be allocated for a Pod - cpu: "1000m" - # Environment variables for the Micro integrator deployment. - envs: - # ENV_NAME: ENV_VALUE - # Configure synapse testing. - synapseTest: - enabled: false - - # Configure Ingresses - ingress: - # Configure management ingress - management: - # Hostname for the Micro Integrator management endpoint. - hostname: "tenant2.management.mi.wso2.com" - # Annotations for the Micro Integrator management Ingress. - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - kubernetes: # Name of Kubernetes service account serviceAccount: *service_account diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml index 6d6fe4a1..4e4baf9d 100644 --- a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (not (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com"))}} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); From 593fa725a3f7e568a92b0eb6369df6bc68043b83 Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 16:56:46 +0530 Subject: [PATCH 29/34] updating secret yaml files of mi --- .../templates/am/instance-2/wso2am-pattern-1-am-service.yaml | 3 +++ .../am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml | 2 +- advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml | 2 +- .../am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml index 17d783ea..ebc557f2 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-service.yaml @@ -33,3 +33,6 @@ spec: - name: jms-tcp protocol: TCP port: 5672 + - name: servlet-https + protocol: TCP + port: 9443 diff --git a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml index 072cc697..d844e209 100644 --- a/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml +++ b/advanced/am-pattern-1/templates/wso2am-pattern-1-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} # Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml index 0888bf85..0041fb41 100644 --- a/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml +++ b/advanced/am-pattern-2/templates/wso2am-pattern-2-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml index 4e4baf9d..3745715d 100644 --- a/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml +++ b/advanced/am-pattern-3/templates/wso2am-pattern-3-mi-secrets.yaml @@ -1,4 +1,4 @@ -{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq .Values.wso2.deployment.mi.dockerRegistry "docker.wso2.com") }} +{{ if and (not (eq .Values.wso2.subscription.username "")) (not (eq .Values.wso2.subscription.password "")) (eq (default "docker.wso2.com" .Values.wso2.deployment.mi.dockerRegistry) "docker.wso2.com") }} # Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); From cf2036f5f778ba163adc00dbbf093d361a58beef Mon Sep 17 00:00:00 2001 From: Sajitha Liyanage Date: Fri, 7 May 2021 18:44:21 +0530 Subject: [PATCH 30/34] Adding allowall config to am passthrugh sender --- .../templates/am/instance-1/wso2am-pattern-1-am-conf.yaml | 3 +++ .../templates/am/instance-2/wso2am-pattern-1-am-conf.yaml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml index e947cf77..34e53dd5 100644 --- a/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml @@ -289,6 +289,9 @@ data: [transport.https.properties] proxyPort = 443 + [transport.passthru_https.sender.parameters] + HostnameVerifier = "AllowAll" + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" diff --git a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml index c9ba345c..6f297367 100644 --- a/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml +++ b/advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml @@ -289,6 +289,9 @@ data: [transport.https.properties] proxyPort = 443 + [transport.passthru_https.sender.parameters] + HostnameVerifier = "AllowAll" + {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }} [database.local] url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" From 839023b1c20c35f1cf089436fa2de316c7f7545f Mon Sep 17 00:00:00 2001 From: Rakhitha Ranathunge Date: Fri, 7 May 2021 20:27:41 +0530 Subject: [PATCH 31/34] Fix minor bugs and update docs --- CHANGELOG.md | 67 +++--------------- README.md | 4 +- .../wso2am-pattern-3-am-gateway-conf.yaml | 35 ++++----- simple/README.md | 51 ------------- simple/am-single/auth.json | 2 +- simple/am-single/values.yaml | 6 +- simple/apim_simple.png | Bin 166188 -> 0 bytes 7 files changed, 28 insertions(+), 137 deletions(-) delete mode 100644 simple/README.md delete mode 100644 simple/apim_simple.png diff --git a/CHANGELOG.md b/CHANGELOG.md index e0830686..e4d37bb8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,70 +1,23 @@ # Changelog -All notable changes to Kubernetes and Helm resources for WSO2 API Management version `3.2.x` in each resource release, +All notable changes to Kubernetes and Helm resources for WSO2 API Management version `4.0.x` in each resource release, will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) -## [v3.2.0.4] - 2021-05-03 - -### Changed - -- Use MySQL, nfs-server-provisioner from WSO2 repo (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/488)) - -For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.4](https://github.com/wso2/kubernetes-apim/milestone/20). - -## [v3.2.0.3] - 2020-12-17 - -### Changed - -- Use Updates 2.0 images when subscription is enabled (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/478)) -- Change MySQL dependency to bitnami repo (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/479)) -- Use nfs-server-provisioner from kvaps (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/481)) - -## [v3.2.0.2] - 2020-09-16 - -### Changed - -- [[Simplified Setup](https://github.com/wso2/kubernetes-apim/tree/master/simple)] Reduce resource requests of the simplified kubernetes resources. (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/459)) - -### Fixed - -- [[Simplified Setup](https://github.com/wso2/kubernetes-apim/tree/master/simple)] Update auth.config URLs in analytics dashboard to support access to analytics dashboard with Docker Desktop. (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/460)) - -For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.2](https://github.com/wso2/kubernetes-apim/milestone/17) - -## [v3.2.0.1] - 2020-08-28 - -### Environments - -- Successful evaluation of API Manager Helm charts in AWS Elastic Kubernetes Service (EKS) (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/432)) -- Successful evaluation of Ceph File System (CephFS) as a Persistent Storage Solution (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/410)) +## [v4.0.0.1] - 2021-05-07 ### Added -- Introduce Kubernetes resources for a simplified setup of WSO2 API Management version `3.2.0` (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/428)) -- Introduce Helm charts for WSO2 API Management version `3.2.0` production grade deployment patterns (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/399)) -- Add options to define volume capacities for persistent storage (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/406)) -- Add JVM memory allocation user input option (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/375)) -- Add mechanism to introduce MySQL JDBC driver to the product containers since [it is not packaged in product container images](https://github.com/wso2/docker-apim/issues/321) - (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/427)) -- Add user input option to set Ingress class and annotations (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/446)) -- Test and document managing custom keystores and truststores (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/401)) - -### Changed +- Helm resources for API Manager Single Node Deployment (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/498)). +- Helm resources for API Manager Advanced deployment patterns (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/499)). +- Helm resources for MySQL (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/504)). +- Configurations for Choreo Analytics (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/500)). -- Upgrade the base MySQL Helm chart version (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/445)) -- Upgrade MySQL Docker image tag version (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/430)) +### Removed -### Fixed - -- Use Kubernetes StatefulSet resources to define API Manager Key Manager deployments (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/436)) +- Helm resources for API Manager Analytics. +- Script based K8s deployment to API Manager Simple deployment. For detailed information on the tasks carried out during this release, please see the GitHub milestone -[v3.2.0.1](https://github.com/wso2/kubernetes-apim/milestone/15) - -[v3.2.0.3]: https://github.com/wso2/kubernetes-apim/compare/v3.2.0.3...v3.2.0.3 -[v3.2.0.2]: https://github.com/wso2/kubernetes-apim/compare/v3.2.0.1...v3.2.0.2 -[v3.2.0.1]: https://github.com/wso2/kubernetes-apim/compare/v3.1.0.3...v3.2.0.1 +[v4.0.0.1](https://github.com/wso2/kubernetes-apim/milestone/22) diff --git a/README.md b/README.md index cd3edc31..fde043b8 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ ### Simple -* [Simplified Setup](simple/README.md) +* [Single Node](simple/am-single/README.md) ### Advanced @@ -18,7 +18,7 @@ ## Changelog -**Change log** from previous `v3.2.0.1` release: [View Here](CHANGELOG.md) +**Change log** from previous `v3.2.0.4` release: [View Here](https://github.com/wso2/kubernetes-apim/blob/3.2.x/CHANGELOG.md) ## Reporting issues diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml index 23426795..c91ebad6 100644 --- a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml +++ b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml @@ -58,18 +58,6 @@ data: type = "JKS" password = "wso2carbon" - {{ if .Values.wso2.choreoAnalytics.enabled }} - [apim.analytics] - enable = true - config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" - auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" - {{ else }} - [apim.analytics] - enable = false - config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" - auth_token = "" - {{ end }} - # key manager implementation [apim.key_manager] service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/" @@ -111,6 +99,18 @@ data: traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] type = "loadbalance" + {{ if .Values.wso2.choreoAnalytics.enabled }} + [apim.analytics] + enable = true + config_endpoint = "{{ .Values.wso2.choreoAnalytics.endpoint }}" + auth_token = "{{ .Values.wso2.choreoAnalytics.onpremKey }}" + {{ else }} + [apim.analytics] + enable = false + config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1" + auth_token = "" + {{ end }} + # Caches [apim.cache.gateway_token] enable = true @@ -140,15 +140,4 @@ data: [transport.passthru_https.sender.parameters] HostnameVerifier = "AllowAll" - [apim.event_hub] - service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:9443" - event_listening_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"] - - [[apim.event_hub.publish.url_group]] - urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"] - auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"] {{- end }} diff --git a/simple/README.md b/simple/README.md deleted file mode 100644 index e8cd640d..00000000 --- a/simple/README.md +++ /dev/null @@ -1,51 +0,0 @@ -# Simplified setup for WSO2 Kubernetes API Manager - -![WSO2 API Manager Deployment](apim_simple.png) - -## Contents - -* [Prerequisites](#prerequisites) -* [Quick Start Guide](#quick-start-guide) - -## Prerequisites - -* Install [Kubernetes Client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) in order to run the steps provided in the following Quick Start Guide. - -* An already setup Kubernetes cluster. If you haven’t already setup a K8s cluster Refer [the guide](https://kubernetes.io/docs/setup/learning-environment/minikube/). - >This artifact doesn't support [Docker Desktop](https://www.docker.com/products/docker-desktop). - -* WSO2 subscribed users can run [wso2am-latest.sh](https://github.com/wso2/kubernetes-apim/blob/3.2.x/simple/deployment-scripts/wso2am-latest.sh) with the latest updates by providing their subscription Username and Password. If you do not possess an active WSO2 subscription already, run [wso2am-ga.sh](https://github.com/wso2/kubernetes-apim/blob/3.2.x/simple/deployment-scripts/wso2am-ga.sh) which does not require subscription credentials. -Further users can acquire a subscription by referring to this [link](https://wso2.com/subscription). - -*From this point forward the respective script (wso2am-ga.sh and wso2am-latest.sh) will be identified as SIMPLIFIED_SCRIPT* - -## Quick Start Guide - -1. Download(https://github.com/wso2/kubernetes-apim/tree/3.2.x/simple/deployment-scripts) simplified Kubernetes setup - (SIMPLIFIED_SCRIPT) for WSO2 API Manager. - -2. In the command line, move into the directory where you have downloaded the SIMPLIFIED_SCRIPT. - -3. Provide permissions for the setup file to execute by running - -``` -chmod +x SIMPLIFIED_SCRIPT -``` - -4. Run the following command on your terminal. This will deploy WSO2 API Manager in your cluster. - -``` -./SIMPLFIED_SCRIPT --deploy -``` - -5. Open a browser and go to -- https://:30443/carbon/ -- https://:30443/publisher/ -- https://:30443/devportal/ -- https://:30646/analytics-dashboard/ - -use username: admin and password: admin as default login credentials. - -*Your < NODE-IP > will be provided at the end of the deployment.* - -6. Try WSO2 API Manager by following **[WSO2 API Manager - Quick Start Guide](https://apim.docs.wso2.com/en/latest/GettingStarted/quick-start-guide/)**. diff --git a/simple/am-single/auth.json b/simple/am-single/auth.json index fbdc9cd0..453e366c 100644 --- a/simple/am-single/auth.json +++ b/simple/am-single/auth.json @@ -1,6 +1,6 @@ { "auths": { - "reg.Id": { + "reg.id": { "username": "docker.wso2.com.username", "password": "docker.wso2.com.password", "email": "docker.wso2.com.email", diff --git a/simple/am-single/values.yaml b/simple/am-single/values.yaml index e79c2126..eca5cc3f 100644 --- a/simple/am-single/values.yaml +++ b/simple/am-single/values.yaml @@ -97,11 +97,11 @@ wso2: # Maximum Heap size xmx: "1024m" - # If the deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml), + # If the deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml), # add the customized configuration file under (wso2 -> deployment -> am -> config -> deployment.toml) # config: "" # deployment.toml: |- -# # deployment configurations for the WSO2 API Manager v3.2.0 (/repository/conf/deployment.toml) +# # deployment configurations for the WSO2 API Manager v4.0.0 (/repository/conf/deployment.toml) # Configure Ingresses ingress: @@ -132,7 +132,7 @@ wso2: kubernetes: # Name of Kubernetes service account - serviceAccount: "wso2am-pattern-1-svc-account" + serviceAccount: "wso2am-single-node-svc-account" # Override sub chart parameters mysql-am: diff --git a/simple/apim_simple.png b/simple/apim_simple.png deleted file mode 100644 index bbe30a412e097b74623a0a133e2e6f0c215a8b3c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 166188 zcmV(lK=i+fP)nf@x9uJ{K6`Y~_HrpW(+*?%Ai0zmSA0Qi4E(gl!zU+dl@q2zf zuG_!op6B_Wd`Zs#G~>S?B~>x}_cLvLnyyR!fq3*k!28kv(UPngwsEchf$8^eY1oSH z{rw((Uk&Gd3Ev+O_+JqIU+n+BZ>eeOil9i9X8T%!@&CZs*N`H*n)(mKyzjf__uYX| zWWVwI3R5p*{~qCS@ISzRU=%0*LlW^>1GViJ6ycnnB=k?f*HV z6_@jW&pC=^ZN}l>(?H-qfA{izu-#Mf@6l=;t8W~ke_-w(n8}-@T9W=frTOoOHhNTO z;J6)_4n?cSD;M|sw~-;~|J#W9j@$hth2C=NuZfTo|$NoJj5+WB6r?PXiI+#-f!V$(0?M&&^$y+li1cfcu1LHqcP! z;Sc-TuYwjb{u<@ed&Bg-9G-=XOT1LKdV)Kopr}yIY7bXPx zO+R-ncl!PYh(c1&3)9=59?PM+Y;UmfAh|=z@kIkcoC$gE2UrpXo<4+^aS=`efrW}z ziLn{EKmDNN4R0dg39iP{LIY2{*P$tZPmz62%Xg+}+$+z5%wdFy_kR6u?JmjhO4R#S za8RNodxfHxScpKnOZ4gM}+`|m{3 zA-w(l;i5KSHt;pQdBfK*K3pu_ljIi^CQ$+3K(Iec&IN-_vBS5`?_1CP!&&u&glNS7 zohx4U4AdfNz;~z=_K?Oto)DYSc{xt~{fb*oI1ZATp7Og-P~`Kr!=JHG-oX`q!S#@& zv-YeHqat!2riPvR&mp@OP|F>Aql~`XoLipdZH#Z0bJ6O;2>1A>Ji|9{Rod;+IU?@Q zm&`&D^HlkfL7bTE!Dh<)bpWlF6JqMKCC=C^n(tU+ECPljy?*rC@;iOVaco-sMmj=* zTvL}};Bi}Db|nr`e!^UL_AhGQ7#KX*&O2E6G7Ae(QLpJP2a%C&2QUq2@k3n+nF-N_ z&-ff~?@Mumy889uG+fI#%%|##gaM`4+F^ZJtPhmW8n(!NA;n7=PV?7^L~7S zjB_`9@@k6*Uw^AG(JkyTnYB?>XvX;>RAnH{xv=d4+?pzi{qiWJ`z(V_+Yc}(_@K*d zhAAM?Lv`Y{SKT!U_$cLtw%L+~17=h>oX%W_$1FxFTpVKSkiQ#QTz=Z~ZND&VtW1{g zk89nbABImL7T}fbvL-;Z(mR`3!mx6>!p2mzcLy0sm%W%kS2TYiR1sCx2Wh8vw1oR1 zWWHSqxksUf62SBY|F465@+%oUJP(hsHA+6_&I?V55446@A*IHw9QCzHE*)u0>N3A4 z+h9Z!gJ3Fzu4jSxffl_oQj_WvwS2$}C;U#w@zp!=%=UMWoY;3*CeyTOee>1^Vtpfz zUN6}sn2kl{FDB(awY_cwv!5r<@B!earAJVGNKI((TIWJ_3}}(lH?!~X_HPk(0WPSw za`P=t8e31l@J0IuSARHXYZZC=CIyyuh~Ch%P%rM&1|4V00c2~UA)QTR-fp6dj8OjV z1=)?N=CHM1V%ew<&iWT{Ik811C_01PoaHHkF5nY^8tTcGLq}(B;W%8=DvxnNL<%Q^ z4{|fTnZIcZ&|51kTrb?k$h(#{Z+Pkf{$(=7eAU^>2H_fuUW#Jj)uf9`$0{XN#D_dw zX|2C)!joH-kUCRsaB|5*bXplG1g%?0+u4f-qE#mITiz7lHtyh6+ zTch2n_&@}}fp*WLXwqiHLR2{7RUwogR={tVYqG&M6wBsgP#Es%E*A-(p=b z$2x{H0~0QLZS$<3TP_E@F>LUy&4}Pbg-sBt{t^L(E%lk9xKTyhBk3=z=)*W}_Rhxa z$^CED?kZ}Il~bZ3$I0qniyNxgY{B4*CGtc%FTwkTWD50VFCOTB)y@EGMeoAO*<;Aq z$FH!*F^I1wD zh!Bk1=ss*Xm_%ftgqk3DaS)ZVjU3xSZdn^=Boki-VPD?~qIc6s2h$T5Qr*YGH~ats ztnI1YMBwi{@P@HoAMmg*89!th1PM`Ug&Z}p=>iVdB>#xO!vDgLcy$F{Y6!8LLXp3>0dyp_UuYtX%xk$sM3zc- zmlX{^6CwFnodud0m;1%0Xwdb++Nm?yWc>04FWRra2kNo~IvK?^bH&J3_zR(km#t4L z-pd86;3^+=C<*DFd+dbJWA(^t*}&@srMo*GBjH}bU=xmSd4w>dO+2Lfm_*-@Nv&YE zVk`Ha)0Xjgn2ASju4T>Tt;=GvhG9nui%5(^$81aIZhKM_`d8iRF3}^}obeE9V>Aei zKFW!FZ>63HvJx1(uVQWmp}TajAm<`sX9g?KQY5R~@Luc|c#8#xLB<|bz&0H#xIUxU zX@OKkX*n@WTSufd^Od0hW8gV^8Pngy9Aw5$6HG#32I_kJ1rI$Izn8ytK8PO2h5HyL z*dNwUGd1#-G)|c!PZJL5d*eUrxYsy4LWR^WVJ`dgJAcDhUqatXejf`Oa|51^f~(ZR z`A8b+X*Pykn$7OS^vozur=DkWhtfM7q`}?St*03Y+Lp*}Ll6E&IN+(XaDnvU#bzrG zl4a3J&wWBQyn33rH(WwQ%gMz_`VfC3nOeHXzLBh~=BTIfuk}zQffxdFx1TPp^}}AJ zMzs;0++;GsOJw_4L+>Q`frJi(X8bEMlwq|FVhAzUp1eb=Eb3dSuaaMdI22Z?_5Yk%Y<+{y1`%={oLB6MV@95wu{TB34o zaU*G$ecYC0kHMhC6LZj#g>pz}QFRX-V+ypwAIe1jd6qBv?dae`71Nt@ZWXht-?&ufz&=lTHlNd?yFM+&{`LU=`AEH=0e? z8EY+F5SV#N%%e>zN+FdtLJ%t$TFYVx92H05_tJ<^|E;P*~`K& z54Pz07GR{PL{x(9Ix{UtODGkQ@$i!TB3L1l1xYVp?`b>U6tkoQB8$#>V;H$?Z^a+!V`?5Lp z9BBvA=A~d&b*q#^A2Hc)?N8ZkH}Z~di_}kz1)2m}Msa$Y(|sVo7@MDIrJh^fZ&4l* zY3Cez#rTU>>>3c{y%qhGFLlo^dhyJmapkl-!0m6Z8;^^{{5X&NIv16LvS4Bw1y+aD1M$ZT}HYwH`PB#vGx!GQlEK+w0M z=4;M3%5@O}p;9noabuB2*(=lWvq8jw9ba({SXf7m`^b`aS0YVOPxo->)>>aG_k-!g zmr;pl61BE@uJZ`iRd9*<5%q==|Y53Oh$<-2$%3}z_ z;W^X9OTT(Wc9v5@&4|KH7sgqj=C3S{@((@YQSiu;}njW zV|tAe9Z@4T$9V>a4Tg%L9u){W4F(?)QN}e?j>IIEJ2L0}4HrbwJcGWH z-LVk;c|u}er>rU~VX+0J2FRg<+W_7?mWI;^q;KL99_|X(Z~nPSv@OSH5A}f*QY6e(6BMU(BcT z4D#H+(OX7~Ssmyes+weN{@nWh&0Jbh8c9vFQQoCy7crKDCn&ztO>Df)S~l@^`#ma? z8>DmKC0Lp?XrIRPWol4J$pLLZT2C181GlJ3EO~JH>$EPec=_0MBDbAx+F^%pbbiPtApZF}U<3LW z5XoMMDxwd&&F@QLPyaB}5T_hvi@gyY#4ZKy>uH#bj*BJY`&GF(;5+CC1_5M^N(epO zp=h;2qalPWAyR-HKVwX$-wS%>ylL?AYCSda0Im*SIRyzy^Z2WcmXnOquwCUK`y<#W z8u4RsHq$(t1xqt~|DbODnp%@MwvqYxHP#;PF4_kOSMH96y?DBzDRbSK=W~*@l%vE& z+r$05$;qPF!QELnNbnQmfMX?E1@?vEc`P*wMQ5isa>*e5$rR{|mKCz*P_wBDFY zlD9BBM<{sHy0?fRDCLrQ+W>?hGRIOHBsDLY&8tEe~|p=5Cj0G zW++*4InBwp>;RcRYvJ5v{Lj27pGAFJqao#LKZ*ThpR}9&nV&|_LWb7HuWobw5_9$Y z*Xz-YelE&$JD;6Nzpxquukw2DmYX50Zkk-8C^CoqenMa8~Q`g1~1PYtxafr$`XCj}HxV*j-HJY=_VSfnSy&h_It?habva*>zC;Y=v> zB>W8pJjC7LRgW8$TyghkjsTy-K*8{>2Yp@5{AiJx-s6B8PchOJoOCactlkNuNkBOU zv^LCP8~R9B=8#S2T>fZyCSzhnl*S?HzfBwNw zoM+@Sq9sIlg$p+RwEKb!9UBX6XsjN34^3w^gpOP8Q5&P@d)o(YNBbmDylA@8NDIxy3~a+| zKH^gmO$2V#(t}|4IhkK;biJ4!ygDr5se~eE=h`8ol>|UT@5vq^slf|$77^83xstTEQwa7i~GBKqT^q^q{1_AiY4HO4N-37D*q-_PtNV!Zs zF^ols5MSoFXl#3E!HZ42@7e2TK#p>07^u8Bo5h6p00x+*OfX ze+&_P?nR*i&h9V$h?lZvK_Px+9dna17QJ#7p%{t7GkGZ)VS z#-2DK>jejaxn|2vq@LY?*n3o~mwiJzw)H)NTX@7wLJGT9F4N*NXN6 zx+nEybB7hVpF9vwW_d__F7d}aB6-s9366~k?e<)j`UoXU@B);Aa(>(i`P84hDs+Kj zhU+aIeBo&V>(s~ytrmR|&QRbLkP&Jhg7_`DMI-mNtyzHSTE;O#Sh>rg{c>vteN^xGM3*IEA9{M||DrL~JfQb7}vt2P!E z@Uc}n0to!HH*`o|5^u59OzH13cRFy1fibjQ@g)C93#$p4C;)P4qZ)&klN zj|xgsKPK7)S%0)hDVCaLvQHrj5kp`A@td_d65eV-pp+w`*NM?qiP5wze&SqFdq^|a}1*=9jB}g z(7q^ZWMd>3e}E!RpaLSU1u~rVVe%fU8$JU3;jM`1WjFLm*2Xy!^tP2Ow^)%@>NzWT zq_7&c8DcIggHLfyyrSZ_@Uv)?Kmzd#PH@o!m0}t#ZZp72!ZFATjclDJ90#G?GYMU+ z=prjcf|xTi=8foh3p*n{Z{9BJ+*;*N3v=9W28Dgau}NJ(YW?#HlN>(*VDEuPiBygq zEu^?vM_m%Sw4y-~qbPN}$*7`M=+rOS^APsWS8$08E%{n5BkkMo?E%?p<2E6>+!~eyqPP^C`?NmIRMc~z_<)}z{yWNGHFAhp5$f7X z+bQ%Z?RWE(PR6>&wQ~E?I&w8};GZ_DNY4~@hhro+eTXBcWu8rm=AQ*EFr^MxNa?IY zpi0xp(qn1!_~A8Xb~(L##gMZHIMzGEllo`>!%b0|fInk`o^ z`Td->0vC`n_cB}JNe)n!DbxghQxcrLLG(@jm*dCquJC5nI+h(Px9ZWmE4OZ7xng~Q z#OU5_Pnt(#@*xhQ53j_O=WR2H#8th z{Q@&tfO&vDLRWX0bWnKF@7UyUx;vrvsh`^Je-pR5m)ZN?_Njj^mP!dyj}J#cHIFj( z*NMs^?5W=o7$!8wNbvwTotr#Or82*1PMHW}+@<>|T;W2Q?&s7~n+Hu9uc-o|0AYU= z8vH7(?m(E{vyz(Lg~vsf-cwl0{yZ99fAlHXj_cJpnTq{+t4{S<*ROiq(N5X%kx0_6 znu(UW>~szI)RAtIV`EHceL@94D?we|ueBaQhO>Pmu^gB4m~jJ7*a$aN61M zcS{;eQqkIQ1_hVJXTW6Qx5wICfvss>-fv&QeSrs>c(79+ITT!!jx=(Y~Z^i8s`}k!;3Xce$(x8 zzayxL#pis<(!0mamaPshfs?iDtLj`FBiu8DOy<H z6@pT#dxkL`4|Ts*p@TC$ex6?~zru6ZN93V{B90tI%+&D@(E!u&l zz;uL&%F_F-@`tQPA$D*q?9Eo^+}1S**TG~bVme-(ojyL%JhWAS@Q^$?-MN1I5{Q#g zo7H9*uZRS5E^gmi?JHY9KyPyPOJUe`1q-Kk?XV}rNL?=8H@vDOLf&|PC7Nm0V z=ZVZ3szvNj+AbTg#+5eVjyQ#1TJ!GLPchm1udqJM`Xy!vahWEzI*A#wk!$YaUwIvC zVP;Ye$>30pd(QTeUqo3E$-19mHGLv$=xSETSqY8RIt0;rd8XZP^w!tRQ~6j%Cdl~` z08P#~m-}NvH{Xvm;a}A(1Jr(*6*7#t@n6oo z_yr?pKtFXw>i;H0PeX< z{<_lFHrWfur%zYVeF?j(ej*HO738D2Qw)PY5 z=4ZU5^XIUBsYdpzhV!@O2$>$-RaX|7$wmEp`)P^KHlSR!_>5$_nT*^|3RXACJIddN zyPwDFvSVw;8-nWLz8u_SLrbxv^(<;`f6`00=q4~V|Iu`;-L#i=+vvFtz_sT=8dJT3 ziOaF?H0piaAJ?!@*BI5QBYTy;j4X4PZGi>}EBDx#CEo3@9Z_M=g_zhZ&n_nm{Gosc zekEdfo*V)V$PyXBySNCzmakl|xrk11C~~6Pj;A`7742hku~@6d4)IW__4&1_%Q z`DAJ1>b_D#KMwAUHh{5Tg{*yO#)4}CpRB)nLdwglTC!Bta$ze-nk;WBIyP^5qE$fb z=bF6H3tHqkQT}nmSBb0*D^26li7!Bzy~>|$R}5pjPwuc=rEy!J{pIhx>RQg6K_u;h zucZDkRa(FRI4p6HhQ&+cNpo!-iIw7&z0V|X{4T@cKqt`I0s1uv1QYPUk6QG#=Bq2A zvAoJ94O%v@K$U5Ub{l|B)NjX;klfFe_jIuMYwFfs|7L*|;CM1j@B-}VC{KK7X>GA+<;_jH%KmmvAlO^)IyB{hK1@ zt#Pb;FATUi4@rK@FX)!OL2`RpOM?LS?T^v|Shc@m_7!y?f*oqc<08>n+>-51Kfzc1 zRlSjU2{eJWfziJ^r%Kh)vsBz~;o@&k%adij2z4FK2uXob&5w)kG64)i`N+gm0l43#}U^2zB*8aRyd zZ_DV$`y7eoR&%`srq{*{{Z?1#<%tV-GYm9^x#`(KjN}t|3`WYd`p(5-bIKMy)v8D> zjo+b)eKcVA^Nnm*gen2Zwe8!lfH73;>GYRhJWzHSCDkgJ6kUaZ0vz6ag2 zS&>vs0D&ovZ%Ip=c|gX&XD@_d$o#GHVkj~u*I(($A!RjBy_H3kYx*=0m@Ns$m~oZY z=?@+)J4C>=YmOZuUgEpH@liW+RcyBZ_L>hakt@Gm7b92SnL4W9rTn++m zS}_O%0(gSIXR88Vkdo_-uJV^ipNWWcLlN!VJkTk}-F-QD_8F^`7{((7t3a>w@tLFP zk}QL3PW8g_namJrVw@mAL@ricO3r_Nt>m(!`yqGsu)FO@ayLCf|Ct8AL{6=~;)t}v zEZKZ;9B?1dwYK)Y8Ask5t6fR=2s&&4V)6hezgo{r^^ibVf`HgqdJ+p}>0`uO@^m(OoZoW9@W5W}@Hn&V(YH2EY9))`FfI<}8Z{bHj{tz5Lb+djC`_l_s=O5iP)-_uFAxIr!VFt5D zfVn1kqebGwfbaAQi)a!pZp$RgzV%yQDs|j-Z<6CkFs_x-KSf~~?S_`DZ~ktjNcn~w zyZJ35k6`hqws;d(!xn&c*?u+0iP~mBt+ApPMs7KaizIX8dqJqel!+xjLA(`I40c)% zhIzfE+zavpuzl~sS10b^z10Fj&rmN|t5qp2%k~7}%ts8jOb&BdW50C>(Jp(#`3knA z#ctjNEo?1Ib3iJFl)1#~cwyQiMA84)!oU~G{-aSpsEk#{4Bdr4@CQ70mk0y|m*=f8 z%&w3{RC%xk-qVx|V2$`L)H>Rk2A`5;fBN7J8ng-)EUhl)M|G?6bDB5Xi+`WbrAE06 z1i6Vubb7qf|*2t4cbviBEbe%vt_NBd^Os$*fKPzgOxHOcRd3siX zUX4LbY3%>Ltr3n9pVW4YNTZat|1p#h7Sl17=(1a0+9cPBRJpy=QYW4G488id+T0;< zvA<^bcd%7(YjjJmp31lJZwrSmsK=(F;Aitd&pVvT&w$%n)}t>L&mcRMZKzpej4&98 zQY($s9U=YWoww$M5!y56iEcZPFJcNDv8CgCTPfvN3x-27S^%tG7X8R($*cPn?L#sZP~uMLZG)uqacC6!5)d;^MZ{k0ZawHLG3BP+sB|EpCu z)}8ZrnOx{$++t_>_1Uwe#Xg0@R`)U^>kl(faukL)#|YHEnra%#W6h3uE@b|^U=>n# z#S>T!>Db<%DxAwlu`y#f2!7Vld~_B|GJzKR!2F~RPiQ#7e!_G*IVGMbV&oav+S4UDa^%cq*0#(im72Q}A!bY-Li=L!kBnKl;@ zEdIrV+!YC}n+t^VS+~(LUh;D%IV&E!L8xbTPOz)P3# z4on48I1jk7i#TGdrUCn@b6&F5TZ3zttIIM-BDOq7FEY?){>k@1vaCx@P0QT?bLott z=Cm3BiN)ue&A{ctvh0KOAdvhG0(HyLjPxe3^D~)(aNJj0HlKAxPn}Cd5IXflEO#2@ zOFzn3I^{{{I4kz2sAcUM+CFq0bA=bre-*#H5t|7VpCH@DcuFT01#w*&tWtWkz5dFc z$*{Msr{^cr;kd!Gkx!;?QJum)jSxO2li7^qaim$7&A?2(E3r1I*n1UIiK+1eh5Iu( zTj54(6We0}3m54=u4O}JDT+#&lCU)BKuLTpQ)5n4LS#`?s%?6D-_#fo*Dm=)w-qC}87%GXtXhKBXlb$p^QFa9)a z0$SqdEZ>oQF_Fc>mzo{Hr5KMla8JCVY-L}hAuHLrt$2P@}IH6l%;)u`N*eG&q z_dBb3vQ_3W;TwP`Tw}c8i+H(7ZdD`;p5;bOUS}(}`fn35&p$ZdVJCm|fWle^_G4Xr z3R0HtW(t$^6ryc-=^yq5VR<_v-5eIF)!$GY#7)tNTz;Uwfs)s7+?Tr(s;w{4ru19bVrxBzaw~Q75ycY#m4cITMBv0 zSOc!LOb2!9sowY810R-qP;XnxU6^Bc%%(-&+* zHI&-T0n5*{f3$K(K$oN90d^2xr-k$02!oxV-xQ^8RhGd{@f{>nC0|tUru%g z4(}Xfk3{hN0tEKyeEIrnWAqI$AJ$C)Ns?1~ZvsXO6x5nm=f=ovtMnXwpbJY_H%bS= z2N>CNR*`2W4#7^e*=*Ze9~J6Q0E?o!Y4LgDVgB z7+!-|li?Wk5Dw~N$-ecKEn`}3U+IQlFY`_@t&sK9%S7;79yJqWv;j|aq>*8d8w1U~`v4I$8~&2RO)IBwy0Fe-7p~4|*qrkFV$gp1 zEXuF6ujtWb_EJBfAJ#hzceb5c7;?<5(7S*#e9r(J%Ci!m=G@OQfoIYu{p)X`fnLt^ zi+`|U1v(fIoPs^;x-5|f{LrTi7yH&#N@Mj{WIqpqIRm~kwwv+TgEn=H|0{@r2uh}< zoUaDzcR?u+to8_bU9-BwqcRCM3rved%Rh4r1GQh+7*?f zhnf#QD~Ns)_FK5QogA-)u+h>%G`v@HV8E6hBouU3X{pT3tw}*ZgjnclW~(1&3l6w< zBI$Uv6&5&+q{y_Td1%?S~UZ=bReN~ z3$k!UHWjG-(lnjn!_|lmW2{2LzePK!Xm1K`Y7E=_1M^CrbE)i&q^s`^RCbGt{!2?D zZ~mU_Dae`dg#4QNnHM|4hh2e2L;uh6D5g(?rIb|YI~zSotH&QB<8@m5o+O?dYQJB) zbU;q`Qr}98u4B%=+kGsKrJ&XOsBrmKjBmz>PN|%mDU$|lvgbIUEU41Nd(IsA%Aoa1 zP3stNH?MT${&REsk}rShz>ceUJHx?k3R)e7(}0fm9Nz}Y_x`v3%O1N+IOqZGs}ySo zdJ>p_V5122fwMefB1r`P9sn!mU7_KxASAt9{JDjsx&u*&u{`DCLx{!(Wb5L2Rv%j} z(KyaB7?26DC1-#IQ!Nr5L0|U zYE`{jYUk0EBo5)5F^-AuR00;}0~(~r|DLY9a4q$hyKDcw+L!i`m08?NVaSb`49Raz zKo1Z7#xA*7%^Fx!)2A!Tu(r=XnL~{s&aXk2a$z{g>AeD@o<{7wQy_xN zxy6;wc@tWEzMzYIyAd`b-l)=4VrJ6IDHqG=NH01okDoNh;6_-lFv-Kt`F+t-$L=>p zOtw{zu7*WzdgDhQ%6MU_x)yi}@@%S_X8QyZ}Pyl8u+Eqmuh_LWmzD&b^s3L4E4+JSs8?9Dg1pX6MVn z8q*jg%7<|ZJuCI2X&sSc;kj(!k4|}s6Dpzh8}CcM009@ln;iCX^Jx5d7+ddtZPb(( ze6n#GG;@{huJ-?`(^NOAq4~g_1UD@E@ZepE)mSkuFB_VCCE$y77n3%XG11TrJ zwJy5n(k7W8d}RO}tEaxd$9V-^bIbEfPhNH~2RZJ151X%0dZ#%i^TfSuW-+5*)RyyJ zrAl&X7_prhdH9j@L-|=om@#LZV6+{#$C#U0#jH?z+LTsP2eET6RDC$})>cb@F%x!a z-AKCo@3EweRxB>hJH(zgfh~slE8Ch!P?jWOp#KDV%Dbp+4(08U)*4`__Z5KTG9f-+ ziy-sZ>*SPx>O9Q5&fP=KsC30GGl({K3cT=re#r7E063n^4(dq<%Nh< zJ^fsGtjw*tBBm8=>${Q-1WeOnSSA2#?Hm$Q3nl&b`os&$Vp6Bgn|3h zSylevB2sF}?|1E~NC~~SO*W~$%+&vqHW)68ViV&>!lLl&8|3+l=-ZMtONEwh^nNq@ zWCM`YExtlVfs%SNxYQgrm+8-dOJm;mcJ9jOEF8bt!mhU`8(JanM4m_1eti(UoIk+n zj3b?378v9mhsoKGssy(BBaS!R?Wof2Y>zkY_>vcv_vHrXC#|`lwr2t$%*ZN8!ZHn{ zbUX<;jZ~=qf%|T(K|@GDIe!4QFQjRhgR1yrX$tg371k!xc)by|7MWo5;6(mD4X@4@Mt6)f`;L#{oziuf<;% z>yvm_trM5)dd~t>^1nuA5i3Y9$#()H)#Jb8g&Y!I@vGcvVx zhw~OfHsZqHldDo=3;00>?zgnDN-#^T1LeiZEen<=j$lvMsA{xKB@sa<^e?L&pfh9c zX&gJKh)Qvz+Q-LT#*anbZ!V`u+pA@%|Nf5{NSKY?`~fHA0{@Sx>sWRai;`b6d%RiV zK^WoP4)47cUq9SeJrT3&>Zp!Z?H=PXdCY zHDqqn@0fu|&aDB5C-IfW__9ub|9ba1IxcjfS8}5{`=cPl z3EB{PX;t)z-oO59gg#rK&b&EyFe<{=man9FSoyNe3oe`XsxYcxUpfx*-dCn+VS+wh za9*da$oU@bGmbX!w@4B)Z;vzX_>9eDJT&wPpcQv`2=0#Qh7ekJ`P;FfSF!c`&|Ycc zH*dB|Zh4xd1Qu|5b-tBS~gQf=1xwbHRf?CFUE{)jsp`u@s$apNr*u+WI3)nmrP zbKPPsK&Whmn9$s&r6{Hx(cUMN?MY5|*oTHvBykaE!`=hZj2iMz@4T ztxRZBVayT#s9KT2{6|v5mkuftwQMk!Ib7h%k4)_9n1-w$RhJ9wP3tD}0h zyXQbC$C?xUS+TgTt)w07j*mpE)L||0Wo*hr{`e;(y?Anw+zOEXpI`hQG~+Dpy3jQa zh-drcnUkRu7haN5+jN+}@kV73_mh=UGUlnu{xw&Tlpr2%>yEN$A&t*uTKtW_t7B^% zHef-K?*tlRyb+uR79!jzmrP|bA78|RCGMvbHivNn=n@*!yU>RS?wB%IT+G=O_l!(y zH}Rz46HmVK8;bN0gT%iSMd zc9t;c*mc>zm1-!y0+WzoIXpbzpXS-DIxDOO?CxRH-;b+R7?Jv`Xu)n5aUMU_caXQ) zp)Ybf?Jjs`=9{WVw1$$n^03bb{)>8?ld=Bkf^iEl?mmCnfTWMlmSd8`8xyU$V}`TZ!2WtkNo!uQ|B2={ZZ>yO7{-+cy2>fCz8pp zj%+Zp(subvYtGk*(*WGkl-OM0gDzJ_8yL&)L=>+sMRnE&!R=7f=9dS7Jf^O-iXg&) zfo}p$3P*PAV*g|MpV730^7YH}^U@k#hH;^Yw0M2LnsR43mIko^^%xiBN?3(!+Ee0&;vk7vnQ8;xdww6f3D z;{1tn<(u#1Tj7*tCO>-tG5`mYw*429)3fcrSs^zP2!{<4);>x+FA943{QU2PeTqYP zrK+f?JNZYVL7Nm19cDPa(lysUa@np>LmCS{ZXV zs7J`I8%y_xj|O6rDvi9R%2ELaK-?<$f?sKa&A>P8x0j?orKCc}Ij$M!FYE*9ug;g( zt45-*c5Q=CvR^+Fz=`TJ6=P=od_piN+TqCl14jD1PG#;Lw4~%jd7$CqSr$y9E(H5R zmMYSZ$W(u+p6ftXPSAQM34^pDF-v)L%tvYNPm={DT&u1r}xN#ES-&}3-pI71$eU?%ImagHU+F|N>xRkNEE`q0h*ph2A(c>ko8=yT zZ%LZ+J%QLF9~s#tKS^pDt=UxIC?CkK)^98Ux&ctmc4z!F-va-MP+4Uz$+XPx)XY0| z8zw#D0=~*HEaO`f<$iIJse=nn$pidyU2$u6IRAYUHAXto>p+u5?`~I(4zlQ5|xzDxx28XGb=JiFgR{#X+0@1ei zK|{0lz;Murp(oCDEyssVjzY!wz!+Q{qNjOHCRhDG)dXI6{*3pmr_W~T@5kr!m@w=O z*kcUEa=}~s48HyB=<^gWZ8d&oG!$4_gtjzS`}y$^(~-+OW_W+9zB=#ngim2?1mbVj zE@iyXr(Alq+LO7;k;M*z*9+Tu?KSvd1wwp@6<&Qugc*!XL{JA8`c2z;Ko6;^XIQDc zD%1KvF|@_bQ(#_y33;TerjZ=m$TeS`|bBTOOz@k^kR@9v3d{A3nZFo=}O{ve{6QW}z3BNV+ zF;Rd>pRxXKY0+1N8G<296Ub3goUL-2xYPZoqhWGx7pPAX?V`dPnJJvOkU})>H1>nA zGNkcy(?+%ofBBn|8L0i`sqM5WN{v?>w3^F4*m^XE$Ct|y{UH53rCkvgK)YRLrJ0~y z$0r>Bnn@ad4Sw(`5dww%I*;w1S(A zvw0G%ExV4R4%`K4TKODW-j+u@hd}%)<~x^F6K@yv$on8G?!xUgC+ZAfdWWWEV|sbX zr;KbMWNxDUV9B`9xisdmxJnvoSUZjX>6bw358BfuPLgDY9&$++wEy5&*1GqgB8Ar9 z5^|k#&UM|qdu4KdIpZokPOWHBs(_Hz%|4?~SyWsgv#Kt2(k$ky#>*)6Gt3BX;kq<7z z^H1drq52w+K88fx-&`SL1M$b|LM>y;Eh>o<>d%dZS)YyPhSiDo=zjT=q&lYi?^ldq zBP$E?i%je~+EEX38GA^f-+l_Nu}kBoI*6H?dkV9GPou_NhY5-s#p#9|RRK@b+iWZv zI;#Gpd^vJ+sOck9gyC&VX63Uttw^If#)aRatAgLm6VkBLdvQc(_3?{}rOM{B4j2wF z*yp(9-0LzazTTTlST8w^toTRzmS#9z7WJVKDWPj5RnsM98;<=VQsd^%sOk3zwqlxa zD6e0~ul4y{3O+MHLzu{emUx?T@J#?MK+?Y<@ZtrOojy{x_0Zba$iitk^ZG_Tx(ddo zN%bGbvx1VCzP}IvC)I*R^UlzLh*}L_#Fz3;i(rZ1gn9GqQ~3Us=>-fdPY8x0#aRlT zKlax!D|>u_Gs|+}cK^idy4>$XBG2CxaLc1r_iK9__6aC2+itFPJ7|RDLgmw?zrZVr z=SE{o2DqkzqjOp?2C-!22h$hZo(6=Y;_nJ#h$k{9&9o<`iO2>`NLVTE>O!H;YNqV3 zyaW*~t#AYp=9kca!&-YmBaDu^l-g3qi8^W|ez4UQjSNU`%P()qOc<&sP z0AciC;WJ!oWnegNuq+CqLI|2wCf`BzG}VEB2O3FKWMw-5Jb~?}Y#P>>*g{wEax8EU zli2z~1y{mvrDg~x6B`(Hch)33$$EoqI7EhNA!Ipr*^!Ua%m4L zn`;>m3Mx$tAdfa3iD*|U9ojDMw*wat%W~a={c(1mO#7dd>Jd#3OG+yt8XHSec5t(uJ6JWt2gx)ehU;_Wk48_-D6aXivh;%vpLp}pVl6JCSf zKux3s|Kd#^pS(4?7;~Yd?CH6%J*-A1$Xp~GPq&C2U3i-LEj*zg{YSzi!0#P8`5h-w z+mOGzP%VZ(PEtkEs&m3-v_~^dQ8Ow(>hN2y-3u4lOPAUzmy?fE=maXKSwp*Dmr2eN zKgwcjnUi81ei_)~PKAr@bh5Mcd1$t45N`q+2>qcQv;M?+ z#0|h32?Nr*E#rQ6UZprLE{Y?lSMgF8#q6y zT=H5-Gz83v(s)IovKhh%Eu~62H${L83He|+s|@EqQ|rIkAi zIchctvG=tVI-pMZecH~91M6Q(GVGTVml~OV z05@0s=o-1!Vf`w2Z3RD8DH-ScqKg0%4RA86h4-ZV;%zBWRjUa$Jq2vMYT_M-(W}N_9 zd0fZIjiXsHhSxjku!XiJIPfzdX^MY3q2=&fgbp1{`W?Syd$Sdw_3N7}s0z;#b|yQL zJ@_|t!L*2|_I7Y|%46CmCo07tdo*T z56?xh-uIQeA8K#7#X>DB*VnF0v~phCeu#`4;DEu+N`;ASm>lN<0jyIzC!t$Dn=M@P zqm5I;)Yi-q(Z}M(h7Fqiv41#u1guB_se4tBMhoTt>wAz z-=V#XdyV^gL6UU?0Z8*}XK$eTXb9Quw~jq;YXQiii;Yw%mul_<#JP6<#p<~PeRqOT z+nVnQ6xK(kNcQX(FA7X86xFYw`VA4Hjp|kDC#+p*ZT6Fq>}mn0UpZuRWXsN#U__%{ z$-c0Sk$#p7Pa~%{g*hcp-h;S(Z1Z~Ij=@Fpu&wfJ-9IV|`bZS9aXj!hy-qgSI@L>LE}C%c$He%FVO{R?S7+rG-mgL*^rr=D7g*6KZ4g?G%p-p>|hJCtzBjZH>iAL zH}BSV1#3DB7Q<||6w+LCWmL?bq_ zC3&B`FghnSgWvjL4dj=MQ&Hi$@;5CL^mo91d^&*_Hw`#4tqi9G``t0!?1@S7-el^+ z!_1ucr0GMjQaA%PZL_?}U)V6W5g%)+V&qE56W|fBPG=90o|Kw~H8t({o57d8t!jVo zOxO;4tVCo~Vs^VgqKan_@Kbag7*rtqxaFXLBgAbaFQh6Nf3;hqmJCQDy-)d}_0hO$ z$BHTzdClc-1*d|tl<53oJ9+HSNUdICCBns_)p4^$JO(({v z$lULRu>^!6(pG%C*;7cN7Z8rCrq~o~*AkEQxYAz9m9uPTY6Z4AeX+ExUXHZ*P|!f~ zcrA2CvwLvw0)?FH4lOOv?QDV*+<`&N4Ku&Z@iydtCWn0SnBk z5_C+$xzGuk;bqY*(>Gq-e;0LpuHyw{5vKOAxG_2^7^<;)wpfK)z;bgElqD(md0Y-6Jbk}nDhE1hIJ7Cnf_w|`Ch`Ar9w2y z_#Is(WqYb>pf)uEsTTDAxqRS>glp|x|NDO8@i+0$(>=rq7j%S_o?LYY#TCplx*2ok zeOsF3CDqEwcX7a>pTjxTACL%PpuWy2t&_`$v9%1OLY5O;=l(?O-!2ynvbN6t_3qcE z>R+~3pA!uo`)pNR&&bC4+pszImwCb7uFnfo7a9YQzD(t&lR!R3pjw<+f?=cC=O$@u z1HakWIy@*#a0U!z@hIaBUV&9(7{df<#P^ZCRA^Ytie}ZXPBjpRfnbOUJ3d8%bMw?1 zZ}06;exLC|Bu(rwBEN#h#!~WiAcBd8|6S?nljN2|5Y%%KDYkbB;5%OYalw~q z^IRW=^(T!6&8*FbF%BWKmg@sGrOlM0g`i3&C{EQS(^&1RH9{Bjm;68~QE$jVIC^3l zR)B7{?qUFMWZaKN-({^vdZhSYQRihaKfAIeX&|skpb`EJoy>_a#MM<}V$K6AUq2TzFp zX;g1|y^>wy@scl>pb62afj@d$ibGmiU$i>vH+ZWaa=qq|!^?BU_{a=pe502?fO26B zrz-0ujRW_=ZL;5m5ps~zJw8?a;tZ?!c+dNX^GJ&mq;v*|&ih2k87|BG@de8dE|%3l$&0J$_}Eo>tsv#qK++AAp$$=uIEnz?Yw}gz#%v z5_&3zsU{AOwW3eSemInf`)}!qc$#&`p5gcnm+11w=FUJ6>a%GBaFWsQ7DE5Lsa?3j z8tu54T3g()Smu3>AZAH&2H1#_BzbT)MDneI>4($!mnSN&FAfGp*Jf*F>4*aJryjzT zh6Tj8j^+aW$^wCx9|Dw+f7vvf=Twd{G!}aE(O+5bFC#{T2{J3uBrGBo zN;+ne|E9X$DOdzoLv%&)hT{uOHty72(hHo)cWQhF7wD*NYLmZY#V|`ll(dMxy3fz} z3|xkm9A0q%m$RsaP&Mt8}Nu5e*aWND0rD+PO2W zl@>Gq0#V+s4@5h}4(YFZeKwq#VHm(1$Wx8(&PQZ+*NE!0PeAGjQ)2vaSO=5R7>Qp(|53SME;q=!GLXHA{@{ssHwiODUWDb=arX%TmFT8G_BoloR>zNT?#F+ z`%vEB+z1Svn7ze0k*VHs){G5JI~6S1<_M@H9&CKP#auq-cmb)M_#W4=wdzE`k_Iwt zfz3ci@R|-!ehbcFV?KXz82#I$J4==SiFQnd{_uWp;3^QQ22({X@L~cY9u))b+CGvy zkhC1u{gz4^ZfY5fx`lV&>bz_R8hx&+uWoMK!`XS#%+c!`)0UfwX9VNJaKBuLX-if2 zgzi*&Py%c8!o)x=y{ton1Qu#&MyU5^3G0~toyO9n8D6>XV+377Xq`iq+ASaNEAejfkj<77^cEf%CjL zW>uhao#pqS6WX{r{_~_!97*As^YulM-)te3mMtE~R(JYDU|R*Y8M-Sa)Rke_0nPT| ztZaJ}!cqpevqW4q#5#vFvXe_;!ixt*Z8J{-@I7@78wOi^d5L{r3_l~cu6A`YwZfy7 zMGGrku~5Gqgrf5P`oR-*wexHM^~8&G{ryyJY=8L~aR(S%p87oOXGP`4^8VqnEd3>q z=b2N45*>nIIJq``+syh%c<(3r=)Pn(JTEpg@!Sj9ko~%veU#>3Eyn%~7*<^+y7Mv! zk)=s#f72#t{QX`|o%U&l?Y9#29^0OE{0}Ogxs|1 z6qGGp%lXpQ@s(@&YQxbplW4AS>4mviwGa2$=7G0MUHc5)fGM(k3)+B-q^iIlIOL|u zLjYYBx%GwT;5<-P1oChMIx3?o~7;2*P*Y1*2WlOU&WA_Z-X zU5E-6w5Q-~&U{Q9^3&J%Uro6eIo$6blDIX`7P}vJyW!_&Ha?)*FyG+6w8mx8^gdrt z%5{*o_!)b`;omvfw>R_pB2Ms*)av!)IopcGPq`iilCgjLi1*;yKw(Ry&GSwYThi3C zMSN?qXEXwJi_?Y|4+TxATL!^gAk{NcCq=ekKLp{?k8#e-=sTS)#vIX z%=PEHdQiN_HgjdXF=kF^R}C3Atg;K(A6~bx%{;u0fy?T!j(0^E+p6oFoH@tuqmhs-~h2`T8m3;%FZzV=m-6)UWaL z3BQ(oCkwS=%GLR=qAr`vuN>MPjtv~f$AmiI7$hp*e{o)lfSOsp!{CNCp7tu)H9m9} zqg8Dvx}nXTncviXc*nOVrTFKv66m?OZDhAmGkd;ytRFGO%#X`3o5f+vqBL*1`G~T+tcDnLvzUCgh8PcC>VMBGocdmjc-F zsWYqOSfjvhd7l-*t5VowS*8O%zdUBCd3D8cW^x6=){6eQ9Oij}Dyg7$T~smS0-cnJ zMFfdo!U&=`lB+I?iS_wKP?(-0)2?9I>Pkl61}*1x^mp&z-|_Y8(X8@f@OgD*Y*C1@ z6a*q9C+36RoP|!&x~zfyiK_`p9q@?FRjtd~dt}{ahxHM?ziuZ2Yf&vo6Z*1GMsQNG&j7ek=lA znjWevt^8}A%=hsd?OJ`2PQKKV^l;eABx$6q^lt-|%I~2!u0k?Lt~^c}QM@dRU|b$l zhQCEcPEE^+Wtzt^WNWGfol8OfEwL!OcHpH<)AK80K0MHVNU!qK05Xz}gyB=l z*L}c(UWF?I>=A-~951%k;*1{l?Xh_O>41ps(xIq%Oq~Jtw}*HC+g-09yrmgACFd+F zIAx$=aY;T!o>z{5<40fVxkKqizb(`!GmL9xiTJoL0{3ii{M$}Rfaj;h0$qqc{37Rm@C)$^rO7b#)h+)W+zTpOMEu!0k1Xdgw;-jj>0+FC0- z;d=Q?Qt>sTY-$V@FM`02^K^plN0M%xr^L4faIls!>NODNWz!k5pHCBF;t^0Pt9&1h z?$I{c8AkY>U`E$>m;LErzkBZuDHau7L3_WsDRurf;K{55*7Aw#u)BHS8)^?&ZjwSH zx+Y#_3IGvoI)NqVG&VMQ{4Hg1r%bTwzG`k{a~&Fbt&I>k0B++J)@Mk`k{MJUBK~Bw zG@VC*obBKK9z^y9oajmrt>T>Wx(oAedXaJ>0Fr`@Ojjy93D2m6?-VDqdds+BtI#eW z{7{x7?JfUx8&$Pi$TfjxXhaG^pkgSa>H<)C#JQb!P(5hTQL>rHq4=8#o~!=b%Z(6x zf!2le`xTC;k%;&)wqR6l>+TAn|7DRzL)pPa&}L_6xcS-_nVjVk^T6#2SiDM$7fZH) zRNlo&l-9BWyZ%gMzh!zRIJMv;w)`R|2O)GsY1BIAoS zHsw?plQ|mQ1xLzJoHscC=mrB%6_pbv($&|N10mHc}dvjqJG3Z5d3&V@{)rMbV?XUV%* z?a}yHQ(Qsc51wOP7sL_olh8?>*8yE)%F6yYN*PvNcT1UgiV79Ly zB5lbi`V^F1+Mhze2^aR7c#f^v;x60w@{Qi1U@CtWbkIM5eMLvZn|4}@<9lXO)zWi2E1q(P}IPQCxU8W8J;CcB%; zs|#Bg49KMar#ghX{}4VW;=DX;G$q78s6%y2mvH^{6|PAU(E3iO4xI(0M|~V;o{pXg zTxCP6iHRhHQV@p{zRpaMf3Fw#R(C3Q5C2{rJDJ2r0~P&i&o;MUQ*9l zTGDC%jk=cV zMKkXo>Yf>S*ZPKKTSs;72qi`Bw6~+?8~g)Rr=|)HFXzHN zL6VZU9si*H77_nkOGq+{S|Cyqs1Z+Qkr%_H*Hw+2yl2PS%F(47AdsDJJs`3GPS!@&7li#EV3jsm$vM6zbhsVsoVdI@u(M-ykM=Jx{Qhe zvviEIr1m!iR^5+}AbUE$TK*Hc6Yz;~(d?B<*#1^FzX}A2A#~v?8YbM%*$zEVMt%bs z>yq?i=Dv2m1Krzy^B8u8{R~?iYwGusuIhfXek!yBKCFMs(Ej|hLCKyY8F)@9RKJ48 z-!@CQUt;~!X&Vea#@hAa)x`7+aHZ9VC2^iX>~ivSgx{TZJ*=d^cvWm%W?1+wiGi1W zrrQlnPB&QPTSZvi`}W$Zf3=wxRalAUpdk(>{vq9TrmU*a;!n?gT3ZdQjjmg9oRdG%0R!b0-AYBBJ| z;$OV%ezdU>5JV*92C}uRl3|2Q76`Ku6VT)|%AgQXqvJGot763Nqp_yr)wjf2%!2Gx z(y}PdJ4=3D=+?En1yknD*KxX%ZTSIV5R~&o@A}(#Q$WAffv9ycey8O0Xu+zQsU~G| z&5-~xPt9{|xFi5g!2EWqy1M_Y=aYw-K?5m2l^!T5*|sy*bVSEGzXjAO85%$#9W<=T zTk5tMDYH2Q>i)p%3pB|_swRu^h5a0J_^G|A?*nZrA$0tQ9yHN%d+CfHGw`xi$!)c3 z+@fbb`>LeRNYhpKG@rSt#!|&4vjys|enRA%=Lfi17!EnVuuf@0Wlvn#IH{Sfx)mW` z7N(WCYo+4XSP$)%0k9ZA3{tCZJ(CE(q!$GbpD@ox;N?AWGAG}|FOZPD)5oqK#KelW zSnq@Q&1l`5jzi{ye*s+}hnR7~WcZBB5nvD$xLiyjvUPQxu}!&i$X#g8l|mv0J|BaA zINw>NJN)w*_=pykHeKT1v{{}PV@ z+tI^I4~1b?wo}?Gh-UGE2wijf6Xo?H+R+zgkth(@u?tmh2Lq%5@xtPIQMJ}Q5L-6M zfYBOl=NW52Ubnke9hb+$u!C}p=*}62NAyv#L@Eh*9Y*m5HzbiVdo9w-84eN|98psv zE3j4{iOwylPd^HT-B~r^qf`Z`iiN;GjQgsMjO&KQce(m=gPL_$ax=~8~s$|+pnyQQe0*aoZSjgr^R{Q11pHdDQ|rN+pTptaEAKh;aig>l|etg zp!|`e%-o4@^<2mgZdUL+aK;G1UWEGR^R<@9h@|jMgJ-O|Viv;e=-_|Tz<-C+`FO{S zX|?;@V1Ih{!=Eba*&1@Djz=j*0V*!*nuD;yNKIFu_i-eZDCeu0BVU;BrYkw&VTE!w zKp#@N-z4r592j61Pjh8W{A!2e2igu={+OA0^+DA+nTPVVQwPs|+`E~Ky}k(`jbiUp3#?s}1eLR)8~k*qPb=e^x{$ayI>=Ig z1%Z?-Q%}kbOxZ}BMX+@~2!NoeUUi@lADCkm%{*@iEWT<46YP1&0r`Tu3F4{^CzfS} zB`PM=X`dWsDobC#E%Gb&%n$`y+;*2!Q@A$xaOHd^it7a}=z1_2wO0-f3U)c3Zpr7| zFjYQ-$*7rHjsG^nVNigwm33;-Ck)w8wr&SmA-YaHY8&gnEm)RHlfL!@b5BXP%>_#1 zNvw^as*6g%GR>RWswE@_sH^^_A`<;MTo*gE#omcuB_$$HZqhP-Pm{VB;JYgHcxJ$@ z#_~DduVGDL8?7o{kAf)pzdhmI+*eQFHkbLKsB`k-jvfy}%IY2k5(JUfML-K9%$!P@ zo>OTod=os|ypEWBXU3^;1NfT5V01Gb;E^?ZMD6$Ec$_FU3V#^lUMc_Hg$JneNfmTK zPQ}vx&Bc)@Wah8QjM07UzE;(_Q0j|`e~*JoK=Zgt0XV_99fweD_7W~Uxq&rLAgMB& z7adOHO}BSH$!317Y2)&j;@Nyj3;i(|8xH*Q3m}`vd->nOCzPUV?pGFbFHz8gX<)aR z9-72dT&Oz_t92uj>Bj&%H_3^AhUJm7Sn?zMy@vxkNWK4H`5>6$@IU{zoGHVVj>1rx zp4+41wM*) zATD*}lfOW^LOG@#9`1)Vlk<7roa{_5IrCW(F}uD!#RfH-5U^AmV?-a*geKjLQY6^# zAW$yi`yTunI%xutMAr$Bdm!r_#^*eP1J5{u;Y5yICl- z{-yNayG|<*6c(`{x4X)RtSu>0CNAjYH#0qf5u^-w&cuGz3No6YSYHSTwz+r*3|`3nTr1 z_t!-xa!r#c*F_1seX}azepVh_TnHLGrj4|!G82l+yeAO8zl?r+4DFLp4vZCh(WQK0 zf0oLMCpqvR7mdlgZ2AXDDV&i}M!HrDD4;I-sBbWEfACblungSXOwAT6uZO7bXNJZ< z{xPqAH@S`U!=BMgy#)acL>sKhL=CB^n5W}kq%SWTiK%o7vG4uQ517LiN&G$-DF=f_ zDk`63+ZXefK?G9zM&B#WtFG?)ziWGl+VT#xOuj7OdrN|zL znC(qMBQo_C>pB(Ds3~Mz`W)#*PkZ4%-=r}Tq@UkQC;p1!AAYD*TED-TYys1H0BBpm z9!l0r0U&*VUL?-IkcA8#%3oT-c3p|k+-_k|g3sJ)J&BkJwxozN$lENyZ?KpMf1gF_ za=1UNiVoSbb|CbLlKy~#kc7@q9C4A=c?Y;(Wu#dM6z&0uj6e?oJwhj11RGbr7^-|> zPla*xF@WD-rI_)U??ZeOU&NRJfpP5kvq1I7=B|B~2vuV`j^&ZxXa*;@knpTPqNINp zAi4
wiK@?&ym$R|hO$`e?qdZ*tS@>Uq!5uD#|2ze7JGzC)HHE*PU!w}tP*?s!{ zJpk%>5A-q)07uTgp`RU{#C7NyW8PskbZwYR-|Qz1L{~J zw)4F5nyy2`GiqJh*F|Q&pCyjQl^97Gxmyd=^QmvSqW+<*x?_aKdw=D(?5= zmqdRLX(g7;Y|j)+wjkh#VzkA*U^4ne=_6&6sBU>%L1?$i73&{Io3{7Ufl>YhQKL)v zI${t9z~2}JL~lDi1TFxaYl?yeH)r)P2ql`TdY51Q8uE|sp+;Gr6q>~JjWMcuXUGGB z)&`UC{ltHR-1(d#_$NDa;@>S5sQ#ftDe2wvg&+SiQNGL;-sDGY+%W_K*bJbUfz^C- z#(g?zsX!XGQPPy%Shhx`t~U81Dd*8yl4OG*WTA~PPN=lpfx$l*YUTt%q(~V^Q;K<>Y{eezc6JG52=Y~{hg1>YCuef;Wf|*2aPYW zcu8K%khqTw63_k_35JkD&fEWX zIqwxGh`F;H8MX_u`8;rsRpvbi{m%}R-(Py%#k{fVoq9hAdlvP#v1E{*)dWUMWY><% zIKU7NPBd95?fR|R!JjRBjOPd5Uo94}i*e-nTa!RT@#&<+kxj3Yq8sph3U-;C5u#s| z@jKU62%*pP)uZ%3=t9T)H>RueCp~2ThduULyYK0dJ?-ZH-qVc#gfM^EE+ot@=I$jK zZh7}b@BM1rt=0eLrNB_LSkB-z*<#;v&x>rCs<&|H(}KlDAiSAV_f6isGI~@muWtIk zEM3)-<46$vB{4io7BkbEnAsM6{i$a!ZX+&sX2)ZztFtl-D{x+pQ34x7{>sG31V_iP z0|-(`=)d;|-RaiGoyqd4V8`{}g3Sq}*~-oiTYaK>m~fm-=LmkY-{TNTN>y42Qx()t zx177K10>cuO5pp5_P5`x3kTN81Gx9Xd)gQc+(YHV3pn1%_s1ylzX2eOhI|~$rTBlb zY*X2-gafI~y6e*q8YFg-?h_$=YV=G}-Fp4t-##X~cLs$|akQJe&Hi&*UzsAGY!u z^yLa{+u(!~lx1>n?f<@R0?%?N@yBUBz$Il+W<}%$kDe1X@*>5yK)7R|b z6sIW#OI^o>ha+J&HP|1Ep=Tb$iQKeY(ZYmaG-iQr zlCBJ9zS-LO>n{pzE~DlYcdSu4m9lFh zLs1+rPkvLb=mf#hwcleUZ9tmD!1f>!);qtX1zG7s607hY+A-5`^!N1uXyvcpPUi-RIZ{Jg`N=5+OgA^_*^D`xX#p zk%Ig}#QVMTl+*?@O(QCO_2{qr5o3w+UE6*7`m8}xkOA(esXV0KBnJ}=7#~Ix%eV+J zx+dJQUJ7bc{ArVusrU#ibg9Iy_!fjH`v=He$u}N^yJo^W{cv}{TGiwB(<~M8-J564 zq%#M1KfL+lJuIitV`-Q1cY`&*lZyxzC&UTr;6wRd+$guWeH?lLjgZ?_Y zDEao&cYP9c!TL9=_y9574cmuHN=kZCMn)|wY9d7|R3#B6qx>TUzc5!=^b!i2L_Ub^ zozS0XCjSOqhwY_Pw7oU0x^phc`LIrt%Qk6%_$yBnZaZV@~D-^dH zeYh_U21>KtnCZs*NS(gamkcFm10-Sz9W>x`_r@fud#hCN3^s^`UWObCx7)~{(kMSPao>VKFIWE`8=#ST-vl zW=CtCj)71`KR85K4e?2{reW;qNX0wjUusmxyCSd&D-31(_zMD|gvv`O53P}3}?ib8F@#k=#z9%nKAW~ApcT0C0+1gijHu>Vuh*xh3L2?ZRU#^U7* z{D3+cz*$4Gs2I5|*X@Z=`I#Lpe6#{XB0khVEp~gQGJNW|tSOA4zVv2=f@llM+WdER#2&$YB@fs0s3B0)xiGaBY3u3{h`* zf>hgIGQu@3wUV{AiW1yH!cC>G)s~q&1!f?D=kl?Nhcv&O;C}nKZ9huau*~?Q2BBU* zjz;dqsmNMvK(EF&^$&N~w|pC&_l6;N^?A*|?ej#!d zX$JanksFlGPn6kB&(ZSUCmx|?>uHr&smQ;NO&qbn{?-DS)6pnWy&a3? zYo9hNeWL`)nc3?VS;D`6JLoGo7Pg41GvL!K^KY;@h&uRm2hD^~Q9HVDZc z@NI}wnpFEP<$Nv)+b}k}q@V9DSVGhsgn?U!7Sq}9Y#(Jh@nd~|AKO8<9kP2`*Fvn) zK!eAyTP8RW%bKi1uVa73*f(`&Q9T}{It!ic`J`ju%ka0!Jc_WZehEy`yKu`YreM@G z22cRjSqMFER42)HbJ!LJIWHpqG!|IW_e}gf)QNv|#OtMj2a`wI+154uPKeZsu+lx_0(=pO z^^k+jT+SB-90`*6S*Gh6RV+lT*VU52>z%S|a0y?T6Y^MgbSV0#$T@|jL5P96*UIRV z!;NpmR|%J8+ZnB{migN1=!=GP$wSPwjUS`t{wVmiwqcJ7uXi2QRcgw`mQ%n!Sr_VG+L`x>pfa;YoxH80ufUF< zY*EU?cGV;up-x~=q-WXDm1YC>;AP>*7I=}d8rbD0fsYN6udH)hpKh^8(Sv}K{g#Vq zAf3xe-2(zjivr@BP#pPOD0kk^Kx!m3c19J)9`9Y`EX|xR3dq#I^9FIy7^*vh3YnN9 ze-irr#0*0R$GCjwq1SGkM!b?4Hw$&hi4HZl$qI2+*^9seJ>0Maq0X{E&20g6B~#L8 z-o0p|P~C6vJ{5~;MZxX8D((Cmf5`KeK>gZKQZ_Y~LyJVg$!k`SM$StQ+Lf{!A0xK*lq)z>X8pA8qnp|vH{5z4OY7nxR=q#Ya;EULnh%HBDZ_0 zs@MRM3>6nU!WwbR)5;5oaKfL}L;*#MISI2Uhv2_+M7U2W-{@U0X~%^bJF}#_+~)C# zP4k?meRk2gM&xo3Dst_3G_d5hAdu$48G88Zun+@Bw>r2Z&-wP|49Ex9eV8b_y&duP zT0s#_QCu8l{h7awJVEDIs#7VcdrzeEL%H48-_RqA-l>sLAXB_|t^x~GgaCIoT7tRK z7QRCPA-?@OW3sTwFfG@U6P&t_ri8Eiv1|xXKNIM#i}mEE+!m?}LZto+qWHjeSq!mG zDE){p50FY4w;BUUBrY#nY$wfQc|K%^Qp&aSg-S=inn=AEJ_q;z9TDtL*jmpafwjfX z(+TB^oCo1`FIP2cd?&pP12#jczWwmr1YZI3WbO1@q7UPVH^mbd(Rue_Y=VX6sS?ph zCCM{y_A#nI*D(Ilr?@7TEPccm-7(Rw?}wH=&1^~)zU!nO7y4V1e~Vj006Mmj{MkbE zqo*HYF0F6u3!ibHn{Qv?C6;?N;XT?n1m=*#_13y^AA*c6SQaV=l{ylMkPDKfaqF5X->;yc+pkV|&8cc}17yi=OuSHvpJ zJSuKcI`^|{z5%s&{DL&=nQNlhljKhC`H0-Fce&}nG|&s=Hk@y(xqa8c*ZP!`rHS** zi-o=--yjl+=AgbY7g`QSmjQ!ZG;VlX+6KwBkKafz!+ir+;Cp^Nl{LRsO3ArqW(?ps z)-zxhK1GJ!uuwx=u)G~iqs4+=X3!HWSp&RT%vHZ*HHM#w>rZEX?yaK;FCXx(CW%j3 zzzY2Ee}jtkWGcn#yz(@a?blb~ILonxD&apRCxPiB#bLBlft<=|2Q{aWzn_UQXRzP9 zi-T|r9(254RlhqlbKnE;VXtiTGE8c0smZ!x>85z z5?CCZe}{lz6B~X^WW_jx%WOA1N{w{8XbJb-_Y)~Q4Zd+{D&@puwQsb<7aV5g zFXwNLk!^!^g{83ElX}g8w@tYXco_DqU-y2wo?0FJM(c)=;j^CsFs+t5 zXXBj8y4LHVkdqFW3|KML=c4J@eIskk@V-&t$HsG{Q^`U`^$ChkjSfuzd|%6jAnBJ_ zS>{Kc+hvX+ipi)rnIrizl5`oqVi~}-Y5!~RVbl9bHjv(^%V{wNdO8XRG?DaW!J20V0xY~V{n&_~B|CT2A6h2kkyfJfY73kJ&mbaIBK96TBw zrV-KhdHt5bm@oVZH#>fd8y$J@%97Njc*Oj7w0Ylg{+@6Eq^N_;S=k3{&rt&w@-5ydJh~{Y2mn!M&dt%T!mZ9 zu|>9%iHd6eNO?Q1ikh~K&u^EB+_S$Ko=Fp9zp&vThQ6jfYrX;@PEM)chsJFGx<&|) z>|qf>IX9s!znnMW3!3R-V-z)qzhdvlCx@8xc|#@_2o8w5f`m7MCM@#~`A<+LU-~&)H2Dk;Cw{9bZ~Ng zBCj0n?ep1YyTQ5N+Wd>`moD)+aC9Q`j%`Ya(aEC!angtcMaqDGBcEy-attjwr zDOA>1P2ESiJjakTS!uI6f9z|A!chg^<OEXcLjO*lp3gkIMP`mcC-G2&FvfMSNqeA9H*}e~Zy8j??iG1{!tIpPz?DW#k)IFp4qL zhCDba{H=`p<@mNNo5;Bjo}E96jMd;mD*BxW_;+RS;rr-yZu&LW+Stv0)VZn^h_tsz zZ!#A0>x4TVT*G1m`8w18t?_lw^U{#qvAHO9TUT<@uKT2N4XX2tUsOv$ic`Tk&aTQ0 ztxls!|4sKFm`4&G*-M{o#N3;mnuz>*AV4#S#>_YklL_@Gp67>%=*HrE!kSEM!eviG zxGTdT#C1|(SV3;4{18l+Rwaii_EWZU(*IQ07TAkBVRK-K2KsTt>^hj0#A`_k#7g%l zfQEw|*keW^JH~Cz(WjRo&Rk;n?2$6!SE`+_;f`h>s143!Oe<6jt0nD`mbSqYPCdBk z+Qp_FF}bjZs&dYtrvOLD;bUjlPmC2}a<3=oe4Z(G*TJXP&+eaJ%`>ZjU>SS4glj6C zHT6s`Cd@ZaZmB9H(mT*8)G|;xF{sffmbUgm0Tu6Vv!iKRX>H{E;@gOG+oc5*2f`2r z&d##vo)MmePvzaMv>)kLn|_`gaj`4yc<$2mG`#Z9KFS81{SoNtN(Jtx`+&jL_0-vu z$jymZCORT>1b<0AEhNLWGE_C*8cYZuWR#8>+FVrXU_{(D!OWoC3{KD6m*UIdu^K@B zgKB4})IU^$9IUz7zlMS+Qe7VUOB~u~xm(cZl`AOPpC)D6pXuQYqC$RNngv8kZW9JI z9|EiM-oK@v*3V$D!;>q3Y-hU6FpnyO06{>$zvl&@s=_f;{l@#ynTZQ^ToRu%s*3v| zN8#6Tb+zGUKm?=|8*ru(iN6=Y8%VCahiUM!Z_K}SB9dP#FL-2!Z{#%(q&eA~YMfhH zIOwm}&*Hu36>Y`HfaGl+L7ZLOiid31 zzbr^TO!?2W7+rh6>Ll9Xt7tS9RitheM}`0|b$Z1DvElxz+}SNYC)5!+BH?5#Uaz_F z5ep1UU|Tq*)Hu^hNusBec)3UOZ)QktBS-PY#VfHR6I%{XeoEVf?A!-loRF=V?Kaxy zQMC!%^V_F@|3Kle?P!$P3_}vXBMqFyK>Q_xL zARc9K8VA0T9N5QM%EC(NXcG2y^t+ts&E?P|Z=h~ma{Xb-;V8>7#vd%1rNQwD(^0$N z)S3$#b0Ho(8*al>Ss~ZCxG8L8Z1ZLlQG@o&KGA5mz7$Hh^ZubzlHYf#Cf$(4f~VAx zA~83-(!6P*%(~V3zX5Q<$nZQz9L?u3jJ;yiSN+{8IrH zjkoMm?3|Fyg!^ZF&;$!)_B()RNc@{V4)S|>gR-H-5Y2w<{uUFVB=HE#>ExToIip~k zJ8yw#%8tsO3TatmXD=3S9wZ687t!Ff4+sh~o;xVcn!u8RSB*KiW%^Eh<>NN;ghX=0 zxS$9M35aCLUcOT2S{|y}Kqp53gNJ2N`ePYCjsH`3c;C4)i;(b)+G5iGwSBI;55E5xNPJ57wWtpNnPAM*44NL&u8@A10G8J3YI{g>GK6T9C5$BnkR)g z&Mq-|J4{F#Nvvmw#vvNmUmFV{w(N*|(c4*DJiO3fCR+*mcz7bIAF_fhJpQjsNAQHh z6vy4wB9O2Zl;os)`kI1{Xj+<7erd?=_G+MIZrytf*%HL9~QOWLn(`UJ1^H}#>j z_MeOm%WJ#flD2?OM~WA0M+_3f^%LaH;OoZ}zSrVnE}-Ya>`u{?ny@Et;chsnQj+yB zB!4|dK=k24*eq9J0yOVTeCt@Q>`#RS{HhvQ67)9tQlbYu15D0Gd@D=x$Bx~_zy6Sh zyM2l{M(hKMmhKNBK#tW@mPaKWrW3V^M@PlIROXX&uxV$rI{a9sBJ>g^Q!zIX$1ZRz zED7B@Qm&J+dwiAJ+S%zq|1x@bE_3~*ykn$7Q%YVnUp&$&y9RSrHgI-Q#~}9ODS7hS zSD-;pNZ&F?L@u!`V>{mj;e;$q`$7i;8`9pbqSDT>z5F!i>bd1ot?}WsXeA~RnE?&U zkipUi1yrs5Rnaww@~c2$6uS(&r3(NN=}LfjJ5NOq#!!ysA}E#vYSSSq7I^)U%^&Je z^O{tPvjuLrU7Vo&aFPV*Gu(oqaHVEvHUBi>pTu@oj_MDIANa*7A+Y{+eE}>JqJ%xP zcu@ugtxb9rsz*!~Wnss#XxVLNKbSE?J^{BnB^-Mq$(xKrb&7ZE@}ryLz$?O8_o5WO zt<=>uh)m(JLpD)lUU9XcdiQNfDYlw+s_?d?0b}gk*|^78Y*~Tp^eTFO>)u7#zm7^L z<%tS*Uv*!t+&qbXG>r#hz5ZFM2Hr$nS?0L&RmPVZKL^%K(p_m$Kts<5Tr+a@WaB8P zt$d{s%c==!;a)Qo_0^)7_~|U-r_h^~-+1DCfDeqEJOUN_bCU#NM6+jNJ+5Uah=I=N zbLN2Jay-gqL6X0WMoWp)-~KqzyD(pyPR4?6`2@0lF5X*(jG+{INf-9T+}0S-ff-l7 zbV6_r%=mY>{=9E|ID(?7W{t8=Q{4UQ@$#(GkH8(|QqpcB<6X+u$7 zC5S$^2iIYM3J_@0Y@hn-%Lj8f!g{5u@|(^a2nUS@a~{mviP01ne)(X#9?$;Uek>Sy zR>$@6NRI!v$;wsonck=c`JpyjR25c9Ywo-}<_o$`gb!N?4~GX_wtuWg*18TSI^~)d zEe7d-IBGi@ukYxL+vbl0qht?-5l7u-(HgF$!&s`O19>mc-9aDZ7ER^(f;~OYnw``g z>~UD1U=HhI(H8N9A{`#M-)#AN#pdL%(4<}u5OF{g0MLJ(Cz&*)0*Qkh0m_q^F97#> z37uE*I0o}EbVGzWb+6+t#7!G}v_;+r5L5;fUkhiIc$7-0jC{IT^@Wh2oJi7P0Vxqy z!7h>)Dc*wJMgGY;Zr3G3fUw>lXT?f=z%fpDx8|6?UR60O4bcAg$;iuP-+wDfv8{$! za66mKE8K9@xA~&>Do&EUaobnJQV11FlmHLQh3bwLlRJ!yHs~6x;7dbNQtZzW+kJgE z0H}NlcKV|KT(Yk0+%Mf`P)v7!mYY)n<)5v;Qu%0qF$kCjpLjemyC zb=W}#T@nJKULdYZ9H97~ov8u*#35xrPWxEi*sW(v|G2zA?f$-W)AgPNj80tegj2W- z`6e$iqA3$s^xX252u83%zB?nBkM-cN65@P$$I2C9{di$iX%(Jky}51|TAD%H%z!6b zU6?ApM2JhC-^7x_J1{<_j(;5~jQ~+ixDN1PCQVIN&0El0(!9(Z{ zsq_Yd6yO`XBPWJkobx?jx8`>VJhyJD;b2!95V1(z|bS}qujnL zn`X8j>J7#Y9U220$sC+2~M`L}@$OMm@LvE3ATmo2pQQBEPx zbR%lzM&nOiCuNjVTKDT$MxuNyDWW38G~1^j_Ab6xJ~t@eRLq?ceo~#)!v4ZMc?Ter z!j^|O*}HnkesDpXn0VfIp<`)r>kHU(4z8h5NJ`vWsCyknibM{TL6_>XnnR+mFLw4U zTu=!l2!<89iT3(ny!v@uCNe3F$97H+`5~Kn`VtzT->vRLu%3~}f zg`4JV;yk&(Oi%mE(3!AHqKhYfkxTB#aY8jW{UDhHREtV;{;a6$5A#Oil%rk3Rup%z0@pZ)22|izL z;?h&bH@slrFZt<{zdY5mt6?aPm9+Wkw^2qS&s&^ujP{$LT=x1Rg5V4l+{|ojAQ=FH zYGV_@|5|0Kgcry_7Ax2EjO#Y9R1gPq4!JsU>{4gmYRKe!H%1ZdVWweB1QP?qV*q82 z8LRrBEbLiKArUjp;4?8j9-9Q6Nqtg%m?rL!6;&Wz+kz>R^B{?#OkCmM>4%={_c{sLF1E~v z%=mW;W;Vj~$g(uCKs%Cx-UwvN7SThv;pJ&Scm0_9`&?Ai%U@6>C3txRYh%&74J<;z zm+G2V2a~=xdAed=-p>&}B9^B@X3$A%eZ*YC66HIv^tT+xK)}YQcZ`>KuR!Wb*w^emy3ZQ!7sOv28>K*I)Qzsk$hC3~1I)08DgG2~ zXc(8bF*LFij|i#(i}9~XP5-cDDGO?6N7@(t$r#AP8iGb70)I6Iy#zJ4?+A(GPv*K6 zxrz^)5A%sgoG7Kbi78+2!8j6ojKsnUf-}OUx zuq|)=k}1xRGMaTD+&Oms4>&0*-oG2~@owC6(AUKspcp!BSe!$x*V<~jrri_(OxG>d zFZ7x>8|N({TI9xi?=Y1mZu?s*fsN-N?(3BbWB|vNPfuvT-i< z!NPXdkd7|mj_KGY!9xO9QW)1?h`}L*0Fs~P`-zPGHgh05b>85DCLbkH?&;eM*uX`Z z&Rkl^l}`927q^auU;?tBNzbE!Iz|DhQafREn0b$JHO+`>KNVZ2ZJhSz1;u%@`x$dNZ8L|F-PDPG#J)64fv(DXg?1bfd_GX1Kq&NWB5FS zAjQFIl^>P2O{H$jMHL%$C`wq(XN*jVGR{e6iLT{6%!r9_Me<0@!k=d(&!&a-t=AVS z8le40^x#4c;`_l0o`r|nZHv*dbNy_C+tu&%JRQWw6Dcra%;1lbV(rAhtX*QVW7MPg zhr&q1tZTVeCZ<7$ziXz6aMj40tJefK#_yh)Z}Brp-H&LJsoTg7fqtR4V~+*HQqB0` zq!^RC2zA^FA;`rGgYtcu!T?$r1vuaRhuOYe6{Gv?k8?~RCNick1!LLo1T&O8#GkAC z{_VBAycbD{WLgL0hs*Z8VqcHQ?fmSBX}mGng*{S^|4LGXlekV~EvH0rrLTN%ck zxIBLFSwkHiyHTvq82AZ#NG5u#t5*zR-FF*b?8aiA4Q=uIo6t^O?jg4>7G8)62m}ed zJ}c967NEv4lAC}wax(7F0gadRS*2fFgSrV`da*;v$}YPEC)HT`z;>eCJHM;cfnG%S zmG9u`02daQ+XbWj&v3VyCuv{tyu6(j1NTOnDb-G8uJ5=sb?OKmF#6oV z9?mSRlPSHJ!u0uO#F{AGl|qqx)da40Pa2jJ9V;PZFIOJ60)vtzbA!-xpj`njaVil{ z9)-NGBuNtj|Jg*QLhLulYsATOrs`TyN>+ksze&W7O`MpSZ|2YNou{7L-S(Fo2IwJagXXGk zfXd{y0zH4dpOuf(nsoRMe~adHJb&FS^z<$_Q4AiIItx$X7)p zX6aW_D3KuuYNb?hKwEiDReY-LW#CUh;GsE!?D-C1PA))JaHN6ew4Lm#&Ha3`ooGMU z>?iK6B$RJNQUtiCT?EQ?X_<#|=q-xw(Gf^o$H_nkhm-NDLH|~P=j~M2U7GnH1eEUX&o0$~}AC|LY-IIh-k!#rAhbF%f#nb*05sAWPyy)xuoJuz= zRB6kKz#Y<{Bk-Y!VTl~`UwQj`M6a@ML4)-n6)k#?g0b>E%x6N&^>Cy7X2oL}`nW3e zv2u|tw(ndN^hc2&a3$o-ERiFHT3PHXX! z1Q;z-4e`;0{@7sj=ao}tEI<>15l-Ympgo*MrcSY(gt=o+C?-93IrQ3cHKNfuiFpb7 z+f1D!m;zR0b@rW&k*4D;yh0MFW+2gml_E8yvkc&-_C)uHCs!BN;wM@n86H2Pp`9(a z2buBp>_FhVPd7sQ-R*3U0)bd%C9dptc-#87m2iUjVT#7|{cP2Ucb?Qzs$&HbevBGmkP?D!%gK7B_Z5&wQ*6SgH}u&3lF8+vgZ3 z*J|T#*l8BMi8FdBhcBl0IHp&JU1Y^!$wLk2%M*Scw(Yx~f^=A9^W1$Q-kGh%qE#YY z@T>3QdX6Xybl@#rR}Jn*M#L`d~9g`MX|Cz zZK*LBHLJYoiP6T%9Nvgt4-BNK3sLK}7_YXn! z9H7xns7+l5<$S+$QkD{^o0}5!{n?X%%3QJ}ee4ZQm5=`qloO1!Snmx584a3|JOl;O zL;Sw(RI}8X#-QE$ZT)v}ugQSyFYoe79^48+6#2tcU-^_mZc2~lrJ}*}BVP?Q9h!&t zpI-oPm8YWWG7}?h_f3h2I%f=z4kNtwx~3EeO@l1tVu-&0QPI`MM_YOJu?|`=yG`(h zXuMU0!+$mqBDN(2?Sw)1Vd&1^%HbvTML5mm$CRM9kMrrki6|;Jw9&$el zZ-i93y#zyMz#x5#)JY|vMjmI}Sz1@yFrYOoG(gi%12!xKHk4%Q}d|YW_{_h20|@6Z8ZkEXbR^=oELGUQnA^ei%i0|2a!-RN#ZSTX}Pd zLs@^bhgM;}G5_HEKL<~!y!FVxsH4l@|T(e6PXz2e4zdDK5THRE0|O+^=P zxAL|mEJ&Gn0;*9_^YiIr)(F++FIR12KY?11VG&Bot)R@m8*AGnR9i#S?ivxUK7)as zceH=)yCov+^HFKr=`oJB{Z{~oS%bxaOF_IbCI7gZMjGsM5WhAK>3asNWh zJt?AAcsx)DIsqcSgl`31uyB5nz_y+1wR3XoY%xj zXJ^HzCdjt%Vt{ zwFA_8u*~yLOm$Z8>}^%)MPoZ+p};FLrvP%nn0;AcLATbcznjO3f6^z&^(|ST;(yR1 zX1gn{&(@IE&;hPJl=-u#B?_Sg7^AQg+AB!7yTfH;!wSk|7;#?>ng-0GV%6WNBpzR- z4H|Csc8S)WDL-TVs48(5(=vSx^w7h8q6|X2*(I7;YzqBKquwdDokfuyff6v*ik7Nfr#y>muwp^+rs#Fca)iszi zn!wr;7C)_+(#lSqWWpy4NLbG;jmQF*n#gqgA<0Veg845(nk4~xnw)#O%d1?Am1A_m z;tJ&oGoB1B^wwtr>f@OdI8L=TKUt*u3ryy8e@S$7Udc0l$9sL*%{z+~KsHF}q-Kiv z(bd;k+|NAugQ*$O^SR~o)_@9&BF?2pe)+_t~ z(5kg*ccM9(%=d^BqFSwj(UA6jE~N%diKfk|!bRGI%H=3leR;udZQbZK%(t}LzIwT> z^J>Ezb*1*CO=jkh>x+6|CDrg^W=Wcs7cCG&Fh}}8VAPxP;`hWq_{caD+abil^#RU{ zy%=DA{j$jYqN>t(Tu(*oslVuVbQ{y$#7rYFD)_nVZ6T@tWsX#U?oL3Q-h-5@D;heo$!q zMJ#=cb1wFlUoLKJnGlXKBoYCeA!C-;HNBVVTJI@J5*pAsC;^xLPgAi&5c#l0Eq zyUB6XwlX9g;$rbH$;vNK?i6jIB2CQNb$l>BS$l_3}2o5ld2zeQMhX{ z#qNwL|5HBie{B}C6CxA%^J&HA)i*R4m8AZq`dqAM=^QwS&!RW8W=uDy`d&`qvzh)d z#PFKV7R7w$&GIa5%9Id{~m$-pbXBA~h`yfk7dT4Y>U40Ts$k}o< zCD!XnZ~FyWX9}O_@pLb(-<#QexCK%fRQVgo9VU;k1N5N5(c+ymBT9dh2;EFvHHpPX z)fnf5)f>fLzniAg*P+Lq38`WtH4!nP>3+_k2o1(3<}YZ@FmyT?V2A-y;+4{q`A-yb z^BP|ii_Ev&Rf$fd*Y}cFFGMO90WLX{y)Y!APpAgOUk4SJm*#~>=TzUlb-rr|AkNCe)Pa;NpiL@>f&_rb#I{KTAd`E&=^V3)5a-}$K^puc)GTk`8x5{0rSY{k<+|8V%W%%T)dbBg${U!=U6u`Q^dX}RN6#I!F0L9 z42JowuodOB;BykT|D^q2g!c2{n>3|Wf09D|?Rm4?VqrC&u6+16+65=t5~sQR-OlHJ z%Sn)zwU;#{{AI97X4(gMRtewETJeiqEhsJ==8L|wt))0hg zHm#MN7PQ0Z0PI86)GtqwAMT~s>n~#TXHeZulxa4Jnp+XU8PK0@DV7s+!-4^RCyK?(HY8UcXm)h2o~9s>0e27EdW zPkw(VP=rHG*`c9?a#%&R!AYt93hjF7sy6Uk^{k>Gn!1pQuq3iUM6D`TX-qVSlW9NbRQwoF)=( zga5~s-oF&?*Ju#1TP6mf;q6ju1-36;zzFHweV*-r2O9k3^4(13PmopbQ4k8+&~l$f zi?0$eoky$zemVd2IxXx1^;FOrb{y$)E_X&0q)I+(aVC_{V}ClJ=Y=BotOvJmkXsaC z{XErwa&yHatvAKxA>1(HRasq(3qTu>DXeGH5InWe<2dYVH@Dxy9NBszUD*`b<&xUO z=Y@?d*lkCD_}8%d;5YE{KV)$^;nx($K z?+qqc4zNV^p|i2ku-SeA8dg?Ll6vAV!se^vUj7;;$X>>{DHHZzw_P|{28V`cQ#H{I zQpXPZ*Om0F%7nlZ5KCpa);37>7O)G*eMEu4cWeI;b1Vb{BsJfGu!~4-zF#n3h+Vtab z<86A4lvk}gj&=yM12pbuT^Tw`wPVC~0O>(LyC}Wj%5&WN#T$UtSKu;gekt^$VCjDn znsfOlLk2%y!ud)5Cs-Hs$Rw!7-yk#jBfpe~W2V&xFCM5CGUeaEbUYjW+29XeMt$*u zPQ?X~eb_H5%bpEgN-0;aSxG;+vFEj4`ik#?8`V6F1B?BW)dY~Fa*Gd%6aNa&<%lrX zYyD+7J=^ssi)-~Cu<~@G09G2x#_X-MzX1q2`NX>Ge1%ZrbMknMs@$;@KDv8VH#LwH ze8HF@25FQcR8-D@^`f2BGTG?TTy>%Z2ZOx+)FuU7&nfOV>z^>o7FWd5eG7&VArQ-K z#07!VefTpwmHHdsU~gh`ysk9xcA@+eq6HP*2nml-#2|i`w*n`K{{|~|ta&a)=g;Ty zDO85mpk9+POH(|Nz3Q_d_h3zG!8P#!Y)9;XFo3i=VRSmy2)&GEWmXzcrN>}b+IW?q z+*XgCa{#gq!CX6rS<+%tLTl9QU(%8Bn^LFy(@y1D$A1%k@4S?{U@ZUlp3h! z;81+c{5V%1Iz#@nt8>um_M~5!AYa584Ll1jxj9C<4N$9pE4@&QXVgBx2Z3WZAb;aR zJOQu#`~V&NOdm>r3@QZ1XK#u&&6?(|FW8Fi+*I*J^6$@u3uGMev^9M{LY4c#RNT1i zkDAg3>IH$je@kN%bg3^oiFauix-(lBmkKxeeH2 z$H#vxi5oGgQ7K4k@@oVhe1<{d(eabAc2fDr8omtW6|7#E1KeHh;XysKJ=T~%T1ti{ zJ1y9%cY>4|#wI;?J&+VEvc1Js5 z65k(u!k`2^Tualz0;L|Z9_vtN6SKhR7+}&7gr4}-8JUz5)s4k9jAFM6knT?9WJHuS zJcty;$MgE1jO5S`+s?q3jsat#||5Dtg)w1s>o$TZID1JoVHKHCnFMD5{h zLG{M|&GsMhV-C@TB=bZie~s_0gg^5dije}f|19N0VqQ(fn=1*(b(`>Q7*mXBv=J14 zViBoPWG6llX5&FkSxbSrnGXIqBi*ZL|2M7xqu;m0v~WEYr5T>2vu(X4iww%~NqeGz zk~5P3VD!GM%k@O+NUOpXw1I~mC+vIlVzB595Al)FCtCubA>LZ~plJTp{@NXQE@NqY zwe*?@l{=zd+K>?tHjB6AV%~AagqlFWWF1wuDCZlf%051MM3J)d?=j_R6k&a>Z}ZDV z2>ubU09h)3DG-8(WBa*`J)S!zL5vw4$#%F5LY$^ebt5yOKX*gYhfRHO4_gg&?yuXlgPa!iUO%(Ae)L9sAHn*JN&!+QnbJL<-KL(LLJcwNppgEULN z-rx`M7(LamTPl?yuXso=4<45ecqc&{k#!=&hYuB}a`x;;el=Tlix64#&64`oA5vk6 zVL6C?#h~u_HSV6MwAEGAtwVN5kBVW4HTdRpF z3{B;3wLdKNHol$>5Ggz681SIJ(AcB)$*uuRApi33xB#wB0uv`dpftp%67P+ zBX&YhhE^1nj4M!WV34Kv_1(in(ln3qt%ekI4Im`A;tqmht#$O4O;(j;VR%CHFA4^j z^9lPNHFHa^k22aFbmLzw6^CIU+eX}!osfx^)6OD}gR1=W_Y0rot?DgNcJc4miHAgM zNEJ=r4QF#<0v=7drJ~4|8#;_%eOS2TOE73==8u9vx0jCAb|u?25o>ZoIz;8`dEX8Y z`a)%++_zM7C~J&u*G506=+f|k18hf=)y`qEI#VH$X`0?FUF{8@XkrG!Cs{%0=O$Ob zi@bxUO54ABzX;EN|C7KF^)IOol0^^y4=~acy$8~)^_^HWm~}Ns_K$IDXPzYGnrfdm{22sh(_`9& z$XY_#f=wa<&7)G zs?T@cPk8spFIv$Pd(Mygo^;&*G(PysQnKl>mCFm&q3-H*BEAf|p<#Y5S61Ju%j?Gy z(tQYm@}Jl=H4nRRLj#&Prn^`V)9R?rR)?um+LmIADC(6$>3TYOhy<{Vd5x`I$Tb&|)sP}?Uba#8Fp!Bdxtv?W4yQgI=&LDlW|DoB3$;_ZoTp``I z!9-fQYupvhWq$BbScJeK!&QYyd3Y4ynk@{zz3D~(^;OlLyxw_Y#kbAsdoE!c+Y&2# zY?8N80HH}g%N7)hXf**oR0F8r{mIcsgs^HS!3q{YD3xc~DuWkUO@h8S262AsrETl1 zdnq4^q4PX~uO(`2)+a(44<88{SKE?*bV=}dn_E8pn%CskoZ9=T8gl*cSC_S}*!?!=?2##Zpu)b%k z8=sUZA~uD=>faErFUzZ{uRB7&{0*XcVI4v%z_vI3K8-Z>TD)}JpL*L8YHGjIpZvlt zevB!rSlzP!0ZiQ1Wm6Y$z;f8Xj97uK5}y9f2N)?wkWYkX1(xbaRHs(wE9RpeEIsbv z7{44{IHYxR!2PdYccP_ZQM@Y*SyW>I6HXunVobbky|$CUGjw|gDb~ML^|kMnq2fZ$ zNP~J2Ch0JN=dfLhNE-rVJIW{VcOCt;h&|~JNIB(!puI%*yhPCHN$9IoJB_T~Wb4@6 zC-Wu!bq=ZJDH1$d+lTa&NNsP>RFA+oe5y@~nR$m~xW=IWK>oV4FUo(Z~h#3c14V&qQbrl{||DEcXMG(1GO+i&crp^N6}hfL84aP>bcCBv|h%)u`Lva9y~rGoqS z!}-~M%N7mU@cerzUKLApfR#$Oevl``9%MZ_hoDa0DAb?>10bFbC@gD=A(W{ROkvTETG?ev9;&}pmAc0p;l@@ME>f9@5J3|F3_LZQefS!LssyGj*eE%ZUu!8?TAgx@{d;-LSv@ML&s5|Us- z84vR5F$@)7fx()-WPaKL#`rScPNX=rrk@p2)T`ed%=`4^+=qij4X^JTkFC)44#n)5 zzWN2M{9j^(nJA-E#??1KnS-A_jQ*qF%)e*bM$aG+b6k`+q)O@W`6Kq?&}{3b)R0ZL zKSvO>T%u$tEnPLu4Ee!ktsGg-^XE_)+arOs!fW~Y7c^eYXeNmaB8`D5$&67Ba!i(S z^S{qKUJ_;T;SU-&D`ggou1{S=pG>_KoP{`q&W7I%>xff6i^GlB0x z&DfO}bHMKHl%1_8#97-d4Evi40%8v|S!R_1~53U*IY|f(=ITBu~+=Q$J_r^5IHpDUR%Q0*LiL( z5TYum8vX0ZX1<;rGlWcy4y#)(?222bX+P&dD&L0tRQw}$o~xi#G(K~M*g+VnnK%(< zo}oNJ@{V%Fv^cz^Ohj$Gr@ZQfdV4Ezd1Mvt0(r~LIv+uvxs}G57oHlVrRA2V36=b# z&CtcjBKgz|&C4>+w7{8*G)3Sm8NR2?H%~CKixE5no*hPA>7QHP%aP^gbRyw};-$ZO z1`zDw!;R{7dAuMje#yu;>xNxQvne!X2!kkire(J6r64G*O0%!DNY9-yY;Pl1_zSV= z{ZBrQ*-<(D$f(h_pWYLS*XSbeF!GtgsmwsWgvliKLchE7Zc0_?Vmac`2`{HqeV%Xd z8%ya_@jS>AH(U1~*F*l*g$-ikJg&SOnf;0XE@J#3-=|g2Q@0l+#wGf%pL5?fjQ`91 zxyU!aSyIzMUyGXm2`fwZXc!LnbyqLj27I^H?YTq(LRH+u$Rx>!!s{w6IeAJ|Na3h9 z6Xd9#uf4|r7>qyhu+l{evuKohmi`0<`=*2>g(tagd;C$zi_(2fE@)ln$pV;~?vg9_ z!oC~pUv$w^EcVGvi~Nuf9eICJ{gkYs`dV1dhoA;)%jZ?ab%Hpa_Y*gw(n ze9P-Xv>9GX{lH3U!y49?Ti8x1Ikh7BXD10J#WFuFR2i5zw+zTUQh$BTeL*o>8bH4M zwb5PqOS65g{wU~^v4eScFV(-06F#EKb-cFm)q2D+!iu?+Tr>XiHai$La`YnjnhU5fU$2gpI#Dv3zM=4$|^U9V_-h+s$Gb_dL=5djR-q zeV-#m2?iYF%osbZ?Jy#pxmpB*{%W4mol%u)S7a4vG^`h-P$ zkp^LB`+%Z{fwBv=7*y7&UVXsa6d-(fSajM5=(_J^{Fik^cFqadY&%nS8L7@CuI}@f z)&!#s1N{P+_2jD~`k=tc^4)V5EQIW5^ubJYk3SRHob(m>b4jb!OPX3Gebo3~AZNgo zUVKEY6z9V#tgN{jzUN5a{02FNjpEgibj@&=Xd^LJwiZRzG|mq-&m%W66^PE_imZ3L!> z$LNB74LlHqCv4JBtUik_2m-ho#yf!qtW#FcK8*v)O}WU#sO~ z8-ZFyD=BvWIfuXM;)t{2LJ~C_Fg*?#e&g2YWHkIHpEg8cjD*uCN`5UtyVN&lhaK_+sZ+0aJ2c z>QGZkTi+FjRm|Ucz|Z`R#`Iv>%ip9nlw&4Jg&HX2#eC6`tiFL!LHAFZ!wWn-bPZ26#5^Jm0?lJI zP+rGag?8U~G!lo!pN!%4*I_IFo7K*fK2YyQ_Fxt%SZd&SLNpV=vfqNCTWy%dq_EC% z)x2oK$hg{Cm=${c1ATAc`^8U+eVca|So)Dn(dYzlI4^Kxk+6qr#0nM^X?w0xL2YlVlFqkcMbQ{XUQ7c9ht@g(G|u1wQBu2H!XXi_y+?yKs2s?OPdvL zDR;ycyZvxP*s#Cs859>+XzC!YsQ?;>`NQE(7}bWu&A>6W z8PHmko8SbW27rO`I4X~*Sr<_uLxkvDEXguH}|1VTBPAF5s1GcWdpah z*L1~pEx%8Kc3!4{-k`1Jce&lCt1REJW{yHvu3LItz%oSnQ1)GnDxQ; zk4r_pn;GTw3F^HQ6|Jl;O)+sDAcVUN5&PjTbBHW5wjI4GJ5gSvNHxm>#sn1O|GG0s z)Jo2OIo<=0_VmNu`Qhovw(U&kg&t(@e9C0vE-sqpwK>2b77`!uUvSC`t-VR)=66hI z#H{#yl4rmS)8Q>EKX^u5ez!#D^PJlgtdqwmqE}%hDnI%42~x5xCu~w;Gr$X3PU;u? zH~fv178@KYc-l1kLIb=FBI2yJ7hWH1J>HZew^Uf4n2?XpqkfsRuNu*sS}&$qbF(jZ zWB8^=CZyE`dPI30^zkyz*TK7{Eq2+NH~5WxZFE3RrcQ#~5^n{+ z&DM3)%^I`*5(i?~jwO{Urj_?@V$MyW}%nU^3`J0ck4%T1+OodC%j2zf4T zE`jkErtXXpPif}04a3L>Xhc|CBeI#*|cQwK5J2ZmkgML)KW$$(1aSw z72t~A$E`d+p;xK4xH?3<2QA@s=GfxySYDFza0kX;>iRdl-RHw!)U_rcFE;=_K*7I6 zbum%D3)$G`8z9IGcUR&XchiD9TaW6#{a`4extye

f)!JNY`|PE78>2ty<6^%S0j0 z#;mWSzoy6aCe3~2oX}rfW4B68o+P)z--MgqPhadbRBe?Lkv2rs41)HtKUcB@2jiON z`d8_sE^OrG9Z2^Cti;Su*t$=Ygx}^wk9J+vnhzjkhPPK znb^!CG0yU3?3W&oFW42=A|dqt#-S4Zom#|Q)zK8x8E(@Ox2ZuJZ0&u2dEQa4r=nLL zbdi`yn$yPCsy=!bF->S&wugCnDBmoDY17RXrMg5UcDIB``#3!vL;Czlxw?e!ycE+6 zmkEdx!Nfd)jCH11P-un-$ZJbD_NB~3L0PS!TgI56 zZ52LC>NTj{*w+qH3<-}_hYv3&WL5s>Aj$Rx0|;aN^{cm{JLrlXoF?bF2L_S9p0YiI z(<;P=sOMs2>!Y{of>hM9xVd@|U3f1Rf?#BrfO5t}FvyK0Uv7C%+%3iyKNr_@Ugezh z)KNtRn;N)x4-zvF%_uOgJU^_}n?1HqpjAmfv%=p$VdWrogcqSu4w^-Vx9)d#l6c79 z)D78PKLy4Qs0w$@cl|zCn#YH8#q?rD;csWZI^mHm4BND2h11z&=S-Vr;EY{w;r9%Wd1n{okAuKUe?SYKoPem*HChp7gA*^u1|x|43=>$Q2_NE|M8-2`jfev1J&05Hm_~5=HZI3qP*DY z*!v85NmgnAUk+&5Hx`1+StqI;C<;X!Y>7Rd?eU4Z1WlL03_0duAv(Uv0+%ZSDAcvv z=SBUUIaD+X>T|(?d`}Vm;bvLGv37fZ=F=SMKPOH zm`r6}n;eYVRPc783tIxsWz?e=8-;dJ7c(3*_tJvlJ7gu&^gJY6xk!Y>q_}mERwrZi z&|~wU(b;Z4?F*lwFbrA!tF6_((FT@fGx?@Ff;fuS3OT9%X@xafLl}oSghEe%Mmj(| zUek@g%%|GHMVOoUQ&<6wI)9q3=K=m0Ls!po(|0!iYRr~s;9X4jAc>Isn4Ytb(h%hk zHB+b9$8SB2?5Txgu&Mp=`llIgV8D==_fW=8AT<}vGjw`?Y~uY2tCF7>o4q)5pqt75 z24x5hr91r$M$ zdX{uYHlZ^~ZN5a%Dtrb8SEAK1qp}A&GuyqWy6+5dc-&nV@1}D~r2B=(0-s*9u!k{% zSAWgC1>5#mX?g}FVxqCX;j_IHZpT_2HrN7;q2gV*_%4W=@D`3`s`8gsn_Qr`>`qcl z5uj0^gXc%k=gy=uaXZWKZ*rZcx<@3XkB+VF;iRht^@k%SAgE5alFyBHesoRgEc%-Oj0g%b1!caB6qTE&D>SMhhbV03efFgSJ4!Jvsn_z^a(;Z+bR}+O~3=+{PxS|+^i7*cFWuD41>vxl_-RLV=OmmAqZL!ad zTSUmW82+X?clp~2)0_Il4q7s*Tfm)~4^VIq^z%9(Z$*jKk%FQ({lHak!b(EtMCtZ! ztUQMi1r9Np$%2nP!yHdhy&P&Oa4-B>x{~bwoNqD?-pwDLSrM+#AqH`wXlBa5!#t3K zeVipIq;1L8B)lLTmFDzF%_)Z~}a7Mbi_LjqcwS$NX51Wc&}Z{tkR#)P4>VP_<{pD&>9XX1TzTyfIk;9VxHZSj8?0 zxxhb&#J%@JI6r7)bgPhtn+nww{cVeqE0O+ZP@l5(DK?^IRPAB|0rQL*J2V(*tG_OL zhtXcR^c*iLq}{jdeVtW2=?<$5#o7nr>V55#pI~R>vG zp>s%TIwby%Pa#+t!tUTc}}i?Z`$$BH^D5$;U3$zeyvUX(f;T2|nY7 zzu_)v&qXz}u;d(oOmUyn1rm6fn8;?p;4J;Oa!ukRMHlO>ZM|XcknJcFunp-e<@;1t zrFutB`D2zzJz}i`l@H^-9c+VrPR+~ie`E{pdW@+4dd*NIpEj~9jF|yLQ^8lAB-`x8 z*|v7`(6$-BFBt>Y6r!3n6Wxe*c#QW^DY)@im%IDX%DI#BCIax_$&9O>tdk<>8dQ~} zP?fvUzCMbrwQJ>7EOZgu89qwu0L(dBeh5HI&`w)E!L47aTAT78(Klc^`D@^w2rkm5 z?^xr|mNL%?k;$0p-LRmCBsG(n;1_r9LupZrRWMr9*%jNC*14>(`@;(2Wp!C@G9PEqKfnRK>YNRh> zuH*^(8wo(9ghA?+r+_{JkS~s`4_RPc-aUKYy=7hV(t%M2SV_A1h>N zsC=;xXIb{qXRgrN5$@&1_WgPwond)VMTx6i4bit7;8YS``2K>!c`Iq>mRs%k!QISA zsf!jcp^DJwAtbGb(uC*P4f;+V$H%Rxy9EM$4Z??*3}0}+B18;PURpgMq9aTxM{hEz zpuuvLKx`-{@2*Y3L?GtxB7sG{r&)QLTa!~0MN$O@-uOgY5jus0j@XuW@|diLO^f-= z|1QRKE#|PdTN$ChhtZdCm4#Fd1uU>yukdh7fM_HSwtp5|>FSp_A1>(|B3pi9nXN6z z6$TG~kr>EokW(W4B+mO&wx&nFe?yFH1dfriTxm$ytz`Cx$docEv(}g&X7FBM406sP z`CBiuR?m1v=O3KQ6CH^Pih$;F{)NGrOx9nPsTeFNUj(~+#Yf_QqDcp*%v)QU1)QKc zp#D~lRzpIaj6)lYZ%Qi;ls0GBLUK|1m8)i>H-eHs2bKXHAx$}!qZkfS7 z{jDhxlRUBo@Z=nv!zk&Gb^;bEUG)zpj(#gWAB%r*xJZkALfhF`fIFsZ2t>O0cK9G) zr$RyUj#-h0lzJ-@lP|~+_@36fjCumh%G)pSE=bzT;iK^=U*g4Yk4sF`w4Y*pE?n|l z=g56X0{QCmuc@e(&Y>7dASXBoq`Tce6Ie3{HX|V!(r}Uc>bn2Jxzrh`dU|WliPXFV zK^>WbU3^b8F|g1#L#nlPmn1eS7vP%NNm1+`=OjR*as1=j1U^4_+?s?n|3;G+_Jupi z8Gn|<0RC{4yN?d8Hu_WCOXmqb#OI7UApE8bD>8(^W38dJVyMY5L{L~l@r}a_BAt)w9u*1(elolt>HV61*>2GwPwzTcfe{JI^ zCW+5lL|eaXje`o6X;syqDnCO(2!rY#GgPeYn(^F+qbkAFw-X8pAgv#?)R98edLth_ z?fCTPn|7X85-OM2p1(|=ZneMwS6<-1koB9hjioBmM%4*vN~6mwfg2VxH(MvL2RF0iQ^PFKlf9cz@ccAKn{?ne=qG{tQdSxd9BPi&ZYp? zRFIY9H4_`euLWC#*Eo6Sf#TKzk=ief%BBRTQe+<)u zq}Q6h=9WHKq5ZW6DMpU57xe}>JSI|_gc=_-dodW`KC^8ZM%jO07Cb%1%7rlQFbje9 zP#5@+#&X({s<5uYkH3X8M>KHFR~ddYYwhGS2Z)59JHzVK-es zT-F{=>-V!CZXE#Eo~If9@R}so!)wF9QA3AEoKv?4v@%0VQ{D*YG8y?S>)N%yq2LVp7}GTdjY-~N9)si2pCVAs zUwrZqojJ4|c+j7sorV;DS)N8b@8VQ{94SL2 zs3*W=cmOm4@XpcPV?D(ageoJx$6VY}nnONhkaED<&Q5C`kk?-d zoYfz;=ged57*mXaduK{hHAWCbzWR_h;OUdHV1M_Nb29nzkoUVxp%f>&5dVnz-}H8H zy^<#aK-HxmC+f)H|*BGc4C)NE{IC zQ$CI>GzTJ^+~zAtSUey4*db8*n4*t+Kze23+YqUa{B;Z`LH~x-pAeN?M(Xz47y4`| zNRr*-bwH?BVf<%90nx`9pV>0-XbB0)5!KE=U%QkKb0AJ{4%C^bCt9)6`A`iEk(3ed zj*?9J{#eX-dSY-67uyZgq`3aUskTfKUFWhpTt1%2>e%l$infLHbZYK{_WfPGD_r&g zZiE?J0@Y};E|qhx)jm37|0|vv+>B%Pmp!mc?aYytd+ZN(NPGb6pD+YYukX+mEw3fa z4>1-qz3L{s%@hAU-OJ$@j0|n9T#<_hZX=F9K>Eb7>S9yc5To~x&9kGZ%b5hvPS8p) zu66tp((b8cO?I)G9(CvJ(YZ_+wGo7Xkx*RHdEDG>Ay=02z=}VVZ&E)~dX;bvRP32Z zR5|_Bdxo!9F57Rn9M)B*7NsFTx~06GjuHKP($uF;f0$bH58@_Jl2ueH2F=XdFuB7nm45`#JaQF9!RNb# zaGfqb_MvN-go8#GzOX{%{d~LbK<$!H7T!{dO8~AMSTAFtN!$=218CZBRBi!e+3}u< zap#R2JMC8F7#+I1L{7?n8(b^RxM+}4SABD}rt}d}d ztOm)LS$e*)4ZN(+FYxOo&{zN?ZEpBcdipLb(+LJv=m`_cOES7Y^Exr#ze#lb^4Bhu z78b`11ExXHhyfSI?>;vu1)uEji_Aa8q-`~kEl$8BlWAc;_(YPudATWhOsk?)W0_4yjJ}=gQ8WL+Z zXCHF8aBsb0{!W33i^BYQB#6;e0L^GLmHE-i)aS@wxRBQ6bBl#&_c)tgyf-9#kG63T z8+ZpPPP+c~9GmM8%VIi4Ya5r72i9b29UBH^1s-_CZM$Z);g{M&HpYg96;jB)G1OGy z?Cf>JOTu2_#l7d~NPu?^e;lm@vEjoh8Tdv`Xg)_kEGG~4C~^`>g;*;Re4mjay} zl_F&n!O95-&E_m>cCg9uS$($a%u4g(E6}fNm1glMAq z8+-S1Ha*u0T|~`bHynk%qrc)}zVVmxEfraq5w7qwDA5`_JgL)S?{(m@u~wVD zTN{1wxt-hlqy1)v2LfcgOtmpal9mQJ&uYVwI7)+o)&n-R`v*Y>$ohEU`EPFV*OAd5 zdh|;Bf=D0x=}3BxrL_5CFMY%P8k`ZrJhrx}T#Wf|(1m$7qI#w)RdR-Ol(jtb*qUxd zL3c?!1${TF$J5dl>Kb<>o$gvR8I&%n5b?Is>$S=6NhS$FIt?v+suM21xIduy*NBEa zYS+mkQnJ?U>xk2k5!2K0ZmYRY8dTlnm6GQ-Q1|jmex9z+;U#+Ev#ev^p!kyU%Pdel zn)2El+rzpENr0R1XrB?r84ChJ_g$azmlsCsNTQ^{>El=z8N|pG zJpdUMcOQFz**M{Y>aK=}c~=agZ4VET1H-DBeHtje38d|C^Zh?8C0 zkVH?jxfnt*Sja#Nx}xRbk(CRZpQ*f;ApO00zZ$d?ECr#&$tj_#SPC3 z0!%UUH-k0_lo}qg)ujcKAgUKzA(Sl7t8aRyhmF%Z{3`=j#Z3X_LRA%xeEzK{A>^>| zratf-2EAvLy+|0>rfML6k!BifTLCUq=4*faL{l_!0PtSNXLRB4e9wa=z~0y_7yc)m zWb~A=f@Z8XLW3h1H55?Wd<>a?&LrGg*tMgXg{JkRJ(Tg+&Rm0l5W5p+L{NUSe7Bdt zBkWKicT?GCE(%_4;2U#G1JIe0m=Ees)oxoY|H*P?iF_y?7ZVqwOm9TzWkePx`a4 zm{8gM$ll}c%WCU=Oqtg+ceN<(sEgP@taEVs=Dt>y(ik|#f&5!x^H1J?I>yjdtBrqp zW@O1`8LXsW>4*}%a)q&8j}M|eIJ^Dy;cra|l@yNv^^nNDb9R6;@1#wmFt&Mf^>?rS z51L&bdZzFXED>nkVK>@9Zze(ya{FKJ(rN^Jkd!c&fjFpEaF>8&m@r1^jR-=y$t7nH zimacy+^x_ieO7I$@@H>8v>fu)D|(#?h>b<=!jPHxkDhkU z_9&}r=}i6OQg2}kEB%AHBk0*=S^2M^%wm0i;;E=#8`ffz@3cE_wG#!pvWlJ=VSQ@h~#H=2p3v;e|>NBprZc%o=_pmKKio5U)%y1*AUrJL%StH93l@c z_Mi}3JoZQDcfi*+;t*>!B(HaUZ&LD)-#K74h-jpesv7Wsq7K7yEPUbc-P-G3E>>5; zY9nkgyt%m2jw|}5>Ue8_d=4pEE7kcm`^x`x#PByej3c+(RwDgP)bRSzKK5i9tGA9= z5^}j>H!g*i$!tGSMSl1#oMa9C{fy~A1dQSxhcKU*M!5L&?}x@!L*ySxnbqxQB+=bs zsCE3J?5>!78~$x9?+t2m(Bp2?YRq!Bi*8&I^sqznb$z4UkCQMuzSYx|UwpQ@sgvZN z8JBY!`7448KI&JvLx=_lz04tT2&lxUi4SYVyIc{PpwxfSOw_W)@7PcuRMr&kl2gb~ zFY5YWd#dlVoh1QX@HZZ!n^}3Q!=W}5(T35rC40@rz5j(;^hYwi$T*sJ_jGozM7+t0 z(11!|C2y@eQ|w%VkE8PVUcm`ufJ4R(=?85AR>R0Oc_c?!@^OC6RRPgO$uOuj3VtLH zBK3E#lBs!4!Q-1)&W@ zC_?*ZlpD|eAk~0N6v>q;V5V+QE=aILEcaeIbrNg7l&k*DT<0!OByv|mY(6#$0$eRU zM7jXYaOKd&PA+-xdgJEzs&(3}z*DxG9{tU+7728P%N5>&ZH|fA^yjYx2dvT#PTHR1wmikc z9%*Hdx5UP0@rA~$ob}Zx=fe~R?0%bZw>pcVi{ro|`mrv1TV|>5RS*mUdsSG+^jeW{ zgVEKnWokZ8NQa}F+(-(@G;q9*rKzs@m!HezAeXExV618;Fa)5u_|XS*ih>+t0K){O zt>5rkPOZsHeirHMfx*#2uf>%qj#$MY%#0BL48^YRgKv+J9dW4%ZpZ=+%W{!o;DgBMWW2Vh;a;uqzc>DgvE9-PExNa@QETZc7!$%3!L2B^# z$BAa|McMIW1%+Sdt*%fpLZvb^T!y9w{6ll{GL6H_TLzjG z($?+#&Am)YGOm^YpMhdn?xF?Px?curPY;Xz_`aR|jp$6-I2Oe+;E{{v^SCEVel}z4d$li*2Baq7dWg3lYfe~OmpQv}0*?toGkS*-MDK8g zv7kBT=l7jX=u^#RnatAT6ee##08B>#fF&{pv{Kp6{Sm~GqS*#fFaJBb9!zyzhu*84 zzw{5u=Ia)4T;uVPZOb|m4q18%sf1Sf@^fA<{6z=L8CF@r0Kp?)Zi80OvKJAC$(}z@ zFObX*P4dO-@%>9Me|42$CK21LLd8{dcjeb}=TwmGSKypQCASisWcS&*GK9wyG|Mcg zPz^t*MKl-6r$c;>5^f`9Lay2-ifo$$jP!h%(cjSn5m^S78DBS4vH*b-TFB&h| zEy8xoGr|e7C5PUqRvPQMn}#gHl4r6wX?yr7Xj!c%qNq<+Zo)D1GurpW&t0}mjMr}3 zSOy5{ns1d0jXSxQ@KvmvQ?bP`#6D5jORsThwYI{82gJK?VML zhcoOJnPXk4W96KwhT*Um#f%X>0c8Pv^?{qAZlUf$WO({VF}&iw$xuF7|9HPpmr5t1 zCc=6nP5eN)`Zrrz4{go82(0&P0gV1VQ3Jz-6W%~B?!z~F+QE!nCUW+3(lT?~1w~3V zeE#^KLjs99!&{=fM))C=11+gTt=E2s!(ctbFK-&k$8aCzjS)xIwQd*`OzUJ|W@?07 z&vGTIamL-S2;ut%+O)ffxN;(%r1-L@i8_#kc>_yH~mG){`X_( zQ;=3ejvTw_K(_CCI!f6@M!S@1f9L_Gu(>?r&wa$QFB$;flsK335Zu}3zSLcONP!>3 zJRK7FO9Eg)EC$`j5@e3*cm8B*fgyQ@3%XnS+gjXHC1Y8o}UM1 zo5)9;AJy;FZ|3Z#%PAh<0Uy7E<6&5*^ISEx(AWIUDss!x6o+xq;Vj!}p*$2CU_zeB z{>iFBHce)j5=5!H!ltDG=#I{8&LghaP6~zVFTMBJ1)6+63-j5|tE*(}L6NGB3ShC) zVt|Dx&PGi~%RKkUoGL+O)T$yzz2px%x~}eFj>mbvG8Bdxr-pV}LSI4>{S&{lkg4ZN z%)dcr@RRnEQ0gNR9$kOr622(kcla?EmxWw;W=C^>fM8O#8`wBVs(%$Y0TD!UBa^9u z{wi8H*DbAyRf{)u3G4W-zFzvMJy5evg63*AG8B&?blT)M8MF+s415Y~*d6+4={Z%9 z?-KLD7@`P2WncPOSamdW;t0`&{;`UT4lfJW>2YYCEuHQWOD2rhoAcc3! z*kW7!CRd1`i$n*E4yv^ifpg%R@NjkWCl62SVK`u;bmtbRKu-K(#yQO^bb%DXC{TB+L6s~yt_msdJWZBuUfbT| z`6OPnDT{xF8BiNHSdzaH@ITIHhJ4P}_z!i<-eQ)fkk>r)yJonlPmj)T6-5DKcMHG8 z@_{jE>@ZEv@O=WMXs2ZUrlu!c(O%R2#bdQ`75_EGPF{)5d~e+J`Ec6v7T6-4cEtKD z)$U3Oh6RC_qcMj1Rvm-0RU1bAr=+EA3^QZ=N&T3OVJaXsIc2j}uM|Ov^6<%K-tl_N zw)VFlcWBv=^oaoniS$i4FE~~9{kUQ>FL84_4?YTvvvG3<<(WK^fv$`kn`2)787g?8 zIZdILT5Jr*wUT_b(rM~<&G+@^TaG0O@}yQ{`s|m%8I@NlH~!|=Uu57wK!k|B)3w=D z%sC=}tDw~N@9&3>oQ&pb&8~3w9&`yeNRiti2}C0abb2a>^1cS#?+3zbC2B%fkNP;@T@-?Ui!pwfns|=BZ%z|3jyAHqL(6@L z3v0_iKwRRqF*tA;Da;cua^7~=w2mOh?@I9xF|wnExCD-#(IYJVSYuA$#yei@ngsD( z+o)QNY{R}lkAP2WA05GrO*w@P*Wa`?Sl(q1^+o&BWWJmn{7(di9;yR)09jx9NFgsh z8Gcz+D7vXj9ZD#v^Mz3E8GQik+b6ZhB}v*^cJm|QvxKFug@)0JK@M5BO31RKI68ei zkNyQ*kT!Sh2h0(NAaA$M4o#N6)dL}_A~kyGH1F60+i*L6V*WfrBQKE_S=}4J@+ulj zqWf+k$+tfc28BA$?6gvBX3P}q7~ctqwQL}|AOPSA)l)?^2L^ga2O#vDyh--i6T?Bn zW@~ws8njCFH@A!TWSLNaAu~F{0YPAZfKw?n8);XR#&2$CKe1DO3B<3x*F)Uq*(lj( z_NAgeTt{hu-0A&(51i}K*8m&y6HX2-p38h*){r0WIULoOXmBn)k8b7UI~Eh_b=tY4OKA5E3-Vh@oov zaut!zhlF2*yl~*Uzwyju<(J|m%q}!E}DHRhKFfM z@hP{_#gTi+nI3)-HckQUP)WEE$Yt>{{wIsut+%{6!9|ZKqxUX9=ta}2aVhnb2 z@~ZU32!`qnWztaXc4+mw5cIjBXZFC8iQMz3vYktXy!v8^#=28g1V*eSwT(fiRG0p+gE*ZdaKQ{-dld72};eh?-zYwgNOMF=hV+4 z{ve*#5_Dr5ntybNY;c86^P@E0&Y>WbJV>*V0BbqwIc-(VGx+=R{B+8gf|O4`_gpK& zTeC6EnPhId#w776=pdpS<1sGYkcn4`jZDFqfrDUzV3E&P7NIA8T`ngu z-OC`MkBd;U6`8>^?=RBDKFy>qt~x(+el1?^+*I}1G~FMUjIcraYhVAyrFSO?o+Y>N zkG+K&dl!9~(%iQ&cy|Qiq{`S)?3^NU+`yrb2!&lDuA+GUc z!(p~L9|nEgECj3VXTB4_=JPXSxrAn9xBnq#cz&K7Lu+OYr_aRjonoA?(pqb15F~#5 zeC(zDUPk4pGr@rg8bC2HQJ?h(bHmfP=cbEs=98AMk@t)pZ4_!rb5!UW-^M?BL53yM z(+)|fa@KxHFByxd`6R@vlSs|ukE$vnXQ}OOmUF6EB9IbbQ7?`Udq2B_zvdSrh+}xh zhi0xlA^${A`va)507Ea)I7wiwuMQfE@h7kL9EHRo_Ey2PL!MKi|6fO z+*iHME5G|x{NN3|Oq5G&!OLSLExm?g=xr7~s2Cdf?%Onm8<)3s{kW#fe5``pF{hC| zS4zPSwKe!xx7{CGUU}|22_k@ALS@tL+R<0yv1^@A%O+W~VTwO1o_eGqCSw_^d@(W7{q&uG;Kz_sJU+P=V`|Yt95U7Sd_t%@Y+Uou)s6GP0VT z8r2TDUp0i+riV(oz3(12H)V+e9%pGU;*e!FkZUO2oP~0eq-qUk(gy#h+4>`_Bh%T) zrq1eIK;+G_fZG?ezm2>I^U%?AqGLeO359H zQ!FQnjHs*{3}&Ry`zg0Ov{5|3-r`EY{2lgx{+4BW9b;pG(%b7U#!gzOGncy$_)=4+ zI-fzY2O4eH@y$0VVvi;uQg-k%OSnj6)hpc3AJ+8SEq9VGmIbxE2_{JloNyLd9eo_`&Fd=tB-8t$mTW^RI4I}P zJZ19INNu!F^U!n&>qfc&DazE~Io4I`K?Lc%e(vG>E$JzwD+o>|>$W|oa3f#)`kuJLN=l*%Z@b{jY+ePGpRh(uV{!R+=#6c9YV`>=C-JRq)2vJG|n@S-P z`rd+!+2=K3P$vH|@P!a!D7+!vA?s_bR!?t>2%$SkNzTHF9QcC+EQf0?uL!tW3+m4+ zQc!GhoVZ+;vsXY>!m;yOSzWwKZ)*4S@C9FAu1f?DjGtmhi4;FeOH1||nKhgL*F!pN^{Q~lANd?j%|hn;*;`u&>_{RzttPMlk#Q+q+FgWO+F-E9B7 z@lF3w9)B!`2pq7mV|ra?RSf`XeL6xhuDA*pJqbh(qKTS>F$PD*XZ2j19fG{LymG#Cx?nl#yYS*eOW?8@Tbwgz}|Brc$qztHS>pdiO#YCcyfZ^3lx zjGNRseO~mde81e*L<7u|$eybiFgK_>;?G605Mxp@wLG7G$7(G=*_!Ht-cA)FAU~jj z{mrZnE>)|VVph*k-5Sl0qyj)C!}D?<%(cK1H0?4q*=v0FniGi5=r%S84YbyIUjn(z zQvqW%M2d3GFDhLi9jLG;~$jVIeWX1wzc<6;}K9<}}{4 z@Gdt;{d9Md&xoJRXn4k?MOr`BCl8BvIa{mociyiO{