summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.papr.inventory1
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--docs/proposals/role_decomposition.md353
-rwxr-xr-xhack/build-images.sh20
-rwxr-xr-xhack/push-release.sh56
-rw-r--r--images/installer/system-container/root/exports/manifest.json2
-rw-r--r--inventory/byo/hosts.origin.example4
-rw-r--r--inventory/byo/hosts.ose.example4
-rw-r--r--openshift-ansible.spec143
-rw-r--r--playbooks/adhoc/uninstall.yml25
-rw-r--r--playbooks/byo/openshift-cluster/config.yml17
-rw-r--r--playbooks/byo/openshift-cluster/service-catalog.yml12
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml2
-rw-r--r--playbooks/byo/openshift-etcd/migrate.yml118
-rw-r--r--playbooks/common/openshift-checks/health.yml5
-rw-r--r--playbooks/common/openshift-checks/pre-install.yml5
-rw-r--r--playbooks/common/openshift-cluster/config.yml25
-rw-r--r--playbooks/common/openshift-cluster/evaluate_groups.yml9
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/masters.yml10
-rw-r--r--playbooks/common/openshift-cluster/service_catalog.yml8
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml2
-rw-r--r--playbooks/common/openshift-etcd/migrate.yml120
-rw-r--r--playbooks/common/openshift-master/config.yml39
-rw-r--r--roles/ansible_service_broker/defaults/main.yml6
-rw-r--r--roles/ansible_service_broker/meta/main.yml15
-rw-r--r--roles/ansible_service_broker/tasks/install.yml269
-rw-r--r--roles/ansible_service_broker/tasks/main.yml8
-rw-r--r--roles/ansible_service_broker/tasks/remove.yml65
-rw-r--r--roles/ansible_service_broker/tasks/validate_facts.yml15
-rw-r--r--roles/ansible_service_broker/vars/default_images.yml14
-rw-r--r--roles/ansible_service_broker/vars/openshift-enterprise.yml14
-rw-r--r--roles/docker/handlers/main.yml5
-rw-r--r--roles/etcd/templates/etcd.docker.service2
-rw-r--r--roles/etcd_common/tasks/backup.yml29
-rw-r--r--roles/etcd_migrate/tasks/check.yml2
-rw-r--r--roles/etcd_migrate/tasks/check_cluster_health.yml2
-rw-r--r--roles/etcd_migrate/tasks/check_cluster_status.yml8
-rw-r--r--roles/etcd_migrate/tasks/migrate.yml20
-rw-r--r--roles/lib_openshift/library/oc_atomic_container.py2
-rw-r--r--roles/lib_openshift/src/ansible/oc_atomic_container.py2
-rw-r--r--roles/openshift_ca/tasks/main.yml59
-rw-r--r--roles/openshift_certificate_expiry/library/openshift_cert_expiry.py21
-rw-r--r--roles/openshift_certificate_expiry/test/conftest.py5
-rwxr-xr-xroles/openshift_examples/examples-sync.sh2
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json67
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md1
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml149
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json333
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json565
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json403
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json741
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json65
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md1
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml149
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json403
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json741
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml210
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml58
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml254
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json403
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json741
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py36
-rw-r--r--roles/openshift_health_checker/action_plugins/openshift_health_check.py5
-rw-r--r--roles/openshift_health_checker/openshift_checks/disk_availability.py120
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_image_availability.py3
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_storage.py2
-rw-r--r--roles/openshift_health_checker/test/action_plugin_test.py12
-rw-r--r--roles/openshift_health_checker/test/disk_availability_test.py27
-rw-r--r--roles/openshift_health_checker/test/docker_image_availability_test.py14
-rw-r--r--roles/openshift_hosted/tasks/registry/registry.yml9
-rw-r--r--roles/openshift_hosted/tasks/router/router.yml6
-rw-r--r--roles/openshift_logging/defaults/main.yml4
-rw-r--r--roles/openshift_logging/tasks/install_logging.yaml22
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/main.yaml20
-rw-r--r--roles/openshift_logging_elasticsearch/templates/es.j213
-rw-r--r--roles/openshift_logging_elasticsearch/templates/pvc.j23
-rw-r--r--roles/openshift_logging_fluentd/tasks/main.yaml2
-rw-r--r--roles/openshift_logging_fluentd/templates/fluentd.j210
-rw-r--r--roles/openshift_logging_kibana/tasks/main.yaml5
-rw-r--r--roles/openshift_logging_mux/templates/mux.j212
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j22
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j22
-rw-r--r--roles/openshift_master/templates/master_docker/master.docker.service.j22
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j23
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j23
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml2
-rw-r--r--roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml3
-rw-r--r--roles/openshift_metrics/tasks/install_cassandra.yaml3
-rw-r--r--roles/openshift_metrics/tasks/install_hosa.yaml2
-rw-r--r--roles/openshift_metrics/tasks/install_support.yaml2
-rw-r--r--roles/openshift_metrics/tasks/main.yaml2
-rw-r--r--roles/openshift_metrics/templates/pvc.j23
-rw-r--r--roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py21
-rw-r--r--roles/openshift_node/tasks/systemd_units.yml2
-rw-r--r--roles/openshift_node/templates/atomic-openshift-node.service.j222
-rw-r--r--roles/openshift_node/templates/node.service.j230
-rw-r--r--roles/openshift_node/templates/node.yaml.v1.j24
-rw-r--r--roles/openshift_node/templates/openshift.docker.node.service8
-rw-r--r--roles/openshift_node/templates/origin-node.service.j221
-rw-r--r--roles/openshift_node_dnsmasq/defaults/main.yml1
-rwxr-xr-xroles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh14
-rw-r--r--roles/openshift_node_dnsmasq/tasks/main.yml11
-rw-r--r--roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j22
-rw-r--r--roles/openshift_node_dnsmasq/templates/origin-dns.conf.j24
-rw-r--r--roles/openshift_node_upgrade/README.md1
-rw-r--r--roles/openshift_node_upgrade/defaults/main.yml1
-rw-r--r--roles/openshift_node_upgrade/tasks/main.yml11
-rw-r--r--roles/openshift_node_upgrade/tasks/restart.yml6
-rw-r--r--roles/openshift_node_upgrade/tasks/rpm_upgrade.yml2
l---------roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j21
-rw-r--r--roles/openshift_node_upgrade/templates/node.service.j230
-rw-r--r--roles/openshift_node_upgrade/templates/openshift.docker.node.service10
l---------roles/openshift_node_upgrade/templates/origin-node.service.j21
-rw-r--r--roles/openshift_sanitize_inventory/tasks/main.yml4
-rw-r--r--roles/openshift_sanitize_inventory/tasks/unsupported.yml12
-rw-r--r--roles/openshift_service_catalog/defaults/main.yml3
-rw-r--r--roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml161
-rw-r--r--roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml38
-rw-r--r--roles/openshift_service_catalog/meta/main.yml17
-rw-r--r--roles/openshift_service_catalog/tasks/generate_certs.yml70
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml189
-rw-r--r--roles/openshift_service_catalog/tasks/main.yml8
-rw-r--r--roles/openshift_service_catalog/tasks/remove.yml56
-rw-r--r--roles/openshift_service_catalog/tasks/start_api_server.yml22
-rw-r--r--roles/openshift_service_catalog/tasks/wire_aggregator.yml86
-rw-r--r--roles/openshift_service_catalog/templates/api_server.j279
-rw-r--r--roles/openshift_service_catalog/templates/api_server_route.j214
-rw-r--r--roles/openshift_service_catalog/templates/api_server_service.j213
-rw-r--r--roles/openshift_service_catalog/templates/controller_manager.j246
-rw-r--r--roles/openshift_service_catalog/templates/controller_manager_service.j213
-rw-r--r--roles/openshift_service_catalog/vars/default_images.yml3
-rw-r--r--roles/openshift_service_catalog/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml8
-rw-r--r--roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml4
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j22
-rw-r--r--roles/openshift_version/tasks/main.yml196
-rw-r--r--roles/rhel_subscribe/meta/main.yml3
-rw-r--r--roles/rhel_subscribe/tasks/main.yml10
-rw-r--r--test/integration/openshift_health_checker/setup_container.yml3
456 files changed, 38118 insertions, 2733 deletions
diff --git a/.papr.inventory b/.papr.inventory
index 23bc9923c..878d434e2 100644
--- a/.papr.inventory
+++ b/.papr.inventory
@@ -9,6 +9,7 @@ ansible_python_interpreter=/usr/bin/python3
deployment_type=origin
openshift_image_tag="{{ lookup('env', 'OPENSHIFT_IMAGE_TAG') }}"
openshift_master_default_subdomain="{{ lookup('env', 'RHCI_ocp_node1_IP') }}.xip.io"
+openshift_check_min_host_disk_gb=1.5
openshift_check_min_host_memory_gb=1.9
[masters]
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index 406099fb7..8b1359b22 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.6.122-1 ./
+3.6.132-1 ./
diff --git a/docs/proposals/role_decomposition.md b/docs/proposals/role_decomposition.md
new file mode 100644
index 000000000..b6c1d8c5b
--- /dev/null
+++ b/docs/proposals/role_decomposition.md
@@ -0,0 +1,353 @@
+# Scaffolding for decomposing large roles
+
+## Why?
+
+Currently we have roles that are very large and encompass a lot of different
+components. This makes for a lot of logic required within the role, can
+create complex conditionals, and increases the learning curve for the role.
+
+## How?
+
+Creating a guide on how to approach breaking up a large role into smaller,
+component based, roles. Also describe how to develop new roles, to avoid creating
+large roles.
+
+## Proposal
+
+Create a new guide or append to the current contributing guide a process for
+identifying large roles that can be split up, and how to compose smaller roles
+going forward.
+
+### Large roles
+
+A role should be considered for decomposition if it:
+
+1) Configures/installs more than one product.
+1) Can configure multiple variations of the same product that can live
+side by side.
+1) Has different entry points for upgrading and installing a product
+
+Large roles<sup>1</sup> should be responsible for:
+> 1 or composing playbooks
+
+1) Composing smaller roles to provide a full solution such as an Openshift Master
+1) Ensuring that smaller roles are called in the correct order if necessary
+1) Calling smaller roles with their required variables
+1) Performing prerequisite tasks that small roles may depend on being in place
+(openshift_logging certificate generation for example)
+
+### Small roles
+
+A small role should be able to:
+
+1) Be deployed independently of other products (this is different than requiring
+being installed after other base components such as OCP)
+1) Be self contained and able to determine facts that it requires to complete
+1) Fail fast when facts it requires are not available or are invalid
+1) "Make it so" based on provided variables and anything that may be required
+as part of doing such (this should include data migrations)
+1) Have a minimal set of dependencies in meta/main.yml, just enough to do its job
+
+### Example using decomposition of openshift_logging
+
+The `openshift_logging` role was created as a port from the deployer image for
+the `3.5` deliverable. It was a large role that created the service accounts,
+configmaps, secrets, routes, and deployment configs/daemonset required for each
+of its different components (Fluentd, Kibana, Curator, Elasticsearch).
+
+It was possible to configure any of the components independently of one another,
+up to a point. However, it was an all of nothing installation and there was a
+need from customers to be able to do things like just deploy Fluentd.
+
+Also being able to support multiple versions of configuration files would become
+increasingly messy with a large role. Especially if the components had changes
+at different intervals.
+
+#### Folding of responsibility
+
+There was a duplicate of work within the installation of three of the four logging
+components where there was a possibility to deploy both an 'operations' and
+'non-operations' cluster side-by-side. The first step was to collapse that
+duplicate work into a single path and allow a variable to be provided to
+configure such that either possibility could be created.
+
+#### Consolidation of responsibility
+
+The generation of OCP objects required for each component were being created in
+the same task file, all Service Accounts were created at the same time, all secrets,
+configmaps, etc. The only components that were not generated at the same time were
+the deployment configs and the daemonset. The second step was to make the small
+roles self contained and generate their own required objects.
+
+#### Consideration for prerequisites
+
+Currently the Aggregated Logging stack generates its own certificates as it has
+some requirements that prevent it from utilizing the OCP cert generation service.
+In order to make sure that all components were able to trust one another as they
+did previously, until the cert generation service can be used, the certificate
+generation is being handled within the top level `openshift_logging` role and
+providing the location of the generated certificates to the individual roles.
+
+#### Snippets
+
+[openshift_logging/tasks/install_logging.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging/tasks/install_logging.yaml)
+```yaml
+- name: Gather OpenShift Logging Facts
+ openshift_logging_facts:
+ oc_bin: "{{openshift.common.client_binary}}"
+ openshift_logging_namespace: "{{openshift_logging_namespace}}"
+
+- name: Set logging project
+ oc_project:
+ state: present
+ name: "{{ openshift_logging_namespace }}"
+
+- name: Create logging cert directory
+ file:
+ path: "{{ openshift.common.config_base }}/logging"
+ state: directory
+ mode: 0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_certs.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+## Elasticsearch
+- include_role:
+ name: openshift_logging_elasticsearch
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include_role:
+ name: openshift_logging_elasticsearch
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_es_ops_deployment: true
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Kibana
+- include_role:
+ name: openshift_logging_kibana
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
+ openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_kibana_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_replica_count }}"
+ openshift_logging_kibana_es_host: "{{ openshift_logging_es_host }}"
+ openshift_logging_kibana_es_port: "{{ openshift_logging_es_port }}"
+ openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+
+- include_role:
+ name: openshift_logging_kibana
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_kibana_ops_deployment: true
+ openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
+ openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_kibana_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+ openshift_logging_kibana_es_host: "{{ openshift_logging_es_ops_host }}"
+ openshift_logging_kibana_es_port: "{{ openshift_logging_es_ops_port }}"
+ openshift_logging_kibana_nodeselector: "{{ openshift_logging_kibana_ops_nodeselector }}"
+ openshift_logging_kibana_cpu_limit: "{{ openshift_logging_kibana_ops_cpu_limit }}"
+ openshift_logging_kibana_memory_limit: "{{ openshift_logging_kibana_ops_memory_limit }}"
+ openshift_logging_kibana_hostname: "{{ openshift_logging_kibana_ops_hostname }}"
+ openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_ops_replica_count }}"
+ openshift_logging_kibana_proxy_debug: "{{ openshift_logging_kibana_ops_proxy_debug }}"
+ openshift_logging_kibana_proxy_cpu_limit: "{{ openshift_logging_kibana_ops_proxy_cpu_limit }}"
+ openshift_logging_kibana_proxy_memory_limit: "{{ openshift_logging_kibana_ops_proxy_memory_limit }}"
+ openshift_logging_kibana_cert: "{{ openshift_logging_kibana_ops_cert }}"
+ openshift_logging_kibana_key: "{{ openshift_logging_kibana_ops_key }}"
+ openshift_logging_kibana_ca: "{{ openshift_logging_kibana_ops_ca}}"
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Curator
+- include_role:
+ name: openshift_logging_curator
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_curator_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+
+- include_role:
+ name: openshift_logging_curator
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_curator_ops_deployment: true
+ openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_curator_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+ openshift_logging_curator_cpu_limit: "{{ openshift_logging_curator_ops_cpu_limit }}"
+ openshift_logging_curator_memory_limit: "{{ openshift_logging_curator_ops_memory_limit }}"
+ openshift_logging_curator_nodeselector: "{{ openshift_logging_curator_ops_nodeselector }}"
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Fluentd
+- include_role:
+ name: openshift_logging_fluentd
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include: update_master_config.yaml
+```
+
+[openshift_logging_elasticsearch/meta/main.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging_elasticsearch/meta/main.yaml)
+```yaml
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Aggregated Logging Elasticsearch Component
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+```
+
+[openshift_logging/meta/main.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging/meta/main.yaml)
+```yaml
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Aggregated Logging
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
+```
+
+[openshift_logging/tasks/install_support.yaml - old](https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_logging/tasks/install_support.yaml)
+```yaml
+---
+# This is the base configuration for installing the other components
+- name: Check for logging project already exists
+ command: >
+ {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get project {{openshift_logging_namespace}} --no-headers
+ register: logging_project_result
+ ignore_errors: yes
+ when: not ansible_check_mode
+ changed_when: no
+
+- name: "Create logging project"
+ command: >
+ {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project {{openshift_logging_namespace}}
+ when: not ansible_check_mode and "not found" in logging_project_result.stderr
+
+- name: Create logging cert directory
+ file: path={{openshift.common.config_base}}/logging state=directory mode=0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_certs.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- name: Create temp directory for all our templates
+ file: path={{mktemp.stdout}}/templates state=directory mode=0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_secrets.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include: generate_configmaps.yaml
+
+- include: generate_services.yaml
+
+- name: Generate kibana-proxy oauth client
+ template: src=oauth-client.j2 dest={{mktemp.stdout}}/templates/oauth-client.yaml
+ vars:
+ secret: "{{oauth_secret}}"
+ when: oauth_secret is defined
+ check_mode: no
+ changed_when: no
+
+- include: generate_clusterroles.yaml
+
+- include: generate_rolebindings.yaml
+
+- include: generate_clusterrolebindings.yaml
+
+- include: generate_serviceaccounts.yaml
+
+- include: generate_routes.yaml
+```
+
+# Limitations
+
+There will always be exceptions for some of these rules, however the majority of
+roles should be able to fall within these guidelines.
+
+# Additional considerations
+
+## Playbooks including playbooks
+In some circumstances it does not make sense to have a composing role but instead
+a playbook would be best for orchestrating the role flow. Decisions made regarding
+playbooks including playbooks will need to be taken into consideration as part of
+defining this process.
+Ref: (link to rteague's presentation?)
+
+## Role dependencies
+We want to make sure that our roles do not have any extra or unnecessary dependencies
+in meta/main.yml without:
+
+1. Proposing the inclusion in a team meeting or as part of the PR review and getting agreement
+1. Documenting in meta/main.yml why it is there and when it was agreed to (date)
+
+## Avoiding overly verbose roles
+When we are splitting our roles up into smaller components we want to ensure we
+avoid creating roles that are, for a lack of a better term, overly verbose. What
+do we mean by that? If we have `openshift_master` as an example, and we were to
+split it up, we would have a component for `etcd`, `docker`, and possibly for
+its rpms/configs. We would want to avoid creating a role that would just create
+certificates as those would make sense to be contained with the rpms and configs.
+Likewise, when it comes to being able to restart the master, we wouldn't have a
+role where that was its sole purpose.
+
+The same would apply for the `etcd` and `docker` roles. Anything that is required
+as part of installing `etcd` such as generating certificates, installing rpms,
+and upgrading data between versions should all be contained within the single
+`etcd` role.
+
+## Enforcing standards
+Certain naming standards like variable names could be verified as part of a Travis
+test. If we were going to also enforce that a role either has tasks or includes
+(for example) then we could create tests for that as well.
+
+## CI tests for individual roles
+If we are able to correctly split up roles, it should be possible to test role
+installations/upgrades like unit tests (assuming they would be able to be installed
+independently of other components).
diff --git a/hack/build-images.sh b/hack/build-images.sh
index ce421178f..6e6d360bf 100755
--- a/hack/build-images.sh
+++ b/hack/build-images.sh
@@ -47,7 +47,7 @@ if [ "$help" = true ]; then
echo " default: openshift/origin-ansible"
echo
echo " --version=VERSION"
- echo " The version used to tag the image"
+ echo " The version used to tag the image (can be a comma-separated list)"
echo " default: latest"
echo
echo " --no-cache"
@@ -62,25 +62,33 @@ if [ "$help" = true ]; then
exit 0
fi
+
if [ "$verbose" = true ]; then
set -x
fi
BUILD_STARTTIME=$(date +%s)
comp_path=$source_root/
-docker_tag=${prefix}:${version}
+
+# turn comma-separated versions into -t args for docker build
+IFS=',' read -r -a version_arr <<< "$version"
+docker_tags=()
+for tag in "${version_arr[@]}"; do
+ docker_tags+=("-t" "${prefix}:${tag}")
+done
+
echo
echo
-echo "--- Building component '$comp_path' with docker tag '$docker_tag' ---"
-docker build ${options} -t $docker_tag $comp_path
-BUILD_ENDTIME=$(date +%s); echo "--- $docker_tag took $(($BUILD_ENDTIME - $BUILD_STARTTIME)) seconds ---"
+echo "--- Building component '$comp_path' with docker tag(s) '$version' ---"
+docker build ${options} "${docker_tags[@]}" $comp_path
+BUILD_ENDTIME=$(date +%s); echo "--- ${version} took $(($BUILD_ENDTIME - $BUILD_STARTTIME)) seconds ---"
echo
echo
echo
echo
echo "++ Active images"
-docker images | grep ${prefix} | grep ${version} | sort
+docker images | grep ${prefix} | sort
echo
diff --git a/hack/push-release.sh b/hack/push-release.sh
index 131ed83ca..1f41ab179 100755
--- a/hack/push-release.sh
+++ b/hack/push-release.sh
@@ -1,55 +1,41 @@
#!/bin/bash
-# This script pushes all of the built images to a registry.
+# This script pushes a built image to a registry.
#
-# Set OS_PUSH_BASE_REGISTRY to prefix the destination images
+# Set OS_PUSH_BASE_REGISTRY to prefix the destination images e.g.
+# OS_PUSH_BASE_REGISTRY="docker.io/"
#
+# Set OS_PUSH_TAG with a comma-separated list for pushing same image
+# to multiple tags e.g.
+# OS_PUSH_TAG="latest,v3.6"
set -o errexit
set -o nounset
set -o pipefail
-STARTTIME=$(date +%s)
-OS_ROOT=$(dirname "${BASH_SOURCE}")/..
+starttime=$(date +%s)
-PREFIX="${PREFIX:-openshift/origin-ansible}"
+# image name without repo or tag.
+image="${PREFIX:-openshift/origin-ansible}"
-# Go to the top of the tree.
-cd "${OS_ROOT}"
+# existing local tag on the image we want to push
+source_tag="${OS_TAG:-latest}"
-# Allow a release to be repushed with a tag
-tag="${OS_PUSH_TAG:-}"
-if [[ -n "${tag}" ]]; then
- tag=":${tag}"
-else
- tag=":latest"
-fi
-
-# Source tag
-source_tag="${OS_TAG:-}"
-if [[ -z "${source_tag}" ]]; then
- source_tag="latest"
-fi
-
-images=(
- ${PREFIX}
-)
+# Enable retagging a build with one or more tags for push
+IFS=',' read -r -a push_tags <<< "${OS_PUSH_TAG:-latest}"
+registry="${OS_PUSH_BASE_REGISTRY:-}"
+# force push if available
PUSH_OPTS=""
if docker push --help | grep -q force; then
PUSH_OPTS="--force"
fi
-if [[ "${OS_PUSH_BASE_REGISTRY-}" != "" || "${tag}" != "" ]]; then
- set -e
- for image in "${images[@]}"; do
- docker tag "${image}:${source_tag}" "${OS_PUSH_BASE_REGISTRY-}${image}${tag}"
- done
- set +e
-fi
-
-for image in "${images[@]}"; do
- docker push ${PUSH_OPTS} "${OS_PUSH_BASE_REGISTRY-}${image}${tag}"
+set -x
+for tag in "${push_tags[@]}"; do
+ docker tag "${image}:${source_tag}" "${registry}${image}:${tag}"
+ docker push ${PUSH_OPTS} "${registry}${image}:${tag}"
done
+set +x
-ret=$?; ENDTIME=$(date +%s); echo "$0 took $(($ENDTIME - $STARTTIME)) seconds"; exit "$ret"
+endtime=$(date +%s); echo "$0 took $(($endtime - $starttime)) seconds"; exit 0
diff --git a/images/installer/system-container/root/exports/manifest.json b/images/installer/system-container/root/exports/manifest.json
index 321a84ee8..8b984d7a3 100644
--- a/images/installer/system-container/root/exports/manifest.json
+++ b/images/installer/system-container/root/exports/manifest.json
@@ -6,7 +6,7 @@
"VAR_LOG_OPENSHIFT_LOG": "/var/log/ansible.log",
"PLAYBOOK_FILE": "/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml",
"HOME_ROOT": "/root",
- "ANSIBLE_CONFIG": "/usr/share/ansible/openshift-ansible/ansible.cfg",
+ "ANSIBLE_CONFIG": "/usr/share/atomic-openshift-utils/ansible.cfg",
"INVENTORY_FILE": "/dev/null"
}
}
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index b38c6e6b6..e6bc6c829 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -10,6 +10,10 @@ nfs
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
+# Enable unsupported configurations, things that will yield a partially
+# functioning cluster but would not be supported for production use
+#openshift_enable_unsupported_configurations=false
+
# SSH user, this user should allow ssh based auth without requiring a
# password. If using ssh key based auth, then the key should be managed by an
# ssh agent.
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index e5e9c7342..928da40fa 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -10,6 +10,10 @@ nfs
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
+# Enable unsupported configurations, things that will yield a partially
+# functioning cluster but would not be supported for production use
+#openshift_enable_unsupported_configurations=false
+
# SSH user, this user should allow ssh based auth without requiring a
# password. If using ssh key based auth, then the key should be managed by an
# ssh agent.
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index b3e097018..ed0b5ca79 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -9,7 +9,7 @@
%global __requires_exclude ^/usr/bin/ansible-playbook$
Name: openshift-ansible
-Version: 3.6.122.0
+Version: 3.6.132
Release: 1%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
@@ -280,6 +280,147 @@ Atomic OpenShift Utilities includes
%changelog
+* Mon Jul 03 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.132-1
+-
+
+* Sun Jul 02 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.131-1
+- Fix upgrade (sdodson@redhat.com)
+- Prevent the script to use default route ip as upstream nameserver.
+ (steveteuber@users.noreply.github.com)
+- Use default ports for dnsmasq and node dns (sdodson@redhat.com)
+- Run dns on the node and use that for dnsmasq (sdodson@redhat.com)
+- Using ca-bundle.crt to connect to local etcd if master.etcd-ca.crt DNE
+ (ewolinet@redhat.com)
+- Set OPENSHIFT_DEFAULT_REGISTRY in registry dc. (abutcher@redhat.com)
+- Updating to use openshift.master.etcd_hosts for etcd servers for apiserver
+ (ewolinet@redhat.com)
+- Update v1.4 image streams and templates (sdodson@redhat.com)
+- xPaaS v1.4.0 for v3.4 (sdodson@redhat.com)
+- Sync latest image streams and templates for v1.5 (sdodson@redhat.com)
+- xPaaS v1.4.0 for v3.5 (sdodson@redhat.com)
+- Update latest image streams for v3.6 (sdodson@redhat.com)
+- Bump xPaas v1.4.0 for v3.6 (sdodson@redhat.com)
+- docker_image_availability: fix containerized etcd (lmeyer@redhat.com)
+- evalute etcd backup directory name only once (jchaloup@redhat.com)
+- run etcd_container with type:spc_t label (jchaloup@redhat.com)
+- Fixing ops storage options being passed to openshift_logging_elasticsearch
+ role fixing default ops pv selector (ewolinet@redhat.com)
+- Adding labels for elasticsearch and kibana services (ewolinet@redhat.com)
+- Add a retry to the docker restart handler (sdodson@redhat.com)
+- docker_storage check: make vgs return sane output (lmeyer@redhat.com)
+- Capture exceptions when resolving available checks (rhcarvalho@gmail.com)
+- PAPR: customize disk space requirements (rhcarvalho@gmail.com)
+- Enable disk check on containerized installs (rhcarvalho@gmail.com)
+- Add module docstring (rhcarvalho@gmail.com)
+- Add suggestion to check disk space in any path (rhcarvalho@gmail.com)
+- Require at least 1GB in /usr/bin/local and tempdir (rhcarvalho@gmail.com)
+- Refactor DiskAvailability for arbitrary paths (rhcarvalho@gmail.com)
+- Adding some more sections to additional considerations, being less rigid on
+ large roles for composing -- can also be a playbook (ewolinet@redhat.com)
+- Updating snippet contents, formatting and providing urls
+ (ewolinet@redhat.com)
+- Update snippets and add bullet point on role dependency (ewolinet@redhat.com)
+- Creating initial proposal doc for review (ewolinet@redhat.com)
+
+* Fri Jun 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.129-1
+- Fix generate role binding destination for the HOSA service account
+ (steveteuber@users.noreply.github.com)
+- Correct version comparisons to ensure proper evaluation (rteague@redhat.com)
+- Adding become: false to local_action tasks (ewolinet@redhat.com)
+- upgrade: fix name for the etcd system container (gscrivan@redhat.com)
+- fix backup and working directory for etcd run as a system container
+ (jchaloup@redhat.com)
+- etcd_migrate: Add /var/usrlocal/bin to path for oadm (smilner@redhat.com)
+- etcd_migrate: Add /usr/local/bin to path for oadm (smilner@redhat.com)
+- Sync environment variables FLUENTD/MUX_CPU_LIMIT FLUENTD/MUX_MEMORY_LIMIT
+ with the resource limit values. (nhosoi@redhat.com)
+- Update master configuration for named certificates during master cert
+ redeploy. (abutcher@redhat.com)
+- Get rid of openshift_facts dep in rhel_subscribe (sdodson@redhat.com)
+- logging: write ES heap dump to persistent storage (jwozniak@redhat.com)
+
+* Thu Jun 29 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.128-1
+- parameterize etcd binary path (fabian@fabianism.us)
+- attach leases via the first master only and only once (jchaloup@redhat.com)
+- evalute groups when running etcd upgrade from byo/openshift-
+ cluster/upgrades/upgrade_etcd.yml (jchaloup@redhat.com)
+- Bug 1465168 - mux doesn't recognize ansible boolean parameters correctly
+ (rmeggins@redhat.com)
+
+* Tue Jun 27 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1003-1
+- Generate loopback kubeconfig separately to preserve OpenShift CA certificate.
+ (abutcher@redhat.com)
+- registry: look for the oc executable in /usr/local/bin and ~/bin
+ (gscrivan@redhat.com)
+- router: look for the oc executable in /usr/local/bin and ~/bin
+ (gscrivan@redhat.com)
+- Retry docker startup once (sdodson@redhat.com)
+
+* Tue Jun 27 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1002-1
+- Fix typo in fluentd_secureforward_contents variable
+ (Andreas.Dembach@dg-i.net)
+- Reverting quotation change in ansible_service_broker install for etcd
+ (ewolinet@redhat.com)
+
+* Mon Jun 26 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1001-1
+- oc_atomic_container: use rpm to check the version. (gscrivan@redhat.com)
+- Fix .spec for stagecut (jupierce@redhat.com)
+- Picking change from sdodson (ewolinet@redhat.com)
+- openshift_version: skip nfs and lb hosts (smilner@redhat.com)
+- openshift_checks: eval groups before including role (lmeyer@redhat.com)
+- Adding volume fact for etcd for openshift ansible service broker
+ (ewolinet@redhat.com)
+- Updating to label node and wait for apiservice to be healthy and started
+ (ewolinet@redhat.com)
+- Also configure default registry on HA masters (sdodson@redhat.com)
+- Fix parsing certs with very large serial numbers (tbielawa@redhat.com)
+- fix yamllint issues (fabian@fabianism.us)
+- openshift_logging: use empty default for storage labels (fsimonce@redhat.com)
+- Set clean install and etcd storage on first master to fix scaleup
+ (sdodson@redhat.com)
+- images, syscontainer: change default value for ANSIBLE_CONFIG
+ (gscrivan@redhat.com)
+- Cleanup/updates for env variables and etcd image (fabian@fabianism.us)
+- Sync 3.5 cfme templates over to 3.6 (sdodson@redhat.com)
+- Moving checks down after required initialization happens.
+ (kwoodson@redhat.com)
+- add play and role to install ansible-service-broker (fabian@fabianism.us)
+- Creation of service_catalog and placeholder broker roles
+ (ewolinet@redhat.com)
+- GlusterFS: Use proper namespace for heketi command and service account
+ (jarrpa@redhat.com)
+- Fixing quote issue. (kwoodson@redhat.com)
+- GlusterFS: Fix heketi secret name (jarrpa@redhat.com)
+- Fix for dynamic pvs when using storageclasses. (kwoodson@redhat.com)
+- Ensure that host pki tree is mounted in containerized components
+ (sdodson@redhat.com)
+
+* Fri Jun 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.123-1
+- releases: enable build/push with multiple tags (lmeyer@redhat.com)
+- Update template examples for 3.6 (rteague@redhat.com)
+- Reverting v prefix introduced by stagecut (smunilla@redhat.com)
+- Fixed readme doc. (kwoodson@redhat.com)
+- Adding version field for stagecut (smunilla@redhat.com)
+- Remove package_update from install playbook (rhcarvalho@gmail.com)
+- Restart NetworkManager only if dnsmasq was used
+ (bliemli@users.noreply.github.com)
+- remove extra close brace in example inventory (gpei@redhat.com)
+- Adding option for serviceAccountConfig.limitSecretReferences
+ (kwoodson@redhat.com)
+- doc: Add system_container examples to inventory (smilner@redhat.com)
+- system_containers: Add openshift_ to other system_container vars
+ (smilner@redhat.com)
+- system_containers: Add openshift_ to use_system_containers var
+ (smilner@redhat.com)
+- detect etcd service name based on etcd runtime when restarting
+ (jchaloup@redhat.com)
+- set proper etcd_data_dir for system container (jchaloup@redhat.com)
+- etcd, system_container: do not mask etcd_container (gscrivan@redhat.com)
+- etcd, system_container: do not enable system etcd (gscrivan@redhat.com)
+- oc_atomic_container: Require 1.17.2 (smilner@redhat.com)
+- Verify matched openshift_upgrade_nodes_label (rteague@redhat.com)
+- bug 1457642. Use same SG index to avoid seeding timeout (jcantril@redhat.com)
+
* Wed Jun 21 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.122-1
-
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index ddd2ecebd..a1f541712 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -26,6 +26,20 @@
- hosts: nodes
become: yes
tasks:
+ - name: Remove dnsmasq dispatcher
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - /etc/dnsmasq.d/origin-dns.conf
+ - /etc/dnsmasq.d/origin-upstream-dns.conf
+ - /etc/dnsmasq.d/openshift-ansible.conf
+ - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
+ when: openshift_use_dnsmasq | default(true) | bool
+ - service:
+ name: NetworkManager
+ state: restarted
+ when: openshift_use_dnsmasq | default(true) | bool
- name: Stop services
service: name={{ item }} state=stopped
with_items:
@@ -279,9 +293,6 @@
with_items:
- /etc/ansible/facts.d/openshift.fact
- /etc/atomic-enterprise
- - /etc/dnsmasq.d/origin-dns.conf
- - /etc/dnsmasq.d/origin-upstream-dns.conf
- - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
- /etc/openshift
- /etc/openshift-sdn
- /etc/sysconfig/atomic-enterprise-node
@@ -307,18 +318,14 @@
- name: restart container-engine
service: name=container-engine state=restarted
- ignore_errors: true
+ failed_when: false
register: container_engine
- name: restart docker
service: name=docker state=restarted
- ignore_errors: true
+ failed_when: false
when: not (container_engine | changed)
- - name: restart NetworkManager
- service: name=NetworkManager state=restarted
- when: openshift_use_dnsmasq | default(true) | bool
-
- hosts: masters
become: yes
vars:
diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml
index 9c5948552..acf5469bf 100644
--- a/playbooks/byo/openshift-cluster/config.yml
+++ b/playbooks/byo/openshift-cluster/config.yml
@@ -3,23 +3,6 @@
tags:
- always
-- name: Verify Requirements
- hosts: OSEv3
- roles:
- - openshift_health_checker
- vars:
- - r_openshift_health_checker_playbook_context: "install"
- post_tasks:
- - action: openshift_health_check
- args:
- checks:
- - disk_availability
- - memory_availability
- - package_availability
- - package_version
- - docker_image_availability
- - docker_storage
-
- include: ../../common/openshift-cluster/std_include.yml
tags:
- always
diff --git a/playbooks/byo/openshift-cluster/service-catalog.yml b/playbooks/byo/openshift-cluster/service-catalog.yml
new file mode 100644
index 000000000..a9fc18958
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/service-catalog.yml
@@ -0,0 +1,12 @@
+---
+#
+# This playbook is a preview of upcoming changes for installing
+# Hosted logging on. See inventory/byo/hosts.*.example for the
+# currently supported method.
+#
+- include: initialize_groups.yml
+
+- include: ../../common/openshift-cluster/service_catalog.yml
+ vars:
+ openshift_cluster_id: "{{ cluster_id | default('default') }}"
+ openshift_debug_level: "{{ debug_level | default(2) }}"
diff --git a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
index 8005a17a3..5bd5d64ab 100644
--- a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
@@ -1,4 +1,6 @@
---
- include: ../initialize_groups.yml
+- include: ../../../common/openshift-cluster/evaluate_groups.yml
+
- include: ../../../common/openshift-cluster/upgrades/etcd/main.yml
diff --git a/playbooks/byo/openshift-etcd/migrate.yml b/playbooks/byo/openshift-etcd/migrate.yml
index fd02e066e..143016159 100644
--- a/playbooks/byo/openshift-etcd/migrate.yml
+++ b/playbooks/byo/openshift-etcd/migrate.yml
@@ -3,122 +3,6 @@
tags:
- always
-- include: ../../common/openshift-cluster/evaluate_groups.yml
+- include: ../../common/openshift-etcd/migrate.yml
tags:
- always
-
-- name: Run pre-checks
- hosts: oo_etcd_to_config
- tags:
- - always
- roles:
- - role: etcd_migrate
- r_etcd_migrate_action: check
- etcd_peer: "{{ ansible_default_ipv4.address }}"
-
-# TODO(jchaloup): replace the std_include with something minimal so the entire playbook is faster
-# e.g. I don't need to detect the OCP version, install deps, etc.
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- name: Backup v2 data
- hosts: oo_etcd_to_config
- gather_facts: no
- tags:
- - always
- roles:
- - role: openshift_facts
- - role: etcd_common
- r_etcd_common_action: backup
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migration
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
-
-- name: Gate on etcd backup
- hosts: localhost
- connection: local
- become: no
- tasks:
- - set_fact:
- etcd_backup_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_config)
- | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
- - set_fact:
- etcd_backup_failed: "{{ groups.oo_etcd_to_config | difference(etcd_backup_completed) }}"
- - fail:
- msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
- when:
- - etcd_backup_failed | length > 0
-
-- name: Prepare masters for etcd data migration
- hosts: oo_masters_to_config
- tasks:
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type + '-master' }}"
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type + '-master-controllers' }}"
- - "{{ openshift.common.service_type + '-master-api' }}"
- when:
- - (openshift_master_cluster_method is defined and openshift_master_cluster_method == "native") or openshift.common.is_master_system_container | bool
- - debug:
- msg: "master service name: {{ master_services }}"
- - name: Stop masters
- service:
- name: "{{ item }}"
- state: stopped
- with_items: "{{ master_services }}"
-
-- name: Migrate etcd data from v2 to v3
- hosts: oo_etcd_to_config
- gather_facts: no
- tags:
- - always
- roles:
- - role: etcd_migrate
- r_etcd_migrate_action: migrate
- etcd_peer: "{{ ansible_default_ipv4.address }}"
-
-- name: Gate on etcd migration
- hosts: oo_masters_to_config
- gather_facts: no
- tasks:
- - set_fact:
- etcd_migration_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_config)
- | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
- - set_fact:
- etcd_migration_failed: "{{ groups.oo_etcd_to_config | difference(etcd_migration_completed) }}"
-
-- name: Configure masters if etcd data migration is succesfull
- hosts: oo_masters_to_config
- roles:
- - role: etcd_migrate
- r_etcd_migrate_action: configure
- when: etcd_migration_failed | length == 0
- tasks:
- - debug:
- msg: "Skipping master re-configuration since migration failed."
- when:
- - etcd_migration_failed | length > 0
-
-- name: Start masters after etcd data migration
- hosts: oo_masters_to_config
- tasks:
- - name: Start master services
- service:
- name: "{{ item }}"
- state: started
- register: service_status
- # Sometimes the master-api, resp. master-controllers fails to start for the first time
- until: service_status.state is defined and service_status.state == "started"
- retries: 5
- delay: 10
- with_items: "{{ master_services[::-1] }}"
- - fail:
- msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
- when:
- - etcd_migration_failed | length > 0
diff --git a/playbooks/common/openshift-checks/health.yml b/playbooks/common/openshift-checks/health.yml
index 1bee460e8..c7766ff04 100644
--- a/playbooks/common/openshift-checks/health.yml
+++ b/playbooks/common/openshift-checks/health.yml
@@ -1,4 +1,9 @@
---
+# openshift_health_checker depends on openshift_version which now requires group eval.
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
- name: Run OpenShift health checks
hosts: OSEv3
roles:
diff --git a/playbooks/common/openshift-checks/pre-install.yml b/playbooks/common/openshift-checks/pre-install.yml
index e01c6f38d..7ca9f7e8b 100644
--- a/playbooks/common/openshift-checks/pre-install.yml
+++ b/playbooks/common/openshift-checks/pre-install.yml
@@ -1,4 +1,9 @@
---
+# openshift_health_checker depends on openshift_version which now requires group eval.
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
- hosts: OSEv3
name: run OpenShift pre-install checks
roles:
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 1482b3a3f..7224ae712 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -1,4 +1,23 @@
---
+# TODO: refactor this into its own include
+# and pass a variable for ctx
+- name: Verify Requirements
+ hosts: oo_all_hosts
+ roles:
+ - openshift_health_checker
+ vars:
+ - r_openshift_health_checker_playbook_context: "install"
+ post_tasks:
+ - action: openshift_health_check
+ args:
+ checks:
+ - disk_availability
+ - memory_availability
+ - package_availability
+ - package_version
+ - docker_image_availability
+ - docker_storage
+
- include: initialize_oo_option_facts.yml
tags:
- always
@@ -45,6 +64,12 @@
tags:
- hosted
+- include: service_catalog.yml
+ when:
+ - openshift_enable_service_catalog | default(false) | bool
+ tags:
+ - servicecatalog
+
- name: Re-enable excluder if it was previously enabled
hosts: oo_masters_to_config:oo_nodes_to_config
tags:
diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml
index c28ce4c14..baca72c58 100644
--- a/playbooks/common/openshift-cluster/evaluate_groups.yml
+++ b/playbooks/common/openshift-cluster/evaluate_groups.yml
@@ -157,3 +157,12 @@
ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_glusterfs_hosts | union(g_glusterfs_registry_hosts | default([])) }}"
changed_when: no
+
+ - name: Evaluate oo_etcd_to_migrate
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_to_migrate
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config | default([]) | length != 0 else groups.oo_first_master }}"
+ changed_when: no
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
index c30889d64..51b196299 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
@@ -51,3 +51,13 @@
| oo_collect('openshift.common.hostname')
| default(none, true) }}"
openshift_certificates_redeploy: true
+ - role: lib_utils
+ post_tasks:
+ - yedit:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ key: servingInfo.namedCertificates
+ value: "{{ openshift.master.named_certificates | default([]) | oo_named_certificates_list }}"
+ when:
+ - ('named_certificates' in openshift.master)
+ - openshift.master.named_certificates | default([]) | length > 0
+ - openshift_master_overwrite_named_certificates | default(false) | bool
diff --git a/playbooks/common/openshift-cluster/service_catalog.yml b/playbooks/common/openshift-cluster/service_catalog.yml
new file mode 100644
index 000000000..c42e8781a
--- /dev/null
+++ b/playbooks/common/openshift-cluster/service_catalog.yml
@@ -0,0 +1,8 @@
+---
+- include: evaluate_groups.yml
+
+- name: Service Catalog
+ hosts: oo_first_master
+ roles:
+ - openshift_service_catalog
+ - ansible_service_broker
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
index 0431c1ce0..39e82498d 100644
--- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
@@ -36,7 +36,7 @@
- not openshift.common.is_etcd_system_container | bool
- name: Record containerized etcd version (runc)
- command: runc exec etcd_container rpm -qa --qf '%{version}' etcd\*
+ command: runc exec etcd rpm -qa --qf '%{version}' etcd\*
register: etcd_container_version_runc
failed_when: false
# AUDIT:changed_when: `false` because we are only inspecting
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
index b420c25d4..227fbf60a 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
@@ -301,8 +301,8 @@
- lib_openshift
- openshift_facts
- docker
- - openshift_node_upgrade
- openshift_node_dnsmasq
+ - openshift_node_upgrade
post_tasks:
- name: Set node schedulability
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
index 35a50cf4e..1d1e440d4 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
@@ -33,8 +33,8 @@
- lib_openshift
- openshift_facts
- docker
- - openshift_node_upgrade
- openshift_node_dnsmasq
+ - openshift_node_upgrade
- role: openshift_excluder
r_openshift_excluder_action: enable
r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
diff --git a/playbooks/common/openshift-etcd/migrate.yml b/playbooks/common/openshift-etcd/migrate.yml
new file mode 100644
index 000000000..c655449fa
--- /dev/null
+++ b/playbooks/common/openshift-etcd/migrate.yml
@@ -0,0 +1,120 @@
+---
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
+- name: Run pre-checks
+ hosts: oo_etcd_to_migrate
+ tags:
+ - always
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: check
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+
+- include: ../openshift-cluster/initialize_facts.yml
+ tags:
+ - always
+
+- name: Backup v2 data
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ tags:
+ - always
+ roles:
+ - role: openshift_facts
+ - role: etcd_common
+ r_etcd_common_action: backup
+ r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
+ r_etcd_common_backup_tag: pre-migration
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
+
+- name: Gate on etcd backup
+ hosts: localhost
+ connection: local
+ become: no
+ tasks:
+ - set_fact:
+ etcd_backup_completed: "{{ hostvars
+ | oo_select_keys(groups.oo_etcd_to_migrate)
+ | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
+ - set_fact:
+ etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) }}"
+ - fail:
+ msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
+ when:
+ - etcd_backup_failed | length > 0
+
+- name: Prepare masters for etcd data migration
+ hosts: oo_masters_to_config
+ tasks:
+ - set_fact:
+ master_services:
+ - "{{ openshift.common.service_type + '-master' }}"
+ - set_fact:
+ master_services:
+ - "{{ openshift.common.service_type + '-master-controllers' }}"
+ - "{{ openshift.common.service_type + '-master-api' }}"
+ when:
+ - (openshift_master_cluster_method is defined and openshift_master_cluster_method == "native") or openshift.common.is_master_system_container | bool
+ - debug:
+ msg: "master service name: {{ master_services }}"
+ - name: Stop masters
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items: "{{ master_services }}"
+
+- name: Migrate etcd data from v2 to v3
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ tags:
+ - always
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: migrate
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+
+- name: Gate on etcd migration
+ hosts: oo_masters_to_config
+ gather_facts: no
+ tasks:
+ - set_fact:
+ etcd_migration_completed: "{{ hostvars
+ | oo_select_keys(groups.oo_etcd_to_migrate)
+ | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
+ - set_fact:
+ etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) }}"
+
+- name: Configure masters if etcd data migration is succesfull
+ hosts: oo_masters_to_config
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: configure
+ when: etcd_migration_failed | length == 0
+ tasks:
+ - debug:
+ msg: "Skipping master re-configuration since migration failed."
+ when:
+ - etcd_migration_failed | length > 0
+
+- name: Start masters after etcd data migration
+ hosts: oo_masters_to_config
+ tasks:
+ - name: Start master services
+ service:
+ name: "{{ item }}"
+ state: started
+ register: service_status
+ # Sometimes the master-api, resp. master-controllers fails to start for the first time
+ until: service_status.state is defined and service_status.state == "started"
+ retries: 5
+ delay: 10
+ with_items: "{{ master_services[::-1] }}"
+ - fail:
+ msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
+ when:
+ - etcd_migration_failed | length > 0
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 70108fb7a..7d3a371e3 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -20,25 +20,6 @@
- node
- .config_managed
- - name: Check for existing configuration
- stat:
- path: /etc/origin/master/master-config.yaml
- register: master_config_stat
-
- - name: Set clean install fact
- set_fact:
- l_clean_install: "{{ not master_config_stat.stat.exists | bool }}"
-
- - name: Determine if etcd3 storage is in use
- command: grep -Pzo "storage-backend:\n.*etcd3" /etc/origin/master/master-config.yaml -q
- register: etcd3_grep
- failed_when: false
- changed_when: false
-
- - name: Set etcd3 fact
- set_fact:
- l_etcd3_enabled: "{{ etcd3_grep.rc == 0 | bool }}"
-
- set_fact:
openshift_master_pod_eviction_timeout: "{{ lookup('oo_option', 'openshift_master_pod_eviction_timeout') | default(none, true) }}"
when: openshift_master_pod_eviction_timeout is not defined
@@ -88,7 +69,7 @@
ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
-- name: Determine if session secrets must be generated
+- name: Inspect state of first master session secrets and config
hosts: oo_first_master
roles:
- role: openshift_facts
@@ -98,6 +79,24 @@
local_facts:
session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}"
session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}"
+ - name: Check for existing configuration
+ stat:
+ path: /etc/origin/master/master-config.yaml
+ register: master_config_stat
+
+ - name: Set clean install fact
+ set_fact:
+ l_clean_install: "{{ not master_config_stat.stat.exists | bool }}"
+
+ - name: Determine if etcd3 storage is in use
+ command: grep -Pzo "storage-backend:\n.*etcd3" /etc/origin/master/master-config.yaml -q
+ register: etcd3_grep
+ failed_when: false
+ changed_when: false
+
+ - name: Set etcd3 fact
+ set_fact:
+ l_etcd3_enabled: "{{ etcd3_grep.rc == 0 | bool }}"
- name: Generate master session secrets
hosts: oo_first_master
diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml
new file mode 100644
index 000000000..4a7252679
--- /dev/null
+++ b/roles/ansible_service_broker/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+
+ansible_service_broker_remove: false
+ansible_service_broker_log_level: info
+# Recommended you do not enable this for now
+ansible_service_broker_launch_apb_on_bind: false
diff --git a/roles/ansible_service_broker/meta/main.yml b/roles/ansible_service_broker/meta/main.yml
new file mode 100644
index 000000000..ec4aafb79
--- /dev/null
+++ b/roles/ansible_service_broker/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Fabian von Feilitzsch
+ description: OpenShift Ansible Service Broker
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.1
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml
new file mode 100644
index 000000000..81c3f8e5b
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/install.yml
@@ -0,0 +1,269 @@
+---
+
+# Fact setting and validations
+- name: Set default image variables based on deployment type
+ include_vars: "{{ item }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+
+- name: set ansible_service_broker facts
+ set_fact:
+ ansible_service_broker_image_prefix: "{{ ansible_service_broker_image_prefix | default(__ansible_service_broker_image_prefix) }}"
+ ansible_service_broker_image_tag: "{{ ansible_service_broker_image_tag | default(__ansible_service_broker_image_tag) }}"
+
+ ansible_service_broker_etcd_image_prefix: "{{ ansible_service_broker_etcd_image_prefix | default(__ansible_service_broker_etcd_image_prefix) }}"
+ ansible_service_broker_etcd_image_tag: "{{ ansible_service_broker_etcd_image_tag | default(__ansible_service_broker_etcd_image_tag) }}"
+ ansible_service_broker_etcd_image_etcd_path: "{{ ansible_service_broker_etcd_image_etcd_path | default(__ansible_service_broker_etcd_image_etcd_path) }}"
+
+ ansible_service_broker_registry_type: "{{ ansible_service_broker_registry_type | default(__ansible_service_broker_registry_type) }}"
+ ansible_service_broker_registry_url: "{{ ansible_service_broker_registry_url | default(__ansible_service_broker_registry_url) }}"
+ ansible_service_broker_registry_user: "{{ ansible_service_broker_registry_user | default(__ansible_service_broker_registry_user) }}"
+ ansible_service_broker_registry_password: "{{ ansible_service_broker_registry_password | default(__ansible_service_broker_registry_password) }}"
+ ansible_service_broker_registry_organization: "{{ ansible_service_broker_registry_organization | default(__ansible_service_broker_registry_organization) }}"
+
+- name: set ansible-service-broker image facts using set prefix and tag
+ set_fact:
+ ansible_service_broker_image: "{{ ansible_service_broker_image_prefix }}ansible-service-broker:{{ ansible_service_broker_image_tag }}"
+ ansible_service_broker_etcd_image: "{{ ansible_service_broker_etcd_image_prefix }}etcd:{{ ansible_service_broker_etcd_image_tag }}"
+
+- include: validate_facts.yml
+
+
+# Deployment of ansible-service-broker starts here
+- name: create openshift-ansible-service-broker project
+ oc_project:
+ name: openshift-ansible-service-broker
+ state: present
+
+- name: create ansible-service-broker serviceaccount
+ oc_serviceaccount:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+
+- name: create ansible-service-broker service
+ oc_service:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+ labels:
+ app: ansible-service-broker
+ service: asb
+ ports:
+ - name: port-1338
+ port: 1338
+ selector:
+ app: ansible-service-broker
+ service: asb
+
+- name: create etcd service
+ oc_service:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ ports:
+ - name: etcd-advertise
+ port: 2379
+ selector:
+ app: ansible-service-broker
+ service: etcd
+
+- name: create route for ansible-service-broker service
+ oc_route:
+ name: asb-1338
+ namespace: openshift-ansible-service-broker
+ state: present
+ service_name: asb
+ port: 1338
+ register: asb_route_out
+
+- name: get ansible-service-broker route name
+ set_fact:
+ ansible_service_broker_route: "{{ asb_route_out.results.results[0].spec.host }}"
+
+- name: create persistent volume claim for etcd
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: PersistentVolumeClaim
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+
+- name: create etcd deployment
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: Deployment
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: extensions/v1beta1
+ kind: Deployment
+ metadata:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: ansible-service-broker
+ service: etcd
+ spec:
+ selector:
+ matchLabels:
+ app: ansible-service-broker
+ service: etcd
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 1
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: ansible-service-broker
+ service: etcd
+ spec:
+ restartPolicy: Always
+ containers:
+ - image: "{{ ansible_service_broker_etcd_image }}"
+ name: etcd
+ imagePullPolicy: IfNotPresent
+ terminationMessagePath: /tmp/termination-log
+ workingDir: /etcd
+ args:
+ - '{{ ansible_service_broker_etcd_image_etcd_path }}'
+ - --data-dir=/data
+ - "--listen-client-urls=http://0.0.0.0:2379"
+ - "--advertise-client-urls=http://0.0.0.0:2379"
+ ports:
+ - containerPort: 2379
+ protocol: TCP
+ env:
+ - name: ETCDCTL_API
+ value: "3"
+ volumeMounts:
+ - mountPath: /data
+ name: etcd
+ volumes:
+ - name: etcd
+ persistentVolumeClaim:
+ claimName: etcd
+
+- name: create ansible-service-broker deployment
+ oc_obj:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: Deployment
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: extensions/v1beta1
+ kind: Deployment
+ metadata:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ spec:
+ strategy:
+ type: Recreate
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ spec:
+ serviceAccount: asb
+ restartPolicy: Always
+ containers:
+ - image: "{{ ansible_service_broker_image }}"
+ name: asb
+ imagePullPolicy: IfNotPresent
+ volumeMounts:
+ - name: config-volume
+ mountPath: /etc/ansible-service-broker
+ ports:
+ - containerPort: 1338
+ protocol: TCP
+ env:
+ - name: BROKER_CONFIG
+ value: /etc/ansible-service-broker/config.yaml
+ terminationMessagePath: /tmp/termination-log
+ volumes:
+ - name: config-volume
+ configMap:
+ name: broker-config
+ items:
+ - key: broker-config
+ path: config.yaml
+
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: Create config map for ansible-service-broker
+ oc_obj:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: ConfigMap
+ content:
+ path: /tmp/cmout
+ data:
+ apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: ansible-service-broker
+ data:
+ broker-config: |
+ registry:
+ name: "{{ ansible_service_broker_registry_type }}"
+ url: "{{ ansible_service_broker_registry_url }}"
+ user: "{{ ansible_service_broker_registry_user }}"
+ pass: "{{ ansible_service_broker_registry_password }}"
+ org: "{{ ansible_service_broker_registry_organization }}"
+ dao:
+ etcd_host: etcd
+ etcd_port: 2379
+ log:
+ logfile: /var/log/ansible-service-broker/asb.log
+ stdout: true
+ level: "{{ ansible_service_broker_log_level }}"
+ color: true
+ openshift: {}
+ broker:
+ devbroker: false
+ launchapbonbind: "{{ ansible_service_broker_launch_apb_on_bind }}"
+
+- name: Create the Broker resource in the catalog
+ oc_obj:
+ name: ansible-service-broker
+ state: present
+ kind: Broker
+ content:
+ path: /tmp/brokerout
+ data:
+ apiVersion: servicecatalog.k8s.io/v1alpha1
+ kind: Broker
+ metadata:
+ name: ansible-service-broker
+ spec:
+ url: http://{{ ansible_service_broker_route }}
diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml
new file mode 100644
index 000000000..b46ce8233
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+ when: not ansible_service_broker_remove|default(false) | bool
+
+- include: remove.yml
+ when: ansible_service_broker_remove|default(false) | bool
diff --git a/roles/ansible_service_broker/tasks/remove.yml b/roles/ansible_service_broker/tasks/remove.yml
new file mode 100644
index 000000000..2519f9f4c
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/remove.yml
@@ -0,0 +1,65 @@
+---
+
+- name: remove openshift-ansible-service-broker project
+ oc_project:
+ name: openshift-ansible-service-broker
+ state: absent
+
+- name: remove ansible-service-broker serviceaccount
+ oc_serviceaccount:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove ansible-service-broker service
+ oc_service:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove etcd service
+ oc_service:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove route for ansible-service-broker service
+ oc_route:
+ name: asb-1338
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove persistent volume claim for etcd
+ oc_pvc:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove etcd deployment
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: Deployment
+
+- name: remove ansible-service-broker deployment
+ oc_obj:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: Deployment
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: remove config map for ansible-service-broker
+ oc_obj:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: ConfigMap
+
+# TODO: Is this going to work?
+- name: remove broker object from the catalog
+ oc_obj:
+ name: ansible-service-broker
+ state: absent
+ kind: Broker
diff --git a/roles/ansible_service_broker/tasks/validate_facts.yml b/roles/ansible_service_broker/tasks/validate_facts.yml
new file mode 100644
index 000000000..604d24e1d
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/validate_facts.yml
@@ -0,0 +1,15 @@
+---
+- name: validate Dockerhub registry settings
+ fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_user. ansible_service_broker_registry_password, and ansible_service_broker_registry_organization parameters"
+ when:
+ - ansible_service_broker_registry_type == 'dockerhub'
+ - not (ansible_service_broker_registry_user and
+ ansible_service_broker_registry_password and
+ ansible_service_broker_registry_organization)
+
+
+- name: validate RHCC registry settings
+ fail: msg="To use the Red Hat Container Catalog registry, you must provide the ansible_service_broker_registry_url"
+ when:
+ - ansible_service_broker_registry_type == 'rhcc'
+ - not ansible_service_broker_registry_url
diff --git a/roles/ansible_service_broker/vars/default_images.yml b/roles/ansible_service_broker/vars/default_images.yml
new file mode 100644
index 000000000..15e448515
--- /dev/null
+++ b/roles/ansible_service_broker/vars/default_images.yml
@@ -0,0 +1,14 @@
+---
+
+__ansible_service_broker_image_prefix: ansibleplaybookbundle/
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: quay.io/coreos/
+__ansible_service_broker_etcd_image_tag: latest
+__ansible_service_broker_etcd_image_etcd_path: /usr/local/bin/etcd
+
+__ansible_service_broker_registry_type: dockerhub
+__ansible_service_broker_registry_url: null
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null
diff --git a/roles/ansible_service_broker/vars/openshift-enterprise.yml b/roles/ansible_service_broker/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..19b4a5147
--- /dev/null
+++ b/roles/ansible_service_broker/vars/openshift-enterprise.yml
@@ -0,0 +1,14 @@
+---
+
+__ansible_service_broker_image_prefix: openshift3/
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: rhel7/
+__ansible_service_broker_etcd_image_tag: latest
+__ansible_service_broker_etcd_image_etcd_path: /bin/etcd
+
+__ansible_service_broker_registry_type: rhcc
+__ansible_service_broker_registry_url: "https://registry.access.redhat.com"
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null
diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml
index 7f91afb37..3a4f4ba92 100644
--- a/roles/docker/handlers/main.yml
+++ b/roles/docker/handlers/main.yml
@@ -4,6 +4,11 @@
systemd:
name: "{{ openshift.docker.service_name }}"
state: restarted
+ register: r_docker_restart_docker_result
+ until: not r_docker_restart_docker_result | failed
+ retries: 1
+ delay: 30
+
when: not docker_service_status_changed | default(false) | bool
- name: restart udev
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
index adeca7a91..d9327f433 100644
--- a/roles/etcd/templates/etcd.docker.service
+++ b/roles/etcd/templates/etcd.docker.service
@@ -7,7 +7,7 @@ PartOf={{ openshift.docker.service_name }}.service
[Service]
EnvironmentFile={{ etcd_conf_file }}
ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
-ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
+ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --security-opt label=type:spc_t --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
ExecStop=/usr/bin/docker stop {{ etcd_service }}
SyslogIdentifier=etcd_container
Restart=always
diff --git a/roles/etcd_common/tasks/backup.yml b/roles/etcd_common/tasks/backup.yml
index 4a4832275..1a0b857f1 100644
--- a/roles/etcd_common/tasks/backup.yml
+++ b/roles/etcd_common/tasks/backup.yml
@@ -1,10 +1,25 @@
---
+# set the etcd backup directory name here in case the tag or sufix consists of dynamic value that changes over time
+# e.g. openshift-backup-{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }} value will change every second so if the date changes
+# right after setting l_etcd_incontainer_backup_dir and before l_etcd_backup_dir facts, the backup directory name is different
- set_fact:
- l_etcd_backup_dir: "{{ etcd_data_dir }}/openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}"
+ l_backup_dir_name: "openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}"
+
+- set_fact:
+ l_etcd_data_dir: "{{ etcd_data_dir }}{{ '/etcd.etcd' if r_etcd_common_etcd_runtime == 'runc' else '' }}"
+
+- set_fact:
+ l_etcd_incontainer_data_dir: "{{ etcd_data_dir }}"
+
+- set_fact:
+ l_etcd_incontainer_backup_dir: "{{ l_etcd_incontainer_data_dir }}/{{ l_backup_dir_name }}"
+
+- set_fact:
+ l_etcd_backup_dir: "{{ l_etcd_data_dir }}/{{ l_backup_dir_name }}"
# TODO: replace shell module with command and update later checks
- name: Check available disk space for etcd backup
- shell: df --output=avail -k {{ etcd_data_dir }} | tail -n 1
+ shell: df --output=avail -k {{ l_etcd_data_dir }} | tail -n 1
register: l_avail_disk
# AUDIT:changed_when: `false` because we are only inspecting
# state, not manipulating anything
@@ -12,7 +27,7 @@
# TODO: replace shell module with command and update later checks
- name: Check current etcd disk usage
- shell: du --exclude='*openshift-backup*' -k {{ etcd_data_dir }} | tail -n 1 | cut -f1
+ shell: du --exclude='*openshift-backup*' -k {{ l_etcd_data_dir }} | tail -n 1 | cut -f1
register: l_etcd_disk_usage
when: r_etcd_common_embedded_etcd | bool
# AUDIT:changed_when: `false` because we are only inspecting
@@ -48,19 +63,19 @@
- name: Generate etcd backup
command: >
- {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ etcd_data_dir }}
- --backup-dir={{ l_etcd_backup_dir }}
+ {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ l_etcd_incontainer_data_dir }}
+ --backup-dir={{ l_etcd_incontainer_backup_dir }}
# According to the docs change you can simply copy snap/db
# https://github.com/openshift/openshift-docs/commit/b38042de02d9780842dce95cfa0ef45d53b58bc6
- name: Check for v3 data store
stat:
- path: "{{ etcd_data_dir }}/member/snap/db"
+ path: "{{ l_etcd_data_dir }}/member/snap/db"
register: l_v3_db
- name: Copy etcd v3 data store
command: >
- cp -a {{ etcd_data_dir }}/member/snap/db
+ cp -a {{ l_etcd_data_dir }}/member/snap/db
{{ l_etcd_backup_dir }}/member/snap/
when: l_v3_db.stat.exists
diff --git a/roles/etcd_migrate/tasks/check.yml b/roles/etcd_migrate/tasks/check.yml
index 2f07713bc..800073873 100644
--- a/roles/etcd_migrate/tasks/check.yml
+++ b/roles/etcd_migrate/tasks/check.yml
@@ -6,7 +6,7 @@
# Run the migration only if the data are v2
- name: Check if there are any v3 data
command: >
- etcdctl --cert {{ etcd_peer_cert_file }} --key {{ etcd_peer_key_file }} --cacert {{ etcd_peer_ca_file }} --endpoints 'https://{{ etcd_peer }}:2379' get "" --from-key --keys-only -w json --limit 1
+ etcdctl --cert {{ etcd_peer_cert_file }} --key {{ etcd_peer_key_file }} --cacert {{ etcd_peer_ca_file }} --endpoints 'https://{{ etcd_peer }}:{{ etcd_client_port }}' get "" --from-key --keys-only -w json --limit 1
environment:
ETCDCTL_API: 3
register: l_etcdctl_output
diff --git a/roles/etcd_migrate/tasks/check_cluster_health.yml b/roles/etcd_migrate/tasks/check_cluster_health.yml
index 1abd6a32f..201d83f99 100644
--- a/roles/etcd_migrate/tasks/check_cluster_health.yml
+++ b/roles/etcd_migrate/tasks/check_cluster_health.yml
@@ -1,7 +1,7 @@
---
- name: Check cluster health
command: >
- etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt --endpoint https://{{ etcd_peer }}:2379 cluster-health
+ etcdctl --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} --endpoint https://{{ etcd_peer }}:{{ etcd_client_port }} cluster-health
register: etcd_cluster_health
changed_when: false
failed_when: false
diff --git a/roles/etcd_migrate/tasks/check_cluster_status.yml b/roles/etcd_migrate/tasks/check_cluster_status.yml
index 90fe385c1..b69fb5a52 100644
--- a/roles/etcd_migrate/tasks/check_cluster_status.yml
+++ b/roles/etcd_migrate/tasks/check_cluster_status.yml
@@ -2,7 +2,7 @@
# etcd_ip originates from etcd_common role
- name: Check cluster status
command: >
- etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints 'https://{{ etcd_peer }}:2379' -w json endpoint status
+ etcdctl --cert {{ etcd_peer_cert_file }} --key {{ etcd_peer_key_file }} --cacert {{ etcd_peer_ca_file }} --endpoints 'https://{{ etcd_peer }}:{{ etcd_client_port }}' -w json endpoint status
environment:
ETCDCTL_API: 3
register: l_etcd_cluster_status
@@ -15,7 +15,7 @@
# http://docs.ansible.com/ansible/playbooks_filters.html#extracting-values-from-containers
- name: Group all raftIndices into a list
set_fact:
- etcd_members_raft_indices: "{{ groups['oo_etcd_to_config'] | map('extract', hostvars, 'etcd_member_raft_index') | list | unique }}"
+ etcd_members_raft_indices: "{{ groups['oo_etcd_to_migrate'] | map('extract', hostvars, 'etcd_member_raft_index') | list | unique }}"
- name: Check the minimum and the maximum of raftIndices is at most 1
set_fact:
@@ -24,9 +24,9 @@
- debug:
msg: "Raft indices difference: {{ etcd_members_raft_indices_diff }}"
- when: inventory_hostname in groups.oo_etcd_to_config[0]
+ when: inventory_hostname in groups.oo_etcd_to_migrate[0]
# The cluster raft status is ok if the difference of the max and min raft index is at most 1
- name: capture the status
set_fact:
- l_etcd_cluster_status_ok: "{{ hostvars[groups.oo_etcd_to_config[0]]['etcd_members_raft_indices_diff'] | int < 2 }}"
+ l_etcd_cluster_status_ok: "{{ hostvars[groups.oo_etcd_to_migrate[0]]['etcd_members_raft_indices_diff'] | int < 2 }}"
diff --git a/roles/etcd_migrate/tasks/migrate.yml b/roles/etcd_migrate/tasks/migrate.yml
index cb479b0cc..7f441568a 100644
--- a/roles/etcd_migrate/tasks/migrate.yml
+++ b/roles/etcd_migrate/tasks/migrate.yml
@@ -20,34 +20,36 @@
- name: Check the etcd v2 data are correctly migrated
fail:
msg: "Failed to migrate a member"
- when: "'finished transforming keys' not in l_etcdctl_migrate.stdout"
+ when: "'finished transforming keys' not in l_etcdctl_migrate.stdout and 'no v2 keys to migrate' not in l_etcdctl_migrate.stdout"
+
+- name: Migration message
+ debug:
+ msg: "Etcd migration finished with: {{ l_etcdctl_migrate.stdout }}"
-# TODO(jchaloup): start the etcd on a different port so noone can access it
-# Once the validation is done
- name: Enable etcd member
service:
name: "{{ l_etcd_service }}"
state: started
+# NOTE: /usr/local/bin may be removed from the PATH by ansible hence why
+# it's added to the environment in this task.
- name: Re-introduce leases (as a replacement for key TTLs)
command: >
oadm migrate etcd-ttl \
--cert {{ etcd_peer_cert_file }} \
--key {{ etcd_peer_key_file }} \
--cacert {{ etcd_peer_ca_file }} \
- --etcd-address 'https://{{ etcd_peer }}:2379' \
+ --etcd-address 'https://{{ etcd_peer }}:{{ etcd_client_port }}' \
--ttl-keys-prefix {{ item }} \
--lease-duration 1h
environment:
ETCDCTL_API: 3
+ PATH: "/usr/local/bin:/var/usrlocal/bin:{{ ansible_env.PATH }}"
with_items:
- "/kubernetes.io/events"
- "/kubernetes.io/masterleases"
+ delegate_to: "{{ groups.oo_first_master[0] }}"
+ run_once: true
- set_fact:
r_etcd_migrate_success: true
-
-- name: Enable etcd member
- service:
- name: "{{ l_etcd_service }}"
- state: started
diff --git a/roles/lib_openshift/library/oc_atomic_container.py b/roles/lib_openshift/library/oc_atomic_container.py
index 91c0d752f..955c6313e 100644
--- a/roles/lib_openshift/library/oc_atomic_container.py
+++ b/roles/lib_openshift/library/oc_atomic_container.py
@@ -194,7 +194,7 @@ def main():
)
# Verify that the platform supports atomic command
- rc, version_out, err = module.run_command('atomic -v', check_rc=False)
+ rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
if rc != 0:
module.fail_json(msg="Error in running atomic command", err=err)
# This module requires atomic version 1.17.2 or later
diff --git a/roles/lib_openshift/src/ansible/oc_atomic_container.py b/roles/lib_openshift/src/ansible/oc_atomic_container.py
index 16848e9c6..7b81760df 100644
--- a/roles/lib_openshift/src/ansible/oc_atomic_container.py
+++ b/roles/lib_openshift/src/ansible/oc_atomic_container.py
@@ -130,7 +130,7 @@ def main():
)
# Verify that the platform supports atomic command
- rc, version_out, err = module.run_command('atomic -v', check_rc=False)
+ rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
if rc != 0:
module.fail_json(msg="Error in running atomic command", err=err)
# This module requires atomic version 1.17.2 or later
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml
index b9a7ec32f..419679bc2 100644
--- a/roles/openshift_ca/tasks/main.yml
+++ b/roles/openshift_ca/tasks/main.yml
@@ -117,25 +117,46 @@
delegate_to: "{{ openshift_ca_host }}"
run_once: true
-- name: Generate the loopback master client config
- command: >
- {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
- --certificate-authority {{ named_ca_certificate }}
- {% endfor %}
- --certificate-authority={{ openshift_ca_cert }}
- --client-dir={{ openshift_ca_config_dir }}
- --groups=system:masters,system:openshift-master
- --master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
- --public-master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
- --signer-cert={{ openshift_ca_cert }}
- --signer-key={{ openshift_ca_key }}
- --signer-serial={{ openshift_ca_serial }}
- --user=system:openshift-master
- --basename=openshift-master
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
- --expire-days={{ openshift_master_cert_expire_days }}
- {% endif %}
+# create-api-client-config generates a ca.crt file which will
+# overwrite the OpenShift CA certificate. Generate the loopback
+# kubeconfig in a temporary directory and then copy files into the
+# master config dir to avoid overwriting ca.crt.
+- block:
+ - name: Create temp directory for loopback master client config
+ command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: openshift_ca_loopback_tmpdir
+ - name: Generate the loopback master client config
+ command: >
+ {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
+ --certificate-authority={{ openshift_ca_cert }}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ --certificate-authority {{ named_ca_certificate }}
+ {% endfor %}
+ --client-dir={{ openshift_ca_loopback_tmpdir.stdout }}
+ --groups=system:masters,system:openshift-master
+ --master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
+ --public-master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
+ --signer-cert={{ openshift_ca_cert }}
+ --signer-key={{ openshift_ca_key }}
+ --signer-serial={{ openshift_ca_serial }}
+ --user=system:openshift-master
+ --basename=openshift-master
+ {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
+ --expire-days={{ openshift_master_cert_expire_days }}
+ {% endif %}
+ - name: Copy generated loopback master client config to master config dir
+ copy:
+ src: "{{ openshift_ca_loopback_tmpdir.stdout }}/{{ item }}"
+ dest: "{{ openshift_ca_config_dir }}"
+ remote_src: true
+ with_items:
+ - openshift-master.crt
+ - openshift-master.key
+ - openshift-master.kubeconfig
+ - name: Delete temp directory
+ file:
+ name: "{{ openshift_ca_loopback_tmpdir.stdout }}"
+ state: absent
when: loopback_context_string not in loopback_config.stdout
delegate_to: "{{ openshift_ca_host }}"
run_once: true
diff --git a/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py b/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
index 0242f5b43..44a8fa29b 100644
--- a/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
+++ b/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
@@ -104,6 +104,7 @@ platforms missing the Python OpenSSL library.
self.extensions = []
PARSING_ALT_NAMES = False
+ PARSING_HEX_SERIAL = False
for line in self.cert_string.split('\n'):
l = line.strip()
if PARSING_ALT_NAMES:
@@ -114,10 +115,26 @@ platforms missing the Python OpenSSL library.
PARSING_ALT_NAMES = False
continue
+ if PARSING_HEX_SERIAL:
+ # Hex serials arrive colon-delimited
+ serial_raw = l.replace(':', '')
+ # Convert to decimal
+ self.serial = int('0x' + serial_raw, base=16)
+ PARSING_HEX_SERIAL = False
+ continue
+
# parse out the bits that we can
if l.startswith('Serial Number:'):
- # Serial Number: 11 (0xb)
- # => 11
+ # Decimal format:
+ # Serial Number: 11 (0xb)
+ # => 11
+ # Hex Format (large serials):
+ # Serial Number:
+ # 0a:de:eb:24:04:75:ab:56:39:14:e9:5a:22:e2:85:bf
+ # => 14449739080294792594019643629255165375
+ if l.endswith(':'):
+ PARSING_HEX_SERIAL = True
+ continue
self.serial = int(l.split()[-2])
elif l.startswith('Not After :'):
diff --git a/roles/openshift_certificate_expiry/test/conftest.py b/roles/openshift_certificate_expiry/test/conftest.py
index 4ca35ecbc..df948fff0 100644
--- a/roles/openshift_certificate_expiry/test/conftest.py
+++ b/roles/openshift_certificate_expiry/test/conftest.py
@@ -23,7 +23,10 @@ VALID_CERTIFICATE_PARAMS = [
{
'short_name': 'combined',
'cn': 'combined.example.com',
- 'serial': 6,
+ # Verify that HUGE serials parse correctly.
+ # Frobs PARSING_HEX_SERIAL in _parse_cert
+ # See https://bugzilla.redhat.com/show_bug.cgi?id=1464240
+ 'serial': 14449739080294792594019643629255165375,
'uses': b'clientAuth, serverAuth',
'dns': ['etcd'],
'ip': ['10.0.0.2', '192.168.0.2']
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index f3f270c40..da9ecc41d 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -5,7 +5,7 @@
#
# This script should be run from openshift-ansible/roles/openshift_examples
-XPAAS_VERSION=ose-v1.3.6
+XPAAS_VERSION=ose-v1.4.0
ORIGIN_VERSION=${1:-v3.6}
RHAMP_TAG=2.0.0.GA
EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION}
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
index f347f1f9f..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
index 6ed744777..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
index 97a8abf6d..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
index 0656219fb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
index d60b4647d..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -36,7 +41,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
index c2bfa40fd..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
index 7a16e742a..c37102cb0 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
index 242212d6f..32dc93a95 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
index 82a09a3ec..6bb683e52 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
@@ -21,11 +21,27 @@
},
"objects": [
{
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
@@ -117,7 +133,12 @@
"env": [
{
"name": "REDIS_PASSWORD",
- "value": "${REDIS_PASSWORD}"
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
}
],
"resources": {
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
index 1d5f59188..9e8be2309 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
@@ -21,11 +21,27 @@
},
"objects": [
{
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
@@ -134,7 +150,12 @@
"env": [
{
"name": "REDIS_PASSWORD",
- "value": "${REDIS_PASSWORD}"
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
}
],
"resources": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
index 0d5ac21d8..857ffa980 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
@@ -27,8 +27,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore",
"supports":"dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.1/test/asp-net-hello-world"
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1"
},
"from": {
"kind": "ImageStreamTag",
@@ -43,8 +44,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore11",
"supports":"dotnet:1.1,dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.1/test/asp-net-hello-world",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1",
"version": "1.1"
},
"from": {
@@ -60,8 +62,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10",
"supports":"dotnet:1.0,dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.0/test/asp-net-hello-world",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.0",
"version": "1.0"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
index 1a90a9409..6cef21945 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "centos/nodejs-4-centos7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
}
]
}
@@ -407,7 +468,7 @@
"iconClass": "icon-wildfly",
"tags": "builder,wildfly,java",
"supports":"jee,java",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "ImageStreamTag",
@@ -423,7 +484,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:8.1,jee,java",
"version": "8.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -439,7 +500,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:9.0,jee,java",
"version": "9.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -455,7 +516,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.0,jee,java",
"version": "10.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -471,7 +532,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.1,jee,java",
"version": "10.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -800,7 +861,7 @@
"openshift.io/display-name": "Jenkins 1.X",
"description": "Provides a Jenkins 1.X server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
"iconClass": "icon-jenkins",
- "tags": "jenkins",
+ "tags": "hidden,jenkins",
"version": "1.x"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
index eb94c3bb4..abdae01e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
}
]
}
@@ -253,7 +314,7 @@
"tags": "hidden,builder,php",
"supports":"php:5.5,php",
"version": "5.5",
- "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
},
"from": {
"kind": "DockerImage",
@@ -707,7 +768,7 @@
"openshift.io/display-name": "Jenkins 1.X",
"description": "Provides a Jenkins 1.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
"iconClass": "icon-jenkins",
- "tags": "jenkins",
+ "tags": "hidden,jenkins",
"version": "1.x"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
index f48d8d4a8..6d2ccbf7f 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
@@ -17,6 +17,7 @@ instantiating them.
* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml
deleted file mode 100644
index 34f5fcbcc..000000000
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml
+++ /dev/null
@@ -1,149 +0,0 @@
-apiVersion: v1
-kind: Template
-metadata:
- creationTimestamp: null
- name: 3scale-gateway
- annotations:
- description: "3scale API Gateway"
- iconClass: "icon-load-balancer"
- tags: "api,gateway,3scale"
-objects:
-- apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- replicas: 2
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- strategy:
- resources: {}
- rollingParams:
- intervalSeconds: 1
- maxSurge: 25%
- maxUnavailable: 25%
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- labels:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- spec:
- containers:
- - env:
- - name: THREESCALE_PORTAL_ENDPOINT
- valueFrom:
- secretKeyRef:
- name: ${THREESCALE_PORTAL_ENDPOINT_SECRET}
- key: password
- - name: THREESCALE_CONFIG_FILE
- value: ${THREESCALE_CONFIG_FILE}
- - name: RESOLVER
- value: ${RESOLVER}
- - name: APICAST_SERVICES
- value: ${APICAST_SERVICES}
- - name: APICAST_MISSING_CONFIGURATION
- value: ${MISSING_CONFIGURATION}
- - name: APICAST_LOG_LEVEL
- value: ${APICAST_LOG_LEVEL}
- - name: APICAST_PATH_ROUTING_ENABLED
- value: ${PATH_ROUTING}
- - name: APICAST_RESPONSE_CODES
- value: ${RESPONSE_CODES}
- - name: APICAST_REQUEST_LOGS
- value: ${REQUEST_LOGS}
- - name: APICAST_RELOAD_CONFIG
- value: ${APICAST_RELOAD_CONFIG}
- image: ${THREESCALE_GATEWAY_IMAGE}
- imagePullPolicy: Always
- name: ${THREESCALE_GATEWAY_NAME}
- livenessProbe:
- httpGet:
- path: /status/live
- port: 8090
- initialDelaySeconds: 10
- timeoutSeconds: 1
- readinessProbe:
- httpGet:
- path: /status/ready
- port: 8090
- initialDelaySeconds: 15
- timeoutSeconds: 1
- ports:
- - containerPort: 8080
- protocol: TCP
- resources: {}
- terminationMessagePath: /dev/termination-log
- dnsPolicy: ClusterFirst
- restartPolicy: Always
- securityContext: {}
- terminationGracePeriodSeconds: 30
- triggers:
- - type: ConfigChange
- status: {}
-- apiVersion: v1
- kind: Service
- metadata:
- creationTimestamp: null
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- ports:
- - name: 8080-tcp
- port: 8080
- protocol: TCP
- targetPort: 8080
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- sessionAffinity: None
- type: ClusterIP
- status:
- loadBalancer: {}
-parameters:
-- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
- value: threescale-portal-endpoint-secret
- name: THREESCALE_PORTAL_ENDPOINT_SECRET
- required: true
-- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
- value:
- name: THREESCALE_CONFIG_FILE
- required: false
-- description: "Name for the 3scale API Gateway"
- value: threescalegw
- name: THREESCALE_GATEWAY_NAME
- required: true
-- description: "Docker image to use."
- value: 'rhamp10/apicast-gateway:1.0.0-4'
- name: THREESCALE_GATEWAY_IMAGE
- required: true
-- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
- value:
- name: RESOLVER
- required: false
-- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
- value:
- name: APICAST_SERVICES
- required: false
-- description: "What to do on missing or invalid configuration. Allowed values are: log, exit."
- value: exit
- required: false
- name: MISSING_CONFIGURATION
-- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
- name: APICAST_LOG_LEVEL
- required: false
-- description: "Enable path routing. Experimental feature."
- name: PATH_ROUTING
- required: false
- value: "false"
-- description: "Enable traffic logging to 3scale. Includes whole request and response."
- value: "false"
- name: REQUEST_LOGS
- required: false
-- description: "Enable logging response codes to 3scale."
- value: "false"
- name: RESPONSE_CODES
- required: false
-- description: "Reload config on every request"
- value: "false"
- name: APICAST_RELOAD_CONFIG
- required: false
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
index eb3d296be..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -510,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
index da2454d2e..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -484,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
index 81ae63416..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -472,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
index 7a285dba8..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -446,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
index 9f982c286..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -479,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
index 7bee85ddd..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -453,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json
new file mode 100644
index 000000000..af46579c8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json
@@ -0,0 +1,333 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Example",
+ "description": "An example .NET Core application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:1.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-1.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json
new file mode 100644
index 000000000..a2b59c2d3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json
@@ -0,0 +1,565 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core + PostgreSQL (Persistent)",
+ "description": "An example .NET Core application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "tags": "quickstart,dotnet",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "labels": {
+ "template": "dotnet-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-password": "${DATABASE_PASSWORD}",
+ "connect-string": "Host=${DATABASE_SERVICE_NAME};Database=${DATABASE_NAME};Username=${DATABASE_USER};Password=${DATABASE_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "updatePeriodSeconds": 1,
+ "intervalSeconds": 1,
+ "timeoutSeconds": 600,
+ "maxUnavailable": "25%",
+ "maxSurge": "25%"
+ },
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-pgsql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-pgsql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "ConnectionString",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "connect-string"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 10
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "openshift",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DATABASE_USER}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "musicstore"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the .NET Core container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:1.1"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the .NET builder ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/redhat-developer/s2i-aspnet-musicstore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "rel/1.1-example"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "samples/MusicStore"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish."
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "musicstore"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json
new file mode 100644
index 000000000..ac671cc06
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Httpd",
+ "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
index b0aef3cfc..ce96684a9 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
@@ -110,6 +113,10 @@
"value": "true"
},
{
+ "name": "OPENSHIFT_JENKINS_JVM_ARCH",
+ "value": "${JVM_ARCH}"
+ },
+ {
"name": "KUBERNETES_MASTER",
"value": "https://kubernetes.default:443"
},
@@ -255,6 +262,12 @@
"value": "true"
},
{
+ "name": "JVM_ARCH",
+ "displayName": "Jenkins JVM Architecture",
+ "description": "Whether Jenkins runs with a 32 bit (i386) or 64 bit (x86_64) JVM.",
+ "value": "i386"
+ },
+ {
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the container can use.",
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
index a542de219..34b2b920b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
@@ -127,6 +130,10 @@
"value": "true"
},
{
+ "name": "OPENSHIFT_JENKINS_JVM_ARCH",
+ "value": "${JVM_ARCH}"
+ },
+ {
"name": "KUBERNETES_MASTER",
"value": "https://kubernetes.default:443"
},
@@ -272,6 +279,12 @@
"value": "true"
},
{
+ "name": "JVM_ARCH",
+ "displayName": "Jenkins JVM Architecture",
+ "description": "Whether Jenkins runs with a 32 bit (i386) or 64 bit (x86_64) JVM.",
+ "value": "i386"
+ },
+ {
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the container can use.",
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
index 6ee999cb1..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -491,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
index 5c177a7e0..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -467,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
index b400cfdb3..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -526,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
index fa67412ff..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -500,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
index 049f3f884..f77c1080c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +132,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +146,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +160,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +174,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +202,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +216,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +230,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +271,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +287,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +300,26 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -236,7 +329,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +342,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +371,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +384,31 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -283,7 +418,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +456,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +515,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +529,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +540,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +551,19 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -348,8 +574,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +588,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +611,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +664,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
index f347f1f9f..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
index 6ed744777..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
index 97a8abf6d..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
index 0656219fb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
index d60b4647d..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -36,7 +41,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
index c2bfa40fd..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
index 7a16e742a..c37102cb0 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
index 242212d6f..32dc93a95 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
index e9af50937..6bb683e52 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
index aa27578a9..9e8be2309 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
index a81dbb654..6cef21945 100644
--- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "centos/nodejs-4-centos7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
}
]
}
@@ -407,7 +468,7 @@
"iconClass": "icon-wildfly",
"tags": "builder,wildfly,java",
"supports":"jee,java",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "ImageStreamTag",
@@ -423,7 +484,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:8.1,jee,java",
"version": "8.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -439,7 +500,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:9.0,jee,java",
"version": "9.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -455,7 +516,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.0,jee,java",
"version": "10.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -471,7 +532,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.1,jee,java",
"version": "10.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
index 2ed0efe1e..abdae01e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
}
]
}
@@ -253,7 +314,7 @@
"tags": "hidden,builder,php",
"supports":"php:5.5,php",
"version": "5.5",
- "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
},
"from": {
"kind": "DockerImage",
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
index f48d8d4a8..6d2ccbf7f 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
@@ -17,6 +17,7 @@ instantiating them.
* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml
deleted file mode 100644
index 34f5fcbcc..000000000
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml
+++ /dev/null
@@ -1,149 +0,0 @@
-apiVersion: v1
-kind: Template
-metadata:
- creationTimestamp: null
- name: 3scale-gateway
- annotations:
- description: "3scale API Gateway"
- iconClass: "icon-load-balancer"
- tags: "api,gateway,3scale"
-objects:
-- apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- replicas: 2
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- strategy:
- resources: {}
- rollingParams:
- intervalSeconds: 1
- maxSurge: 25%
- maxUnavailable: 25%
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- labels:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- spec:
- containers:
- - env:
- - name: THREESCALE_PORTAL_ENDPOINT
- valueFrom:
- secretKeyRef:
- name: ${THREESCALE_PORTAL_ENDPOINT_SECRET}
- key: password
- - name: THREESCALE_CONFIG_FILE
- value: ${THREESCALE_CONFIG_FILE}
- - name: RESOLVER
- value: ${RESOLVER}
- - name: APICAST_SERVICES
- value: ${APICAST_SERVICES}
- - name: APICAST_MISSING_CONFIGURATION
- value: ${MISSING_CONFIGURATION}
- - name: APICAST_LOG_LEVEL
- value: ${APICAST_LOG_LEVEL}
- - name: APICAST_PATH_ROUTING_ENABLED
- value: ${PATH_ROUTING}
- - name: APICAST_RESPONSE_CODES
- value: ${RESPONSE_CODES}
- - name: APICAST_REQUEST_LOGS
- value: ${REQUEST_LOGS}
- - name: APICAST_RELOAD_CONFIG
- value: ${APICAST_RELOAD_CONFIG}
- image: ${THREESCALE_GATEWAY_IMAGE}
- imagePullPolicy: Always
- name: ${THREESCALE_GATEWAY_NAME}
- livenessProbe:
- httpGet:
- path: /status/live
- port: 8090
- initialDelaySeconds: 10
- timeoutSeconds: 1
- readinessProbe:
- httpGet:
- path: /status/ready
- port: 8090
- initialDelaySeconds: 15
- timeoutSeconds: 1
- ports:
- - containerPort: 8080
- protocol: TCP
- resources: {}
- terminationMessagePath: /dev/termination-log
- dnsPolicy: ClusterFirst
- restartPolicy: Always
- securityContext: {}
- terminationGracePeriodSeconds: 30
- triggers:
- - type: ConfigChange
- status: {}
-- apiVersion: v1
- kind: Service
- metadata:
- creationTimestamp: null
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- ports:
- - name: 8080-tcp
- port: 8080
- protocol: TCP
- targetPort: 8080
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- sessionAffinity: None
- type: ClusterIP
- status:
- loadBalancer: {}
-parameters:
-- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
- value: threescale-portal-endpoint-secret
- name: THREESCALE_PORTAL_ENDPOINT_SECRET
- required: true
-- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
- value:
- name: THREESCALE_CONFIG_FILE
- required: false
-- description: "Name for the 3scale API Gateway"
- value: threescalegw
- name: THREESCALE_GATEWAY_NAME
- required: true
-- description: "Docker image to use."
- value: 'rhamp10/apicast-gateway:1.0.0-4'
- name: THREESCALE_GATEWAY_IMAGE
- required: true
-- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
- value:
- name: RESOLVER
- required: false
-- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
- value:
- name: APICAST_SERVICES
- required: false
-- description: "What to do on missing or invalid configuration. Allowed values are: log, exit."
- value: exit
- required: false
- name: MISSING_CONFIGURATION
-- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
- name: APICAST_LOG_LEVEL
- required: false
-- description: "Enable path routing. Experimental feature."
- name: PATH_ROUTING
- required: false
- value: "false"
-- description: "Enable traffic logging to 3scale. Includes whole request and response."
- value: "false"
- name: REQUEST_LOGS
- required: false
-- description: "Enable logging response codes to 3scale."
- value: "false"
- name: RESPONSE_CODES
- required: false
-- description: "Reload config on every request"
- value: "false"
- name: APICAST_RELOAD_CONFIG
- required: false
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
index eb3d296be..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -510,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
index da2454d2e..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -484,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
index 81ae63416..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -472,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
index 7a285dba8..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -446,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
index 9f982c286..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -479,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
index 7bee85ddd..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -453,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
index a09d71a00..af46579c8 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
@@ -4,7 +4,7 @@
"metadata": {
"name": "dotnet-example",
"annotations": {
- "openshift.io/display-name": ".NET Core",
+ "openshift.io/display-name": ".NET Core Example",
"description": "An example .NET Core application.",
"tags": "quickstart,dotnet,.net",
"iconClass": "icon-dotnet",
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json
new file mode 100644
index 000000000..ac671cc06
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Httpd",
+ "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
index 264e4b2de..ce96684a9 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
index b47bdf353..34b2b920b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
index 6ee999cb1..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -491,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
index 5c177a7e0..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -467,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
index b400cfdb3..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -526,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
index fa67412ff..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -500,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
index 049f3f884..f77c1080c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +132,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +146,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +160,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +174,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +202,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +216,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +230,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +271,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +287,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +300,26 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -236,7 +329,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +342,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +371,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +384,31 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -283,7 +418,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +456,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +515,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +529,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +540,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +551,19 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -348,8 +574,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +588,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +611,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +664,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml
deleted file mode 100644
index 14bdd1dca..000000000
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: cloudforms
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes-app
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml
new file mode 100644
index 000000000..250a99b8d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv01
+spec:
+ capacity:
+ storage: 15Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv01
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml
deleted file mode 100644
index 709d8d976..000000000
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: nfs-pv01
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml
new file mode 100644
index 000000000..cba9bbe35
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv02
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv02
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml
new file mode 100644
index 000000000..c08c21265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv03
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv03
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
index 4f25a9c8f..3bc6c5813 100644
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
@@ -17,6 +17,7 @@ objects:
service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
name: ${NAME}
spec:
+ clusterIP: None
ports:
- name: http
port: 80
@@ -48,11 +49,27 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms app image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-app
+ dockerImageRepository: "${APPLICATION_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-postgresql
+ annotations:
+ description: "Keeps track of changes in the CloudForms postgresql image"
+ spec:
+ dockerImageRepository: "${POSTGRESQL_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-memcached
+ annotations:
+ description: "Keeps track of changes in the CloudForms memcached image"
+ spec:
+ dockerImageRepository: "${MEMCACHED_IMG_NAME}"
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${DATABASE_SERVICE_NAME}
+ name: "${NAME}-${DATABASE_SERVICE_NAME}"
spec:
accessModes:
- ReadWriteOnce
@@ -62,45 +79,41 @@ objects:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${NAME}
+ name: "${NAME}-region"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
- storage: ${APPLICATION_VOLUME_CAPACITY}
-- apiVersion: v1
- kind: "DeploymentConfig"
+ storage: ${APPLICATION_REGION_VOLUME_CAPACITY}
+- apiVersion: apps/v1beta1
+ kind: "StatefulSet"
metadata:
name: ${NAME}
annotations:
description: "Defines how to deploy the CloudForms appliance"
spec:
+ serviceName: "${NAME}"
+ replicas: 1
template:
metadata:
labels:
name: ${NAME}
name: ${NAME}
spec:
- volumes:
- -
- name: "cfme-app-volume"
- persistentVolumeClaim:
- claimName: ${NAME}
containers:
- - image: cloudforms/cfme-openshift-app:${APPLICATION_IMG_TAG}
- imagePullPolicy: IfNotPresent
- name: cloudforms
+ - name: cloudforms
+ image: "${APPLICATION_IMG_NAME}:${APPLICATION_IMG_TAG}"
livenessProbe:
- httpGet:
- path: /
- port: 80
+ tcpSocket:
+ port: 443
initialDelaySeconds: 480
timeoutSeconds: 3
readinessProbe:
httpGet:
path: /
- port: 80
+ port: 443
+ scheme: HTTPS
initialDelaySeconds: 200
timeoutSeconds: 3
ports:
@@ -112,8 +125,11 @@ objects:
privileged: true
volumeMounts:
-
- name: "cfme-app-volume"
+ name: "${NAME}-server"
mountPath: "/persistent"
+ -
+ name: "${NAME}-region"
+ mountPath: "/persistent-region"
env:
-
name: "APPLICATION_INIT_DELAY"
@@ -144,29 +160,32 @@ objects:
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
requests:
- memory: "${MEMORY_APPLICATION_MIN}"
+ memory: "${APPLICATION_MEM_REQ}"
+ cpu: "${APPLICATION_CPU_REQ}"
+ limits:
+ memory: "${APPLICATION_MEM_LIMIT}"
lifecycle:
preStop:
exec:
command:
- /opt/rh/cfme-container-scripts/sync-pv-data
- replicas: 1
- selector:
- name: ${NAME}
- triggers:
- - type: "ConfigChange"
- - type: "ImageChange"
- imageChangeParams:
- automatic: true
- containerNames:
- - "cloudforms"
- from:
- kind: "ImageStreamTag"
- name: "cfme-openshift-app:${APPLICATION_IMG_TAG}"
- strategy:
- type: "Recreate"
- recreateParams:
- timeoutSeconds: 1200
+ volumes:
+ -
+ name: "${NAME}-region"
+ persistentVolumeClaim:
+ claimName: ${NAME}-region
+ volumeClaimTemplates:
+ - metadata:
+ name: "${NAME}-server"
+ annotations:
+ # Uncomment this if using dynamic volume provisioning.
+ # https://docs.openshift.org/latest/install_config/persistent_storage/dynamically_provisioning_pvs.html
+ # volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ ReadWriteOnce ]
+ resources:
+ requests:
+ storage: "${APPLICATION_VOLUME_CAPACITY}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -182,14 +201,6 @@ objects:
selector:
name: "${MEMCACHED_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-memcached
- annotations:
- description: "Keeps track of changes in the CloudForms memcached image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-memcached
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${MEMCACHED_SERVICE_NAME}"
@@ -223,7 +234,7 @@ objects:
containers:
-
name: "memcached"
- image: "cloudforms/cfme-openshift-memcached:${MEMCACHED_IMG_TAG}"
+ image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
ports:
-
containerPort: 11211
@@ -249,8 +260,11 @@ objects:
name: "MEMCACHED_SLAB_PAGE_SIZE"
value: "${MEMCACHED_SLAB_PAGE_SIZE}"
resources:
+ requests:
+ memory: "${MEMCACHED_MEM_REQ}"
+ cpu: "${MEMCACHED_CPU_REQ}"
limits:
- memory: "${MEMORY_MEMCACHED_LIMIT}"
+ memory: "${MEMCACHED_MEM_LIMIT}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -266,14 +280,6 @@ objects:
selector:
name: "${DATABASE_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-postgresql
- annotations:
- description: "Keeps track of changes in the CloudForms postgresql image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-postgresql
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${DATABASE_SERVICE_NAME}"
@@ -307,11 +313,11 @@ objects:
-
name: "cfme-pgdb-volume"
persistentVolumeClaim:
- claimName: ${DATABASE_SERVICE_NAME}
+ claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
containers:
-
name: "postgresql"
- image: "cloudforms/cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}"
+ image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
ports:
-
containerPort: 5432
@@ -350,8 +356,11 @@ objects:
name: "POSTGRESQL_SHARED_BUFFERS"
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
+ requests:
+ memory: "${POSTGRESQL_MEM_REQ}"
+ cpu: "${POSTGRESQL_CPU_REQ}"
limits:
- memory: "${MEMORY_POSTGRESQL_LIMIT}"
+ memory: "${POSTGRESQL_MEM_LIMIT}"
parameters:
-
@@ -420,36 +429,87 @@ parameters:
name: "POSTGRESQL_SHARED_BUFFERS"
displayName: "PostgreSQL Shared Buffer Amount"
description: "Amount of memory dedicated for PostgreSQL shared memory buffers."
- value: "64MB"
+ value: "256MB"
-
- name: "MEMORY_APPLICATION_MIN"
- displayName: "Application Memory Minimum"
+ name: "APPLICATION_CPU_REQ"
+ displayName: "Application Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Application container will need (expressed in millicores)."
+ value: "1000m"
+ -
+ name: "POSTGRESQL_CPU_REQ"
+ displayName: "PostgreSQL Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores)."
+ value: "500m"
+ -
+ name: "MEMCACHED_CPU_REQ"
+ displayName: "Memcached Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Memcached container will need (expressed in millicores)."
+ value: "200m"
+ -
+ name: "APPLICATION_MEM_REQ"
+ displayName: "Application Min RAM Requested"
required: true
description: "Minimum amount of memory the Application container will need."
- value: "4096Mi"
+ value: "6144Mi"
+ -
+ name: "POSTGRESQL_MEM_REQ"
+ displayName: "PostgreSQL Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the PostgreSQL container will need."
+ value: "1024Mi"
-
- name: "MEMORY_POSTGRESQL_LIMIT"
- displayName: "PostgreSQL Memory Limit"
+ name: "MEMCACHED_MEM_REQ"
+ displayName: "Memcached Min RAM Requested"
required: true
- description: "Maximum amount of memory the PostgreSQL container can use."
- value: "2048Mi"
+ description: "Minimum amount of memory the Memcached container will need."
+ value: "64Mi"
-
- name: "MEMORY_MEMCACHED_LIMIT"
- displayName: "Memcached Memory Limit"
+ name: "APPLICATION_MEM_LIMIT"
+ displayName: "Application Max RAM Limit"
required: true
- description: "Maximum amount of memory the Memcached container can use."
+ description: "Maximum amount of memory the Application container can consume."
+ value: "16384Mi"
+ -
+ name: "POSTGRESQL_MEM_LIMIT"
+ displayName: "PostgreSQL Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the PostgreSQL container can consume."
+ value: "8192Mi"
+ -
+ name: "MEMCACHED_MEM_LIMIT"
+ displayName: "Memcached Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Memcached container can consume."
value: "256Mi"
-
+ name: "POSTGRESQL_IMG_NAME"
+ displayName: "PostgreSQL Image Name"
+ description: "This is the PostgreSQL image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-postgresql"
+ -
name: "POSTGRESQL_IMG_TAG"
displayName: "PostgreSQL Image Tag"
description: "This is the PostgreSQL image tag/version requested to deploy."
value: "latest"
-
+ name: "MEMCACHED_IMG_NAME"
+ displayName: "Memcached Image Name"
+ description: "This is the Memcached image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-memcached"
+ -
name: "MEMCACHED_IMG_TAG"
displayName: "Memcached Image Tag"
description: "This is the Memcached image tag/version requested to deploy."
value: "latest"
-
+ name: "APPLICATION_IMG_NAME"
+ displayName: "Application Image Name"
+ description: "This is the Application image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-app"
+ -
name: "APPLICATION_IMG_TAG"
displayName: "Application Image Tag"
description: "This is the Application image tag/version requested to deploy."
@@ -464,16 +524,22 @@ parameters:
displayName: "Application Init Delay"
required: true
description: "Delay in seconds before we attempt to initialize the application."
- value: "30"
+ value: "15"
-
name: "APPLICATION_VOLUME_CAPACITY"
displayName: "Application Volume Capacity"
required: true
description: "Volume space available for application data."
- value: "1Gi"
+ value: "5Gi"
+ -
+ name: "APPLICATION_REGION_VOLUME_CAPACITY"
+ displayName: "Application Region Volume Capacity"
+ required: true
+ description: "Volume space available for region application data."
+ value: "5Gi"
-
name: "DATABASE_VOLUME_CAPACITY"
displayName: "Database Volume Capacity"
required: true
description: "Volume space available for database."
- value: "1Gi"
+ value: "15Gi"
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml
new file mode 100644
index 000000000..240f6cbdf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml
@@ -0,0 +1,58 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+parameters:
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging)
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+
+objects:
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: h-services-pv
+ labels:
+ type: h-services
+ spec:
+ capacity:
+ storage: ${HAWKULAR_SERVICES_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-services
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: cassandra-pv
+ labels:
+ type: cassandra
+ spec:
+ capacity:
+ storage: ${CASSANDRA_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-cassandra
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml
new file mode 100644
index 000000000..bbc0c7044
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml
@@ -0,0 +1,254 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: hawkular-services
+ annotations:
+ openshift.io/display-name: Hawkular Services
+ description: Hawkular-Services all-in-one (including Hawkular Metrics, Hawkular Alerts and Hawkular Inventory).
+ iconClass: icon-wildfly
+ tags: hawkular,hawkular-services,metrics,alerts,manageiq,cassandra
+
+parameters:
+- name: HAWKULAR_SERVICES_IMAGE
+ description: What docker image should be used for hawkular-services.
+ displayName: Hawkular Services Docker Image
+ value: registry.access.redhat.com/jboss-mm-7-tech-preview/middleware-manager:latest
+- name: CASSANDRA_IMAGE
+ description: What docker image should be used for cassandra node.
+ displayName: Cassandra Docker Image
+ value: registry.access.redhat.com/openshift3/metrics-cassandra:3.5.0
+- name: CASSANDRA_MEMORY_LIMIT
+ description: Maximum amount of memory for Cassandra container.
+ displayName: Cassandra Memory Limit
+ value: 2Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container.
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging).
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: ROUTE_NAME
+ description: Public route with this name will be created.
+ displayName: Route Name
+ value: hawkular-services
+- name: ROUTE_HOSTNAME
+ description: Under this hostname the Hawkular Services will be accessible, if left blank a value will be defaulted.
+ displayName: Hostname
+- name: HAWKULAR_USER
+ description: Username that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular User
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+- name: HAWKULAR_PASSWORD
+ description: Password that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular Password
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+labels:
+ template: hawkular-services
+message: Credentials for hawkular-services are ${HAWKULAR_USER}:${HAWKULAR_PASSWORD}
+
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Exposes and load balances the application pods
+ service.alpha.openshift.io/dependencies: '[{"name":"hawkular-cassandra","namespace":"","kind":"Service"}]'
+ name: hawkular-services
+ spec:
+ ports:
+ - name: http-8080-tcp
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: admin-9990-tcp
+ port: 9990
+ protocol: TCP
+ targetPort: 9990
+ selector:
+ name: hawkular-services
+ type: ClusterIP
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Cassandra Service
+ name: hawkular-cassandra
+ spec:
+ ports:
+ - name: cql-9042-tcp
+ port: 9042
+ protocol: TCP
+ targetPort: 9042
+ selector:
+ name: hawkular-cassandra
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${ROUTE_NAME}
+ spec:
+ host: ${ROUTE_HOSTNAME}
+ to:
+ kind: Service
+ name: hawkular-services
+ port:
+ targetPort: http-8080-tcp
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the application server
+ name: hawkular-services
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-services
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: hawkular-services
+ spec:
+ containers:
+ - image: ${HAWKULAR_SERVICES_IMAGE}
+ env:
+ - name: HAWKULAR_BACKEND
+ value: remote
+ - name: CASSANDRA_NODES
+ value: hawkular-cassandra
+ - name: HAWKULAR_USER
+ value: ${HAWKULAR_USER}
+ - name: HAWKULAR_PASSWORD
+ value: ${HAWKULAR_PASSWORD}
+ imagePullPolicy: IfNotPresent
+ name: hawkular-services
+ volumeMounts:
+ - name: h-services-data
+ mountPath: /var/opt/hawkular
+ ports:
+ - containerPort: 8080
+ - containerPort: 9990
+ livenessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 180
+ timeoutSeconds: 3
+ readinessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 120
+ timeoutSeconds: 3
+ periodSeconds: 5
+ successThreshold: 1
+ failureThreshold: 12
+ resources:
+ requests:
+ memory: 1024Mi
+ cpu: 2000m
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ volumes:
+ - name: h-services-data
+ persistentVolumeClaim:
+ claimName: h-services-pvc
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the cassandra
+ name: hawkular-cassandra
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-cassandra
+ strategy:
+ type: Recreate
+ rollingParams:
+ timeoutSeconds: 300
+ template:
+ metadata:
+ labels:
+ name: hawkular-cassandra
+ spec:
+ containers:
+ - image: ${CASSANDRA_IMAGE}
+ imagePullPolicy: Always
+ name: hawkular-cassandra
+ env:
+ - name: DATA_VOLUME
+ value: /var/lib/cassandra
+ volumeMounts:
+ - name: cassandra-data
+ mountPath: /var/lib/cassandra
+ ports:
+ - containerPort: 9042
+ - containerPort: 9160
+ readinessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ livenessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 300
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ resources:
+ limits:
+ memory: ${CASSANDRA_MEMORY_LIMIT}
+ volumes:
+ - name: cassandra-data
+ persistentVolumeClaim:
+ claimName: cassandra-pvc
+
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: h-services-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: cassandra-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
index 40f8b7933..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
@@ -27,7 +27,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-root-password": "{.data['database-root-password']}"
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
index 3d8f592cb..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
@@ -27,7 +27,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-root-password": "{.data['database-root-password']}"
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
index 894cba750..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
@@ -28,7 +28,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-admin-password": "{.data['database-admin-password']}"
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
index d5c25a5bb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
@@ -28,7 +28,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-admin-password": "{.data['database-admin-password']}"
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
index 10f3bb09e..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
@@ -27,7 +27,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-root-password": "{.data['database-root-password']}"
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
index 2fd82093a..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
@@ -27,7 +27,7 @@
"annotations": {
"template.openshift.io/expose-username": "{.data['database-user']}",
"template.openshift.io/expose-password": "{.data['database-password']}",
- "template.openshift.io/expose-root-password": "{.data['database-root-password']}"
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
}
},
"stringData" : {
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
index 8c79d3340..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
@@ -513,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
index 0f75f773f..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
@@ -487,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
index f564d4606..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
@@ -478,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
index 48283bfc2..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
@@ -452,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
index 180eeb967..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
@@ -482,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
index da79c8dd0..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
@@ -456,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
index a09d71a00..af46579c8 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
@@ -4,7 +4,7 @@
"metadata": {
"name": "dotnet-example",
"annotations": {
- "openshift.io/display-name": ".NET Core",
+ "openshift.io/display-name": ".NET Core Example",
"description": "An example .NET Core application.",
"tags": "quickstart,dotnet,.net",
"iconClass": "icon-dotnet",
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json
index 5bfb4b019..ac671cc06 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json
@@ -259,7 +259,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
index 167370811..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
@@ -494,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
index 214c110d2..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
@@ -470,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
index 82a979379..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
@@ -533,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
index f32c4fc4a..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
@@ -507,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
index 049f3f884..f77c1080c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +132,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +146,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +160,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +174,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +202,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +216,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +230,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +271,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +287,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +300,26 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -236,7 +329,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +342,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +371,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +384,31 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -283,7 +418,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +456,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +515,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +529,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +540,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +551,19 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
}
}
]
@@ -348,8 +574,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +588,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +611,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +664,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 0788ddfb0..cc2a1d2eb 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -537,6 +537,7 @@ def set_node_schedulability(facts):
return facts
+# pylint: disable=too-many-branches
def set_selectors(facts):
""" Set selectors facts if not already present in facts dict
Args:
@@ -570,6 +571,10 @@ def set_selectors(facts):
facts['hosted']['logging'] = {}
if 'selector' not in facts['hosted']['logging'] or facts['hosted']['logging']['selector'] in [None, 'None']:
facts['hosted']['logging']['selector'] = None
+ if 'etcd' not in facts['hosted']:
+ facts['hosted']['etcd'] = {}
+ if 'selector' not in facts['hosted']['etcd'] or facts['hosted']['etcd']['selector'] in [None, 'None']:
+ facts['hosted']['etcd']['selector'] = None
return facts
@@ -907,17 +912,17 @@ def set_version_facts_if_unset(facts):
version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('1.1.1')
version_gte_3_2_or_1_2 = version >= LooseVersion('1.2.0')
version_gte_3_3_or_1_3 = version >= LooseVersion('1.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('1.4.0')
- version_gte_3_5_or_1_5 = version >= LooseVersion('1.5.0')
- version_gte_3_6 = version >= LooseVersion('3.6.0')
+ version_gte_3_4_or_1_4 = version >= LooseVersion('1.4')
+ version_gte_3_5_or_1_5 = version >= LooseVersion('1.5')
+ version_gte_3_6 = version >= LooseVersion('3.6')
else:
version_gte_3_1_or_1_1 = version >= LooseVersion('3.0.2.905')
version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('3.1.1')
version_gte_3_2_or_1_2 = version >= LooseVersion('3.1.1.901')
version_gte_3_3_or_1_3 = version >= LooseVersion('3.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('3.4.0')
- version_gte_3_5_or_1_5 = version >= LooseVersion('3.5.0')
- version_gte_3_6 = version >= LooseVersion('3.6.0')
+ version_gte_3_4_or_1_4 = version >= LooseVersion('3.4')
+ version_gte_3_5_or_1_5 = version >= LooseVersion('3.5')
+ version_gte_3_6 = version >= LooseVersion('3.6')
else:
# 'Latest' version is set to True, 'Next' versions set to False
version_gte_3_1_or_1_1 = True
@@ -2157,6 +2162,25 @@ class OpenShiftFacts(object):
create_pvc=False
)
),
+ etcd=dict(
+ storage=dict(
+ kind=None,
+ volume=dict(
+ name='etcd',
+ size='1Gi'
+ ),
+ nfs=dict(
+ directory='/exports',
+ options='*(rw,root_squash)'
+ ),
+ host=None,
+ access=dict(
+ modes=['ReadWriteOnce']
+ ),
+ create_pv=True,
+ create_pvc=False
+ )
+ ),
registry=dict(
storage=dict(
kind=None,
diff --git a/roles/openshift_health_checker/action_plugins/openshift_health_check.py b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
index a62e4331e..0390dc82e 100644
--- a/roles/openshift_health_checker/action_plugins/openshift_health_check.py
+++ b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
@@ -38,14 +38,13 @@ class ActionModule(ActionBase):
try:
known_checks = self.load_known_checks()
+ args = self._task.args
+ resolved_checks = resolve_checks(args.get("checks", []), known_checks.values())
except OpenShiftCheckException as e:
result["failed"] = True
result["msg"] = str(e)
return result
- args = self._task.args
- resolved_checks = resolve_checks(args.get("checks", []), known_checks.values())
-
result["checks"] = check_results = {}
user_disabled_checks = [
diff --git a/roles/openshift_health_checker/openshift_checks/disk_availability.py b/roles/openshift_health_checker/openshift_checks/disk_availability.py
index 962148cb8..e93e81efa 100644
--- a/roles/openshift_health_checker/openshift_checks/disk_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/disk_availability.py
@@ -1,9 +1,12 @@
-# pylint: disable=missing-docstring
+"""Check that there is enough disk space in predefined paths."""
+
+import os.path
+import tempfile
+
from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
-from openshift_checks.mixins import NotContainerizedMixin
-class DiskAvailability(NotContainerizedMixin, OpenShiftCheck):
+class DiskAvailability(OpenShiftCheck):
"""Check that recommended disk space is available before a first-time install."""
name = "disk_availability"
@@ -12,56 +15,101 @@ class DiskAvailability(NotContainerizedMixin, OpenShiftCheck):
# Values taken from the official installation documentation:
# https://docs.openshift.org/latest/install_config/install/prerequisites.html#system-requirements
recommended_disk_space_bytes = {
- "masters": 40 * 10**9,
- "nodes": 15 * 10**9,
- "etcd": 20 * 10**9,
+ '/var': {
+ 'masters': 40 * 10**9,
+ 'nodes': 15 * 10**9,
+ 'etcd': 20 * 10**9,
+ },
+ # Used to copy client binaries into,
+ # see roles/openshift_cli/library/openshift_container_binary_sync.py.
+ '/usr/local/bin': {
+ 'masters': 1 * 10**9,
+ 'nodes': 1 * 10**9,
+ 'etcd': 1 * 10**9,
+ },
+ # Used as temporary storage in several cases.
+ tempfile.gettempdir(): {
+ 'masters': 1 * 10**9,
+ 'nodes': 1 * 10**9,
+ 'etcd': 1 * 10**9,
+ },
}
@classmethod
def is_active(cls, task_vars):
"""Skip hosts that do not have recommended disk space requirements."""
group_names = get_var(task_vars, "group_names", default=[])
- has_disk_space_recommendation = bool(set(group_names).intersection(cls.recommended_disk_space_bytes))
+ active_groups = set()
+ for recommendation in cls.recommended_disk_space_bytes.values():
+ active_groups.update(recommendation.keys())
+ has_disk_space_recommendation = bool(active_groups.intersection(group_names))
return super(DiskAvailability, cls).is_active(task_vars) and has_disk_space_recommendation
def run(self, tmp, task_vars):
group_names = get_var(task_vars, "group_names")
ansible_mounts = get_var(task_vars, "ansible_mounts")
- free_bytes = self.openshift_available_disk(ansible_mounts)
-
- recommended_min = max(self.recommended_disk_space_bytes.get(name, 0) for name in group_names)
- configured_min = int(get_var(task_vars, "openshift_check_min_host_disk_gb", default=0)) * 10**9
- min_free_bytes = configured_min or recommended_min
-
- if free_bytes < min_free_bytes:
- return {
- 'failed': True,
- 'msg': (
- 'Available disk space ({:.1f} GB) for the volume containing '
- '"/var" is below minimum recommended space ({:.1f} GB)'
- ).format(float(free_bytes) / 10**9, float(min_free_bytes) / 10**9)
+ ansible_mounts = {mount['mount']: mount for mount in ansible_mounts}
+
+ user_config = get_var(task_vars, "openshift_check_min_host_disk_gb", default={})
+ try:
+ # For backwards-compatibility, if openshift_check_min_host_disk_gb
+ # is a number, then it overrides the required config for '/var'.
+ number = float(user_config)
+ user_config = {
+ '/var': {
+ 'masters': number,
+ 'nodes': number,
+ 'etcd': number,
+ },
}
+ except TypeError:
+ # If it is not a number, then it should be a nested dict.
+ pass
+
+ # TODO: as suggested in
+ # https://github.com/openshift/openshift-ansible/pull/4436#discussion_r122180021,
+ # maybe we could support checking disk availability in paths that are
+ # not part of the official recommendation but present in the user
+ # configuration.
+ for path, recommendation in self.recommended_disk_space_bytes.items():
+ free_bytes = self.free_bytes(path, ansible_mounts)
+ recommended_bytes = max(recommendation.get(name, 0) for name in group_names)
+
+ config = user_config.get(path, {})
+ # NOTE: the user config is in GB, but we compare bytes, thus the
+ # conversion.
+ config_bytes = max(config.get(name, 0) for name in group_names) * 10**9
+ recommended_bytes = config_bytes or recommended_bytes
+
+ if free_bytes < recommended_bytes:
+ free_gb = float(free_bytes) / 10**9
+ recommended_gb = float(recommended_bytes) / 10**9
+ return {
+ 'failed': True,
+ 'msg': (
+ 'Available disk space in "{}" ({:.1f} GB) '
+ 'is below minimum recommended ({:.1f} GB)'
+ ).format(path, free_gb, recommended_gb)
+ }
return {}
@staticmethod
- def openshift_available_disk(ansible_mounts):
- """Determine the available disk space for an OpenShift installation.
-
- ansible_mounts should be a list of dicts like the 'setup' Ansible module
- returns.
- """
- # priority list in descending order
- supported_mnt_paths = ["/var", "/"]
- available_mnts = {mnt.get("mount"): mnt for mnt in ansible_mounts}
+ def free_bytes(path, ansible_mounts):
+ """Return the size available in path based on ansible_mounts."""
+ mount_point = path
+ # arbitry value to prevent an infinite loop, in the unlike case that '/'
+ # is not in ansible_mounts.
+ max_depth = 32
+ while mount_point not in ansible_mounts and max_depth > 0:
+ mount_point = os.path.dirname(mount_point)
+ max_depth -= 1
try:
- for path in supported_mnt_paths:
- if path in available_mnts:
- return available_mnts[path]["size_available"]
+ free_bytes = ansible_mounts[mount_point]['size_available']
except KeyError:
- pass
+ known_mounts = ', '.join('"{}"'.format(mount) for mount in sorted(ansible_mounts)) or 'none'
+ msg = 'Unable to determine disk availability for "{}". Known mount points: {}.'
+ raise OpenShiftCheckException(msg.format(path, known_mounts))
- paths = ''.join(sorted(available_mnts)) or 'none'
- msg = "Unable to determine available disk space. Paths mounted: {}.".format(paths)
- raise OpenShiftCheckException(msg)
+ return free_bytes
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 26bf4c09b..bde81ad2c 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -94,7 +94,8 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
required = set()
deployment_type = get_var(task_vars, "openshift_deployment_type")
host_groups = get_var(task_vars, "group_names")
- image_tag = get_var(task_vars, "openshift_image_tag")
+ # containerized etcd may not have openshift_image_tag, see bz 1466622
+ image_tag = get_var(task_vars, "openshift_image_tag", default="latest")
image_info = DEPLOYMENT_IMAGE_INFO[deployment_type]
if not image_info:
return required
diff --git a/roles/openshift_health_checker/openshift_checks/docker_storage.py b/roles/openshift_health_checker/openshift_checks/docker_storage.py
index 2bd615457..8d0fbcc9c 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_storage.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_storage.py
@@ -143,7 +143,7 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
"so the available storage in the VG cannot be determined.".format(pool)
)
vg_name = match.groups()[0].replace("--", "-")
- vgs_cmd = "/sbin/vgs --noheadings -o vg_free --select vg_name=" + vg_name
+ vgs_cmd = "/sbin/vgs --noheadings -o vg_free --units g --select vg_name=" + vg_name
# should return free space like " 12.00g" if the VG exists; empty if it does not
ret = self.execute_module("command", {"_raw_params": vgs_cmd}, task_vars=task_vars)
diff --git a/roles/openshift_health_checker/test/action_plugin_test.py b/roles/openshift_health_checker/test/action_plugin_test.py
index 6ebf0ebb2..9383b233c 100644
--- a/roles/openshift_health_checker/test/action_plugin_test.py
+++ b/roles/openshift_health_checker/test/action_plugin_test.py
@@ -59,7 +59,7 @@ def failed(result, msg_has=None):
if msg_has is not None:
assert 'msg' in result
for term in msg_has:
- assert term in result['msg']
+ assert term.lower() in result['msg'].lower()
return result.get('failed', False)
@@ -178,6 +178,16 @@ def test_action_plugin_run_check_exception(plugin, task_vars, monkeypatch):
assert not skipped(result)
+def test_action_plugin_resolve_checks_exception(plugin, task_vars, monkeypatch):
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda: {})
+
+ result = plugin.run(tmp=None, task_vars=task_vars)
+
+ assert failed(result, msg_has=['unknown', 'name'])
+ assert not changed(result)
+ assert not skipped(result)
+
+
@pytest.mark.parametrize('names,all_checks,expected', [
([], [], set()),
(
diff --git a/roles/openshift_health_checker/test/disk_availability_test.py b/roles/openshift_health_checker/test/disk_availability_test.py
index b353fa610..945b9eafc 100644
--- a/roles/openshift_health_checker/test/disk_availability_test.py
+++ b/roles/openshift_health_checker/test/disk_availability_test.py
@@ -3,22 +3,19 @@ import pytest
from openshift_checks.disk_availability import DiskAvailability, OpenShiftCheckException
-@pytest.mark.parametrize('group_names,is_containerized,is_active', [
- (['masters'], False, True),
- # ensure check is skipped on containerized installs
- (['masters'], True, False),
- (['nodes'], False, True),
- (['etcd'], False, True),
- (['masters', 'nodes'], False, True),
- (['masters', 'etcd'], False, True),
- ([], False, False),
- (['lb'], False, False),
- (['nfs'], False, False),
+@pytest.mark.parametrize('group_names,is_active', [
+ (['masters'], True),
+ (['nodes'], True),
+ (['etcd'], True),
+ (['masters', 'nodes'], True),
+ (['masters', 'etcd'], True),
+ ([], False),
+ (['lb'], False),
+ (['nfs'], False),
])
-def test_is_active(group_names, is_containerized, is_active):
+def test_is_active(group_names, is_active):
task_vars = dict(
group_names=group_names,
- openshift=dict(common=dict(is_containerized=is_containerized)),
)
assert DiskAvailability.is_active(task_vars=task_vars) == is_active
@@ -38,7 +35,7 @@ def test_cannot_determine_available_disk(ansible_mounts, extra_words):
with pytest.raises(OpenShiftCheckException) as excinfo:
check.run(tmp=None, task_vars=task_vars)
- for word in 'determine available disk'.split() + extra_words:
+ for word in 'determine disk availability'.split() + extra_words:
assert word in str(excinfo.value)
@@ -81,7 +78,7 @@ def test_cannot_determine_available_disk(ansible_mounts, extra_words):
[{
# not enough space on / ...
'mount': '/',
- 'size_available': 0,
+ 'size_available': 2 * 10**9,
}, {
# ... but enough on /var
'mount': '/var',
diff --git a/roles/openshift_health_checker/test/docker_image_availability_test.py b/roles/openshift_health_checker/test/docker_image_availability_test.py
index 0a7c0f8d3..3b9e097fb 100644
--- a/roles/openshift_health_checker/test/docker_image_availability_test.py
+++ b/roles/openshift_health_checker/test/docker_image_availability_test.py
@@ -259,3 +259,17 @@ def test_required_images(deployment_type, is_containerized, groups, oreg_url, ex
)
assert expected == DockerImageAvailability("DUMMY").required_images(task_vars)
+
+
+def test_containerized_etcd():
+ task_vars = dict(
+ openshift=dict(
+ common=dict(
+ is_containerized=True,
+ ),
+ ),
+ openshift_deployment_type="origin",
+ group_names=['etcd'],
+ )
+ expected = set(['registry.access.redhat.com/rhel7/etcd'])
+ assert expected == DockerImageAvailability("DUMMY").required_images(task_vars)
diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml
index d895e9a68..b946ec8ca 100644
--- a/roles/openshift_hosted/tasks/registry/registry.yml
+++ b/roles/openshift_hosted/tasks/registry/registry.yml
@@ -56,6 +56,11 @@
openshift_hosted_registry_force:
- False
+- name: Update registry environment variables when pushing via dns
+ set_fact:
+ openshift_hosted_registry_env_vars: "{{ openshift_hosted_registry_env_vars | combine({'OPENSHIFT_DEFAULT_REGISTRY':'docker-registry.default.svc:5000'}) }}"
+ when: openshift_push_via_dns | default(false) | bool
+
- name: Create the registry service account
oc_serviceaccount:
name: "{{ openshift_hosted_registry_serviceaccount }}"
@@ -135,7 +140,7 @@
- name: Determine the latest version of the OpenShift registry deployment
command: |
- oc get deploymentconfig {{ openshift_hosted_registry_name }} \
+ {{ openshift.common.client_binary }} get deploymentconfig {{ openshift_hosted_registry_name }} \
--namespace {{ openshift_hosted_registry_namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .status.latestVersion }'
@@ -143,7 +148,7 @@
- name: Sanity-check that the OpenShift registry rolled out correctly
command: |
- oc get replicationcontroller {{ openshift_hosted_registry_name }}-{{ openshift_hosted_registry_latest_version.stdout }} \
+ {{ openshift.common.client_binary }} get replicationcontroller {{ openshift_hosted_registry_name }}-{{ openshift_hosted_registry_latest_version.stdout }} \
--namespace {{ openshift_hosted_registry_namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .metadata.annotations.openshift\.io/deployment\.phase }'
diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml
index 160ae2f5e..c60b67862 100644
--- a/roles/openshift_hosted/tasks/router/router.yml
+++ b/roles/openshift_hosted/tasks/router/router.yml
@@ -92,7 +92,7 @@
- name: Ensure OpenShift router correctly rolls out (best-effort today)
command: |
- oc rollout status deploymentconfig {{ item.name }} \
+ {{ openshift.common.client_binary }} rollout status deploymentconfig {{ item.name }} \
--namespace {{ item.namespace | default('default') }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig
async: 600
@@ -102,7 +102,7 @@
- name: Determine the latest version of the OpenShift router deployment
command: |
- oc get deploymentconfig {{ item.name }} \
+ {{ openshift.common.client_binary }} get deploymentconfig {{ item.name }} \
--namespace {{ item.namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .status.latestVersion }'
@@ -111,7 +111,7 @@
- name: Poll for OpenShift router deployment success
command: |
- oc get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \
+ {{ openshift.common.client_binary }} get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \
--namespace {{ item.0.namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .metadata.annotations.openshift\.io/deployment\.phase }'
diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml
index 66d880d23..c243a6e4a 100644
--- a/roles/openshift_logging/defaults/main.yml
+++ b/roles/openshift_logging/defaults/main.yml
@@ -89,7 +89,7 @@ openshift_logging_es_cpu_limit: null
# the logging appenders for the root loggers to write ES logs. Valid values: 'file', 'console'
openshift_logging_es_log_appenders: ['file']
openshift_logging_es_memory_limit: "{{ openshift_hosted_logging_elasticsearch_instance_ram | default('8Gi') }}"
-openshift_logging_es_pv_selector: "{{ openshift_hosted_logging_storage_labels | default(null) }}"
+openshift_logging_es_pv_selector: "{{ openshift_hosted_logging_storage_labels | default('') }}"
openshift_logging_es_pvc_dynamic: "{{ openshift_hosted_logging_elasticsearch_pvc_dynamic | default(False) }}"
openshift_logging_es_pvc_size: "{{ openshift_hosted_logging_elasticsearch_pvc_size | default('') }}"
openshift_logging_es_pvc_prefix: "{{ openshift_hosted_logging_elasticsearch_pvc_prefix | default('logging-es') }}"
@@ -128,7 +128,7 @@ openshift_logging_es_ops_client_key: /etc/fluent/keys/key
openshift_logging_es_ops_cluster_size: "{{ openshift_hosted_logging_elasticsearch_ops_cluster_size | default(1) }}"
openshift_logging_es_ops_cpu_limit: null
openshift_logging_es_ops_memory_limit: "{{ openshift_hosted_logging_elasticsearch_ops_instance_ram | default('8Gi') }}"
-openshift_logging_es_ops_pv_selector: "{{ openshift_hosted_loggingops_storage_labels | default(null) }}"
+openshift_logging_es_ops_pv_selector: "{{ openshift_hosted_loggingops_storage_labels | default('') }}"
openshift_logging_es_ops_pvc_dynamic: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_dynamic | default(False) }}"
openshift_logging_es_ops_pvc_size: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_size | default('') }}"
openshift_logging_es_ops_pvc_prefix: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_prefix | default('logging-es-ops') }}"
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml
index 66dc0e096..221a81340 100644
--- a/roles/openshift_logging/tasks/install_logging.yaml
+++ b/roles/openshift_logging/tasks/install_logging.yaml
@@ -105,20 +105,22 @@
- set_fact: es_ops_indices=[]
when: openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count == 0
+- set_fact: openshift_logging_es_ops_pvc_prefix="logging-es-ops"
+ when: openshift_logging_es_ops_pvc_prefix == ""
- include_role:
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
openshift_logging_elasticsearch_deployment_name: "{{ item.0 }}"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}"
openshift_logging_elasticsearch_ops_deployment: true
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
- openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
- openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
- openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_ops_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
+ openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
+ openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
@@ -139,14 +141,14 @@
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}"
openshift_logging_elasticsearch_ops_deployment: true
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
- openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
- openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
- openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_ops_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
+ openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
+ openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml
index 684dbe0a0..68726aa78 100644
--- a/roles/openshift_logging_elasticsearch/tasks/main.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml
@@ -173,9 +173,8 @@
selector:
component: "{{ es_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 9300
@@ -187,14 +186,15 @@
selector:
component: "{{ es_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 9200
targetPort: "restapi"
-- name: Creating ES storage template
+# storageclasses are used by default but if static then disable
+# storageclasses with the storageClassName set to "" in pvc.j2
+- name: Creating ES storage template - static
template:
src: pvc.j2
dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
@@ -203,11 +203,13 @@
size: "{{ openshift_logging_elasticsearch_pvc_size }}"
access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_logging_elasticsearch_pvc_storage_class_name | default('', true) }}"
when:
- openshift_logging_elasticsearch_storage_type == "pvc"
- not openshift_logging_elasticsearch_pvc_dynamic
-- name: Creating ES storage template
+# Storageclasses are used by default if configured
+- name: Creating ES storage template - dynamic
template:
src: pvc.j2
dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
@@ -216,8 +218,6 @@
size: "{{ openshift_logging_elasticsearch_pvc_size }}"
access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: "dynamic"
when:
- openshift_logging_elasticsearch_storage_type == "pvc"
- openshift_logging_elasticsearch_pvc_dynamic
diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2
index 844dbc8c2..7424db6f6 100644
--- a/roles/openshift_logging_elasticsearch/templates/es.j2
+++ b/roles/openshift_logging_elasticsearch/templates/es.j2
@@ -78,6 +78,9 @@ spec:
name: "INSTANCE_RAM"
value: "{{openshift_logging_elasticsearch_memory_limit}}"
-
+ name: "HEAP_DUMP_LOCATION"
+ value: "/elasticsearch/persistent/heapdump.hprof"
+ -
name: "NODE_QUORUM"
value: "{{es_node_quorum | int}}"
-
@@ -87,9 +90,6 @@ spec:
name: "RECOVER_AFTER_TIME"
value: "{{openshift_logging_elasticsearch_recover_after_time}}"
-
- name: "READINESS_PROBE_TIMEOUT"
- value: "30"
- -
name: "IS_MASTER"
value: "{% if deploy_type in ['data-master', 'master'] %}true{% else %}false{% endif %}"
@@ -106,13 +106,6 @@ spec:
readOnly: true
- name: elasticsearch-storage
mountPath: /elasticsearch/persistent
- readinessProbe:
- exec:
- command:
- - "/usr/share/elasticsearch/probe/readiness.sh"
- initialDelaySeconds: 10
- timeoutSeconds: 30
- periodSeconds: 5
volumes:
- name: elasticsearch
secret:
diff --git a/roles/openshift_logging_elasticsearch/templates/pvc.j2 b/roles/openshift_logging_elasticsearch/templates/pvc.j2
index f19a3a750..063f9c5ae 100644
--- a/roles/openshift_logging_elasticsearch/templates/pvc.j2
+++ b/roles/openshift_logging_elasticsearch/templates/pvc.j2
@@ -25,3 +25,6 @@ spec:
resources:
requests:
storage: {{size}}
+{% if storage_class_name is defined %}
+ storageClassName: {{ storage_class_name }}
+{% endif %}
diff --git a/roles/openshift_logging_fluentd/tasks/main.yaml b/roles/openshift_logging_fluentd/tasks/main.yaml
index 8194223e8..30b596e22 100644
--- a/roles/openshift_logging_fluentd/tasks/main.yaml
+++ b/roles/openshift_logging_fluentd/tasks/main.yaml
@@ -100,7 +100,7 @@
- copy:
src: secure-forward.conf
dest: "{{ tempdir }}/secure-forward.conf"
- when: fluentd_securefoward_contents is undefined
+ when: fluentd_secureforward_contents is undefined
changed_when: no
diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2
index a5695ee26..d9814370f 100644
--- a/roles/openshift_logging_fluentd/templates/fluentd.j2
+++ b/roles/openshift_logging_fluentd/templates/fluentd.j2
@@ -98,9 +98,15 @@ spec:
- name: "BUFFER_SIZE_LIMIT"
value: "{{ openshift_logging_fluentd_buffer_size_limit }}"
- name: "FLUENTD_CPU_LIMIT"
- value: "{{ openshift_logging_fluentd_cpu_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "{{ daemonset_container_name }}"
+ resource: limits.cpu
- name: "FLUENTD_MEMORY_LIMIT"
- value: "{{ openshift_logging_fluentd_memory_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "{{ daemonset_container_name }}"
+ resource: limits.memory
volumes:
- name: runlogjournal
hostPath:
diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml
index bae55ffaa..93cb82793 100644
--- a/roles/openshift_logging_kibana/tasks/main.yaml
+++ b/roles/openshift_logging_kibana/tasks/main.yaml
@@ -89,9 +89,8 @@
selector:
component: "{{ kibana_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 443
targetPort: "oaproxy"
diff --git a/roles/openshift_logging_mux/templates/mux.j2 b/roles/openshift_logging_mux/templates/mux.j2
index 243698c6a..c3f9b3433 100644
--- a/roles/openshift_logging_mux/templates/mux.j2
+++ b/roles/openshift_logging_mux/templates/mux.j2
@@ -102,15 +102,21 @@ spec:
- name: USE_MUX
value: "true"
- name: MUX_ALLOW_EXTERNAL
- value: "{{ openshift_logging_mux_allow_external | default('false') }}"
+ value: "{{ openshift_logging_mux_allow_external | default('false') | lower }}"
- name: "BUFFER_QUEUE_LIMIT"
value: "{{ openshift_logging_mux_buffer_queue_limit }}"
- name: "BUFFER_SIZE_LIMIT"
value: "{{ openshift_logging_mux_buffer_size_limit }}"
- name: "MUX_CPU_LIMIT"
- value: "{{ openshift_logging_mux_cpu_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "mux"
+ resource: limits.cpu
- name: "MUX_MEMORY_LIMIT"
- value: "{{ openshift_logging_mux_memory_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "mux"
+ resource: limits.memory
volumes:
- name: config
configMap:
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
index 897ee7285..e8f7c47b0 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
@@ -12,7 +12,7 @@ Requires={{ openshift.docker.service_name }}.service
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
Environment=GOTRACEBACK=crash
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api
LimitNOFILE=131072
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
index 451f3436a..69db62f16 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
@@ -11,7 +11,7 @@ PartOf={{ openshift.docker.service_name }}.service
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
Environment=GOTRACEBACK=crash
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers
LimitNOFILE=131072
diff --git a/roles/openshift_master/templates/master_docker/master.docker.service.j2 b/roles/openshift_master/templates/master_docker/master.docker.service.j2
index 7f40cb042..31c1dfc33 100644
--- a/roles/openshift_master/templates/master_docker/master.docker.service.j2
+++ b/roles/openshift_master/templates/master_docker/master.docker.service.j2
@@ -8,7 +8,7 @@ Wants=etcd_container.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master
Restart=always
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
index c484d23cc..c05a27559 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
@@ -1,5 +1,8 @@
OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.api_port }} --master={{ openshift.master.loopback_api_url }}
CONFIG_FILE={{ openshift_master_config_file }}
+{% if openshift_push_via_dns | default(false) %}
+OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
+{% endif %}
{% if openshift.common.is_containerized | bool %}
IMAGE_VERSION={{ openshift_image_tag }}
{% endif %}
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
index e0adbbf52..a153fb33d 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
@@ -1,5 +1,8 @@
OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.controllers_port }}
CONFIG_FILE={{ openshift_master_config_file }}
+{% if openshift_push_via_dns | default(false) %}
+OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
+{% endif %}
{% if openshift.common.is_containerized | bool %}
IMAGE_VERSION={{ openshift_image_tag }}
{% endif %}
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index 62413536b..d9ffb1b6f 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -74,10 +74,10 @@
- name: Generate the loopback master client config
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
+ --certificate-authority={{ openshift_ca_cert }}
{% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
- --certificate-authority={{ openshift_ca_cert }}
--client-dir={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}
--groups=system:masters,system:openshift-master
--master={{ hostvars[item].openshift.master.loopback_api_url }}
diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
index 7b81b3c10..8d7ee00ed 100644
--- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
@@ -17,14 +17,17 @@
local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}"
with_items:
- hawkular-metrics
+ become: false
- local_action: slurp src="{{ local_tmp.stdout }}/hawkular-metrics.pwd"
register: hawkular_metrics_pwd
no_log: true
+ become: false
- name: generate htpasswd file for hawkular metrics
local_action: htpasswd path="{{ local_tmp.stdout }}/hawkular-metrics.htpasswd" name=hawkular password="{{ hawkular_metrics_pwd.content | b64decode }}"
no_log: true
+ become: false
- name: copy local generated passwords to target
copy:
diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml
index 62b7f52cb..7928a0346 100644
--- a/roles/openshift_metrics/tasks/install_cassandra.yaml
+++ b/roles/openshift_metrics/tasks/install_cassandra.yaml
@@ -36,6 +36,7 @@
access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}"
size: "{{ openshift_metrics_cassandra_pvc_size }}"
pv_selector: "{{ openshift_metrics_cassandra_pv_selector }}"
+ storage_class_name: "{{ openshift_metrics_cassanda_pvc_storage_class_name | default('', true) }}"
with_sequence: count={{ openshift_metrics_cassandra_replicas }}
when:
- openshift_metrics_cassandra_storage_type != 'emptydir'
@@ -50,8 +51,6 @@
obj_name: "{{ openshift_metrics_cassandra_pvc_prefix }}-{{ item }}"
labels:
metrics-infra: hawkular-cassandra
- annotations:
- volume.beta.kubernetes.io/storage-class: dynamic
access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}"
size: "{{ openshift_metrics_cassandra_pvc_size }}"
pv_selector: "{{ openshift_metrics_cassandra_pv_selector }}"
diff --git a/roles/openshift_metrics/tasks/install_hosa.yaml b/roles/openshift_metrics/tasks/install_hosa.yaml
index cc533a68b..7c9bc26d0 100644
--- a/roles/openshift_metrics/tasks/install_hosa.yaml
+++ b/roles/openshift_metrics/tasks/install_hosa.yaml
@@ -28,7 +28,7 @@
- name: Generate role binding for the hawkular-openshift-agent service account
template:
src: rolebinding.j2
- dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-agent-rolebinding.yaml"
+ dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-openshift-agent-rolebinding.yaml"
vars:
cluster: True
obj_name: hawkular-openshift-agent-rb
diff --git a/roles/openshift_metrics/tasks/install_support.yaml b/roles/openshift_metrics/tasks/install_support.yaml
index 5cefb273d..584e3be05 100644
--- a/roles/openshift_metrics/tasks/install_support.yaml
+++ b/roles/openshift_metrics/tasks/install_support.yaml
@@ -4,6 +4,7 @@
register: htpasswd_check
failed_when: no
changed_when: no
+ become: false
- fail: msg="'htpasswd' is unavailable. Please install httpd-tools on the control node"
when: htpasswd_check.rc == 1
@@ -13,6 +14,7 @@
register: keytool_check
failed_when: no
changed_when: no
+ become: false
- fail: msg="'keytool' is unavailable. Please install java-1.8.0-openjdk-headless on the control node"
when: keytool_check.rc == 1
diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml
index 0b5f23c24..eaabdd20f 100644
--- a/roles/openshift_metrics/tasks/main.yaml
+++ b/roles/openshift_metrics/tasks/main.yaml
@@ -1,6 +1,7 @@
---
- local_action: shell python -c 'import passlib' 2>/dev/null || echo not installed
register: passlib_result
+ become: false
- name: Check that python-passlib is available on the control host
assert:
@@ -52,3 +53,4 @@
tags: metrics_cleanup
changed_when: False
check_mode: no
+ become: false
diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2
index 0b801b33f..b4e6a1503 100644
--- a/roles/openshift_metrics/templates/pvc.j2
+++ b/roles/openshift_metrics/templates/pvc.j2
@@ -32,3 +32,6 @@ spec:
resources:
requests:
storage: {{size}}
+{% if storage_class_name is defined %}
+ storageClassName: {{ storage_class_name }}
+{% endif %}
diff --git a/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py
new file mode 100644
index 000000000..6ed6d404c
--- /dev/null
+++ b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py
@@ -0,0 +1,21 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+'''
+Custom filters for use with openshift named certificates
+'''
+
+
+class FilterModule(object):
+ ''' Custom ansible filters for use with openshift named certificates'''
+
+ @staticmethod
+ def oo_named_certificates_list(named_certificates):
+ ''' Returns named certificates list with correct fields for the master
+ config file.'''
+ return [{'certFile': named_certificate['certfile'],
+ 'keyFile': named_certificate['keyfile'],
+ 'names': named_certificate['names']} for named_certificate in named_certificates]
+
+ def filters(self):
+ ''' returns a mapping of filters to methods '''
+ return {"oo_named_certificates_list": self.oo_named_certificates_list}
diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index e3ce5df3d..2ccc28461 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -34,7 +34,7 @@
- name: Install Node service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: "{{ openshift.common.service_type }}-node.service.j2"
+ src: "node.service.j2"
register: install_node_result
when: not openshift.common.is_containerized | bool
notify:
diff --git a/roles/openshift_node/templates/atomic-openshift-node.service.j2 b/roles/openshift_node/templates/atomic-openshift-node.service.j2
deleted file mode 100644
index 80232094a..000000000
--- a/roles/openshift_node/templates/atomic-openshift-node.service.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-[Unit]
-Description=Atomic OpenShift Node
-After={{ openshift.docker.service_name }}.service
-After=openvswitch.service
-Wants={{ openshift.docker.service_name }}.service
-Documentation=https://github.com/openshift/origin
-
-[Service]
-Type=notify
-EnvironmentFile=/etc/sysconfig/atomic-openshift-node
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
-LimitNOFILE=65536
-LimitCORE=infinity
-WorkingDirectory=/var/lib/origin/
-SyslogIdentifier=atomic-openshift-node
-Restart=always
-RestartSec=5s
-OOMScoreAdjust=-999
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/openshift_node/templates/node.service.j2 b/roles/openshift_node/templates/node.service.j2
new file mode 100644
index 000000000..d4f0b7762
--- /dev/null
+++ b/roles/openshift_node/templates/node.service.j2
@@ -0,0 +1,30 @@
+[Unit]
+Description=OpenShift Node
+After={{ openshift.docker.service_name }}.service
+Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
+Wants={{ openshift.docker.service_name }}.service
+Documentation=https://github.com/openshift/origin
+Requires=dnsmasq.service
+After=dnsmasq.service
+
+[Service]
+Type=notify
+EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
+Environment=GOTRACEBACK=crash
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
+ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
+LimitNOFILE=65536
+LimitCORE=infinity
+WorkingDirectory=/var/lib/origin/
+SyslogIdentifier={{ openshift.common.service_type }}-node
+Restart=always
+RestartSec=5s
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index f2f929232..351c8c9f6 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -1,5 +1,9 @@
allowDisabledDocker: false
apiVersion: v1
+{% if openshift.common.version_gte_3_6 %}
+dnsBindAddress: 127.0.0.1:53
+dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
+{% endif %}
dnsDomain: {{ openshift.common.dns_domain }}
{% if 'dns_ip' in openshift.node %}
dnsIP: {{ openshift.node.dns_ip }}
diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service
index d89b64b06..639b6f6c8 100644
--- a/roles/openshift_node/templates/openshift.docker.node.service
+++ b/roles/openshift_node/templates/openshift.docker.node.service
@@ -12,14 +12,20 @@ After=ovs-vswitchd.service
Wants={{ openshift.common.service_type }}-master.service
Requires={{ openshift.common.service_type }}-node-dep.service
After={{ openshift.common.service_type }}-node-dep.service
+Requires=dnsmasq.service
+After=dnsmasq.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS {{ openshift.node.node_image }}:${IMAGE_VERSION}
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro {{ openshift.node.node_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
SyslogIdentifier={{ openshift.common.service_type }}-node
Restart=always
RestartSec=5s
diff --git a/roles/openshift_node/templates/origin-node.service.j2 b/roles/openshift_node/templates/origin-node.service.j2
deleted file mode 100644
index 8047301e6..000000000
--- a/roles/openshift_node/templates/origin-node.service.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-[Unit]
-Description=Origin Node
-After={{ openshift.docker.service_name }}.service
-Wants={{ openshift.docker.service_name }}.service
-Documentation=https://github.com/openshift/origin
-
-[Service]
-Type=notify
-EnvironmentFile=/etc/sysconfig/origin-node
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
-LimitNOFILE=65536
-LimitCORE=infinity
-WorkingDirectory=/var/lib/origin/
-SyslogIdentifier=origin-node
-Restart=always
-RestartSec=5s
-OOMScoreAdjust=-999
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/openshift_node_dnsmasq/defaults/main.yml b/roles/openshift_node_dnsmasq/defaults/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/openshift_node_dnsmasq/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
index c68073a10..924226d09 100755
--- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
+++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
@@ -45,13 +45,15 @@ if [[ $2 =~ ^(up|dhcp4-change|dhcp6-change)$ ]]; then
def_route_int=$(/sbin/ip route get to ${def_route} | awk '{print $3}')
def_route_ip=$(/sbin/ip route get to ${def_route} | awk '{print $5}')
if [[ ${DEVICE_IFACE} == ${def_route_int} && \
- -n "${IP4_NAMESERVERS}" ]]; then
+ -n "${IP4_NAMESERVERS}" && \
+ "${IP4_NAMESERVERS}" != "${def_route_ip}" ]]; then
if [ ! -f /etc/dnsmasq.d/origin-dns.conf ]; then
cat << EOF > /etc/dnsmasq.d/origin-dns.conf
no-resolv
domain-needed
server=/cluster.local/172.30.0.1
server=/30.172.in-addr.arpa/172.30.0.1
+enable-dbus
EOF
# New config file, must restart
NEEDS_RESTART=1
@@ -89,13 +91,17 @@ EOF
systemctl restart dnsmasq
fi
- # Only if dnsmasq is running properly make it our only nameserver
+ # Only if dnsmasq is running properly make it our only nameserver, copy
+ # original resolv.conf to /etc/origin/node/resolv.conf for node service to
+ # bypass dnsmasq
if `systemctl -q is-active dnsmasq.service`; then
- sed -e '/^nameserver.*$/d' /etc/resolv.conf > ${NEW_RESOLV_CONF}
- echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF}
if ! grep -q '99-origin-dns.sh' ${NEW_RESOLV_CONF}; then
echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> ${NEW_RESOLV_CONF}
+ cp /etc/resolv.conf /etc/origin/node/resolv.conf
fi
+ sed -e '/^nameserver.*$/d' /etc/resolv.conf > ${NEW_RESOLV_CONF}
+ echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF}
+
if ! grep -q 'search.*cluster.local' ${NEW_RESOLV_CONF}; then
sed -i '/^search/ s/$/ cluster.local/' ${NEW_RESOLV_CONF}
fi
diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml
index 3311f7006..d0221a94b 100644
--- a/roles/openshift_node_dnsmasq/tasks/main.yml
+++ b/roles/openshift_node_dnsmasq/tasks/main.yml
@@ -14,6 +14,17 @@
package: name=dnsmasq state=installed
when: not openshift.common.is_atomic | bool
+# this file is copied to /etc/dnsmasq.d/ when the node starts and is removed
+# when the node stops. A dbus-message is sent to dnsmasq to add the same entries
+# so that dnsmasq doesn't need to be restarted. Once we can use dnsmasq 2.77 or
+# newer we can use --server-file option to update the servers dynamically and
+# reload them by sending dnsmasq a SIGHUP. We write the file in case someone else
+# triggers a restart of dnsmasq but not a node restart.
+- name: Install node-dnsmasq.conf
+ template:
+ src: node-dnsmasq.conf.j2
+ dest: /etc/origin/node/node-dnsmasq.conf
+
- name: Install dnsmasq configuration
template:
src: origin-dns.conf.j2
diff --git a/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2 b/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2
new file mode 100644
index 000000000..3caa3bd4a
--- /dev/null
+++ b/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2
@@ -0,0 +1,2 @@
+server=/in-addr.arpa/127.0.0.1
+server=/{{ openshift.common.dns_domain }}/127.0.0.1
diff --git a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
index 8bae9aaac..779b4d2f5 100644
--- a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
+++ b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
@@ -1,5 +1,7 @@
no-resolv
domain-needed
-server=/{{ openshift.common.dns_domain }}/{{ openshift.common.kube_svc_ip }}
no-negcache
max-cache-ttl=1
+enable-dbus
+bind-interfaces
+listen-address={{ ansible_default_ipv4.address }}
diff --git a/roles/openshift_node_upgrade/README.md b/roles/openshift_node_upgrade/README.md
index 66bce38ec..8b388cc6a 100644
--- a/roles/openshift_node_upgrade/README.md
+++ b/roles/openshift_node_upgrade/README.md
@@ -88,6 +88,7 @@ Including an example of how to use your role (for instance, with variables passe
roles:
- openshift_facts
- docker
+ - openshift_node_dnsmasq
- openshift_node_upgrade
post_tasks:
diff --git a/roles/openshift_node_upgrade/defaults/main.yml b/roles/openshift_node_upgrade/defaults/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/openshift_node_upgrade/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml
index 8eaa68cc9..9807aa9a3 100644
--- a/roles/openshift_node_upgrade/tasks/main.yml
+++ b/roles/openshift_node_upgrade/tasks/main.yml
@@ -133,6 +133,17 @@
- ansible_selinux is defined
- ansible_selinux.status == 'enabled'
+- name: Apply 3.6 dns config changes
+ yedit:
+ src: /etc/origin/node/node-config.yaml
+ key: "{{ item.key }}"
+ value: "{{ item.value }}"
+ with_items:
+ - key: "dnsBindAddress"
+ value: "127.0.0.1:53"
+ - key: "dnsRecursiveResolvConf"
+ value: "/etc/origin/node/resolv.conf"
+
# Restart all services
- include: restart.yml
diff --git a/roles/openshift_node_upgrade/tasks/restart.yml b/roles/openshift_node_upgrade/tasks/restart.yml
index 508eb9358..b24d8cec7 100644
--- a/roles/openshift_node_upgrade/tasks/restart.yml
+++ b/roles/openshift_node_upgrade/tasks/restart.yml
@@ -16,7 +16,11 @@
- name: Restart docker
service:
name: "{{ openshift.docker.service_name }}"
- state: restarted
+ state: started
+ register: docker_start_result
+ until: not docker_start_result | failed
+ retries: 1
+ delay: 30
- name: Update docker facts
openshift_facts:
diff --git a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml b/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
index 06a2d16ba..a998acf21 100644
--- a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
+++ b/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
@@ -16,7 +16,7 @@
- name: Install Node service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: "{{ openshift.common.service_type }}-node.service.j2"
+ src: "node.service.j2"
register: l_node_unit
# NOTE: This is needed to make sure we are using the correct set
diff --git a/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2 b/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2
deleted file mode 120000
index 6041fb13a..000000000
--- a/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2
+++ /dev/null
@@ -1 +0,0 @@
-../../openshift_node/templates/atomic-openshift-node.service.j2 \ No newline at end of file
diff --git a/roles/openshift_node_upgrade/templates/node.service.j2 b/roles/openshift_node_upgrade/templates/node.service.j2
new file mode 100644
index 000000000..d4f0b7762
--- /dev/null
+++ b/roles/openshift_node_upgrade/templates/node.service.j2
@@ -0,0 +1,30 @@
+[Unit]
+Description=OpenShift Node
+After={{ openshift.docker.service_name }}.service
+Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
+Wants={{ openshift.docker.service_name }}.service
+Documentation=https://github.com/openshift/origin
+Requires=dnsmasq.service
+After=dnsmasq.service
+
+[Service]
+Type=notify
+EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
+Environment=GOTRACEBACK=crash
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
+ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
+LimitNOFILE=65536
+LimitCORE=infinity
+WorkingDirectory=/var/lib/origin/
+SyslogIdentifier={{ openshift.common.service_type }}-node
+Restart=always
+RestartSec=5s
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/openshift_node_upgrade/templates/openshift.docker.node.service b/roles/openshift_node_upgrade/templates/openshift.docker.node.service
index 2a099301a..639b6f6c8 100644
--- a/roles/openshift_node_upgrade/templates/openshift.docker.node.service
+++ b/roles/openshift_node_upgrade/templates/openshift.docker.node.service
@@ -6,18 +6,26 @@ PartOf={{ openshift.docker.service_name }}.service
Requires={{ openshift.docker.service_name }}.service
{% if openshift.common.use_openshift_sdn %}
Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
{% endif %}
Wants={{ openshift.common.service_type }}-master.service
Requires={{ openshift.common.service_type }}-node-dep.service
After={{ openshift.common.service_type }}-node-dep.service
+Requires=dnsmasq.service
+After=dnsmasq.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS {{ openshift.node.node_image }}:${IMAGE_VERSION}
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro {{ openshift.node.node_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
SyslogIdentifier={{ openshift.common.service_type }}-node
Restart=always
RestartSec=5s
diff --git a/roles/openshift_node_upgrade/templates/origin-node.service.j2 b/roles/openshift_node_upgrade/templates/origin-node.service.j2
deleted file mode 120000
index 79c45a303..000000000
--- a/roles/openshift_node_upgrade/templates/origin-node.service.j2
+++ /dev/null
@@ -1 +0,0 @@
-../../openshift_node/templates/origin-node.service.j2 \ No newline at end of file
diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml
index f15dc16d1..59ce505d3 100644
--- a/roles/openshift_sanitize_inventory/tasks/main.yml
+++ b/roles/openshift_sanitize_inventory/tasks/main.yml
@@ -46,3 +46,7 @@
msg: |-
openshift_release is "{{ openshift_release }}" which is not a valid version string.
Please set it to a version string like "3.4".
+
+- include: unsupported.yml
+ when:
+ - not openshift_enable_unsupported_configurations | default(false) | bool
diff --git a/roles/openshift_sanitize_inventory/tasks/unsupported.yml b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
new file mode 100644
index 000000000..24e44ea85
--- /dev/null
+++ b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
@@ -0,0 +1,12 @@
+---
+# This task list checks for unsupported configurations. Values here should yield
+# a partially functioning cluster but would not be supported for production use.
+
+- name: Ensure that openshift_use_dnsmasq is true
+ when:
+ - not openshift_use_dnsmasq | default(true) | bool
+ fail:
+ msg: |-
+ Starting in 3.6 openshift_use_dnsmasq must be true or critical features
+ will not function. This also means that NetworkManager must be installed
+ enabled and responsible for management of the primary interface.
diff --git a/roles/openshift_service_catalog/defaults/main.yml b/roles/openshift_service_catalog/defaults/main.yml
new file mode 100644
index 000000000..01ee2544d
--- /dev/null
+++ b/roles/openshift_service_catalog/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+openshift_service_catalog_remove: false
+openshift_service_catalog_nodeselector: {"openshift-infra": "apiserver"}
diff --git a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
new file mode 100644
index 000000000..880146ca4
--- /dev/null
+++ b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
@@ -0,0 +1,161 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: service-catalog
+objects:
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: servicecatalog-serviceclass-viewer
+ rules:
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - serviceclasses
+ verbs:
+ - list
+ - watch
+ - get
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: servicecatalog-serviceclass-viewer-binding
+ roleRef:
+ name: servicecatalog-serviceclass-viewer
+ groupNames:
+ - system:authenticated
+
+- kind: ServiceAccount
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller
+
+- kind: ServiceAccount
+ apiVersion: v1
+ metadata:
+ name: service-catalog-apiserver
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: sar-creator
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - subjectaccessreviews.authorization.k8s.io
+ verbs:
+ - create
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-sar-creator-binding
+ roleRef:
+ name: sar-creator
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: namespace-viewer
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - list
+ - watch
+ - get
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-namespace-viewer-binding
+ roleRef:
+ name: namespace-viewer
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller-namespace-viewer-binding
+ roleRef:
+ name: namespace-viewer
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - podpresets
+ verbs:
+ - create
+ - update
+ - delete
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - brokers/status
+ - instances/status
+ - bindings/status
+ verbs:
+ - update
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller-binding
+ roleRef:
+ name: service-catalog-controller
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: Role
+ apiVersion: v1
+ metadata:
+ name: endpoint-accessor
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - list
+ - watch
+ - get
+ - create
+ - update
+
+- kind: RoleBinding
+ apiVersion: v1
+ metadata:
+ name: endpoint-accessor-binding
+ roleRef:
+ name: endpoint-accessor
+ namespace: kube-service-catalog
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: system:auth-delegator-binding
+ roleRef:
+ name: system:auth-delegator
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
diff --git a/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml b/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml
new file mode 100644
index 000000000..f6ee0955d
--- /dev/null
+++ b/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: kube-system-service-catalog
+objects:
+
+- kind: Role
+ apiVersion: v1
+ metadata:
+ name: extension-apiserver-authentication-reader
+ namespace: ${KUBE_SYSTEM_NAMESPACE}
+ rules:
+ - apiGroups:
+ - ""
+ resourceNames:
+ - extension-apiserver-authentication
+ resources:
+ - configmaps
+ verbs:
+ - get
+
+- kind: RoleBinding
+ apiVersion: v1
+ metadata:
+ name: extension-apiserver-authentication-reader-binding
+ namespace: ${KUBE_SYSTEM_NAMESPACE}
+ roleRef:
+ name: extension-apiserver-authentication-reader
+ namespace: kube-system
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+parameters:
+- description: Do not change this value.
+ displayName: Name of the kube-system namespace
+ name: KUBE_SYSTEM_NAMESPACE
+ required: true
+ value: kube-system
diff --git a/roles/openshift_service_catalog/meta/main.yml b/roles/openshift_service_catalog/meta/main.yml
new file mode 100644
index 000000000..1e6b837cd
--- /dev/null
+++ b/roles/openshift_service_catalog/meta/main.yml
@@ -0,0 +1,17 @@
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Service Catalog
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_service_catalog/tasks/generate_certs.yml b/roles/openshift_service_catalog/tasks/generate_certs.yml
new file mode 100644
index 000000000..cc897b032
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/generate_certs.yml
@@ -0,0 +1,70 @@
+---
+- name: Create service catalog cert directory
+ file:
+ path: "{{ openshift.common.config_base }}/service-catalog"
+ state: directory
+ mode: 0755
+ changed_when: False
+ check_mode: no
+
+- set_fact:
+ generated_certs_dir: "{{ openshift.common.config_base }}/service-catalog"
+
+- name: Generate signing cert
+ command: >
+ {{ openshift.common.client_binary }} adm --config=/etc/origin/master/admin.kubeconfig ca create-signer-cert
+ --key={{ generated_certs_dir }}/ca.key --cert={{ generated_certs_dir }}/ca.crt
+ --serial={{ generated_certs_dir }}/apiserver.serial.txt --name=service-catalog-signer
+
+- name: Generating server keys
+ oc_adm_ca_server_cert:
+ cert: "{{ generated_certs_dir }}/apiserver.crt"
+ key: "{{ generated_certs_dir }}/apiserver.key"
+ hostnames: "apiserver.kube-service-catalog.svc,apiserver.kube-service-catalog.svc.cluster.local,apiserver.kube-service-catalog"
+ signer_cert: "{{ generated_certs_dir }}/ca.crt"
+ signer_key: "{{ generated_certs_dir }}/ca.key"
+ signer_serial: "{{ generated_certs_dir }}/apiserver.serial.txt"
+
+- name: Create apiserver-ssl secret
+ oc_secret:
+ state: present
+ name: apiserver-ssl
+ namespace: kube-service-catalog
+ files:
+ - name: tls.crt
+ path: "{{ generated_certs_dir }}/apiserver.crt"
+ - name: tls.key
+ path: "{{ generated_certs_dir }}/apiserver.key"
+
+- slurp:
+ src: "{{ generated_certs_dir }}/ca.crt"
+ register: apiserver_ca
+
+- shell: >
+ oc get apiservices.apiregistration.k8s.io/v1alpha1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
+ register: get_apiservices
+ changed_when: no
+
+- name: Create api service
+ oc_obj:
+ state: present
+ name: v1alpha1.servicecatalog.k8s.io
+ kind: apiservices.apiregistration.k8s.io
+ namespace: "kube-service-catalog"
+ content:
+ path: /tmp/apisvcout
+ data:
+ apiVersion: apiregistration.k8s.io/v1beta1
+ kind: APIService
+ metadata:
+ name: v1alpha1.servicecatalog.k8s.io
+ spec:
+ group: servicecatalog.k8s.io
+ version: v1alpha1
+ service:
+ namespace: "kube-service-catalog"
+ name: apiserver
+ caBundle: "{{ apiserver_ca.content }}"
+ groupPriorityMinimum: 20
+ versionPriority: 10
+ when: "'not found' in get_apiservices.stdout"
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
new file mode 100644
index 000000000..6e8301ffe
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -0,0 +1,189 @@
+---
+# do any asserts here
+
+- name: Create temp directory for doing work in
+ command: mktemp -d /tmp/openshift-service-catalog-ansible-XXXXXX
+ register: mktemp
+ changed_when: False
+
+
+- include: wire_aggregator.yml
+
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ item }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+
+- name: Set service_catalog image facts
+ set_fact:
+ openshift_service_catalog_image_prefix: "{{ openshift_service_catalog_image_prefix | default(__openshift_service_catalog_image_prefix) }}"
+ openshift_service_catalog_image_version: "{{ openshift_service_catalog_image_version | default(__openshift_service_catalog_image_version) }}"
+
+- name: Set Service Catalog namespace
+ oc_project:
+ state: present
+ name: "kube-service-catalog"
+# node_selector: "{{ openshift_service_catalog_nodeselector | default(null) }}"
+
+- include: generate_certs.yml
+
+- copy:
+ src: kubeservicecatalog_roles_bindings.yml
+ dest: "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
+
+- oc_obj:
+ name: service-catalog
+ kind: template
+ namespace: "kube-service-catalog"
+ files:
+ - "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
+ delete_after: yes
+
+- oc_process:
+ create: True
+ template_name: service-catalog
+ namespace: "kube-service-catalog"
+
+- copy:
+ src: kubesystem_roles_bindings.yml
+ dest: "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
+
+- oc_obj:
+ name: kube-system-service-catalog
+ kind: template
+ namespace: kube-system
+ files:
+ - "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
+ delete_after: yes
+
+- oc_process:
+ create: True
+ template_name: kube-system-service-catalog
+ namespace: kube-system
+
+- shell: >
+ oc get policybindings/kube-system:default -n kube-system || echo "not found"
+ register: get_kube_system
+ changed_when: no
+
+- command: >
+ oc create policybinding kube-system -n kube-system
+ when: "'not found' in get_kube_system.stdout"
+
+- oc_adm_policy_user:
+ namespace: kube-service-catalog
+ resource_kind: scc
+ resource_name: hostmount-anyuid
+ state: present
+ user: "system:serviceaccount:kube-service-catalog:service-catalog-apiserver"
+
+- name: Set SA cluster-role
+ oc_adm_policy_user:
+ state: present
+ namespace: "kube-service-catalog"
+ resource_kind: cluster-role
+ resource_name: admin
+ user: "system:serviceaccount:kube-service-catalog:default"
+
+- name: Checking for master.etcd-ca.crt
+ stat:
+ path: /etc/origin/master/master.etcd-ca.crt
+ register: etcd_ca_crt
+ check_mode: no
+
+## api server
+- template:
+ src: api_server.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_server.yml"
+ vars:
+ image: ""
+ namespace: ""
+ cpu_limit: none
+ memory_limit: none
+ cpu_requests: none
+ memory_request: none
+ cors_allowed_origin: localhost
+ etcd_servers: "{{ openshift.master.etcd_urls | join(',') }}"
+ etcd_cafile: "{{ '/etc/origin/master/master.etcd-ca.crt' if etcd_ca_crt.stat.exists else '/etc/origin/master/ca-bundle.crt' }}"
+ node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}"
+
+- name: Set Service Catalog API Server daemonset
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_server.yml"
+ delete_after: yes
+
+- template:
+ src: api_server_service.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_service.yml"
+
+- name: Set Service Catalog API Server service
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: service
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_service.yml"
+ delete_after: yes
+
+- template:
+ src: api_server_route.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_route.yml"
+
+- name: Set Service Catalog API Server route
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: route
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_route.yml"
+ delete_after: yes
+
+## controller manager
+- template:
+ src: controller_manager.j2
+ dest: "{{ mktemp.stdout }}/controller_manager.yml"
+ vars:
+ image: ""
+ cpu_limit: none
+ memory_limit: none
+ node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}"
+
+- name: Set Controller Manager deployment
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: controller-manager
+ files:
+ - "{{ mktemp.stdout }}/controller_manager.yml"
+ delete_after: yes
+
+- template:
+ src: controller_manager_service.j2
+ dest: "{{ mktemp.stdout }}/controller_manager_service.yml"
+
+- name: Set Controller Manager service
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: service
+ name: controller-manager
+ files:
+ - "{{ mktemp.stdout }}/controller_manager_service.yml"
+ delete_after: yes
+
+- include: start_api_server.yml
+
+- name: Delete temp directory
+ file:
+ name: "{{ mktemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/roles/openshift_service_catalog/tasks/main.yml b/roles/openshift_service_catalog/tasks/main.yml
new file mode 100644
index 000000000..dc0d6a370
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+ when: not openshift_service_catalog_remove | default(false) | bool
+
+- include: remove.yml
+ when: openshift_service_catalog_remove | default(false) | bool
diff --git a/roles/openshift_service_catalog/tasks/remove.yml b/roles/openshift_service_catalog/tasks/remove.yml
new file mode 100644
index 000000000..2fb1ec440
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/remove.yml
@@ -0,0 +1,56 @@
+---
+- name: Remove Service Catalog APIServer
+ command: >
+ oc delete apiservices.apiregistration.k8s.io/v1alpha1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog
+
+- name: Remove Policy Binding
+ command: >
+ oc delete policybindings/kube-system:default -n kube-system --ignore-not-found
+
+# TODO: this module doesn't currently remove this
+#- name: Remove service catalog api service
+# oc_obj:
+# state: absent
+# namespace: "kube-service-catalog"
+# kind: apiservices.apiregistration.k8s.io
+# name: v1alpha1.servicecatalog.k8s.io
+
+- name: Remove Service Catalog API Server route
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: route
+ name: apiserver
+
+- name: Remove Service Catalog API Server service
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: service
+ name: apiserver
+
+- name: Remove Service Catalog API Server daemonset
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: apiserver
+
+- name: Remove Controller Manager service
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: service
+ name: controller-manager
+
+- name: Remove Controller Manager deployment
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: deployment
+ name: controller-manager
+
+- name: Remove Service Catalog namespace
+ oc_project:
+ state: absent
+ name: "kube-service-catalog"
diff --git a/roles/openshift_service_catalog/tasks/start_api_server.yml b/roles/openshift_service_catalog/tasks/start_api_server.yml
new file mode 100644
index 000000000..b143292b6
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/start_api_server.yml
@@ -0,0 +1,22 @@
+---
+# Label nodes and wait for apiserver and controller to be running (at least one)
+- name: Label {{ openshift.node.nodename }} for APIServer and controller deployment
+ oc_label:
+ name: "{{ openshift.node.nodename }}"
+ kind: node
+ state: add
+ labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | oo_dict_to_list_of_dict }}"
+
+# wait to see that the apiserver is available
+- name: wait for api server to be ready
+ command: >
+ curl -k https://apiserver.kube-service-catalog.svc/healthz
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_health
+ until: api_health.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
diff --git a/roles/openshift_service_catalog/tasks/wire_aggregator.yml b/roles/openshift_service_catalog/tasks/wire_aggregator.yml
new file mode 100644
index 000000000..3e5897ba4
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/wire_aggregator.yml
@@ -0,0 +1,86 @@
+---
+# TODO: this currently has a bug where hostnames are required
+- name: Creating Aggregator signer certs
+ command: >
+ oc adm ca create-signer-cert
+ --cert=/etc/origin/master/front-proxy-ca.crt
+ --key=/etc/origin/master/front-proxy-ca.key
+ --serial=/etc/origin/master/ca.serial.txt
+# oc_adm_ca_server_cert:
+# cert: /etc/origin/master/front-proxy-ca.crt
+# key: /etc/origin/master/front-proxy-ca.key
+
+- name: Create api-client config for Aggregator
+ command: >
+ oc adm create-api-client-config
+ --certificate-authority=/etc/origin/master/front-proxy-ca.crt
+ --signer-cert=/etc/origin/master/front-proxy-ca.crt
+ --signer-key=/etc/origin/master/front-proxy-ca.key
+ --user aggregator-front-proxy
+ --client-dir=/etc/origin/master
+ --signer-serial=/etc/origin/master/ca.serial.txt
+
+- name: Update master config
+ yedit:
+ state: present
+ src: /etc/origin/master/master-config.yaml
+ edits:
+ - key: aggregatorConfig.proxyClientInfo.certFile
+ value: aggregator-front-proxy.crt
+ - key: aggregatorConfig.proxyClientInfo.keyFile
+ value: aggregator-front-proxy.key
+ - key: authConfig.requestHeader.clientCA
+ value: front-proxy-ca.crt
+ - key: authConfig.requestHeader.clientCommonNames
+ value: [aggregator-front-proxy]
+ - key: authConfig.requestHeader.usernameHeaders
+ value: [X-Remote-User]
+ - key: authConfig.requestHeader.groupHeaders
+ value: [X-Remote-Group]
+ - key: authConfig.requestHeader.extraHeaderPrefixes
+ value: [X-Remote-Extra-]
+ register: yedit_output
+
+#restart master serially here
+- name: restart master
+ systemd: name={{ openshift.common.service_type }}-master state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is not defined or not openshift.master.ha | bool
+
+- name: restart master api
+ systemd: name={{ openshift.common.service_type }}-master-api state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is defined and openshift.master.ha | bool
+ - openshift.master.cluster_method == 'native'
+
+- name: restart master controllers
+ systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is defined and openshift.master.ha | bool
+ - openshift.master.cluster_method == 'native'
+
+- name: Verify API Server
+ # Using curl here since the uri module requires python-httplib2 and
+ # wait_for port doesn't provide health information.
+ command: >
+ curl --silent --tlsv1.2
+ {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
+ {% else %}
+ --cacert {{ openshift.common.config_base }}/master/ca.crt
+ {% endif %}
+ {{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_available_output
+ until: api_available_output.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
+ when:
+ - yedit_output.changed
diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2
new file mode 100644
index 000000000..c09834fd4
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server.j2
@@ -0,0 +1,79 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ labels:
+ app: apiserver
+ name: apiserver
+spec:
+ selector:
+ matchLabels:
+ app: apiserver
+ updateStrategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: apiserver
+ spec:
+ serviceAccountName: service-catalog-apiserver
+ nodeSelector:
+{% for key, value in node_selector.iteritems() %}
+ {{key}}: "{{value}}"
+{% endfor %}
+ containers:
+ - args:
+ - --storage-type
+ - etcd
+ - --secure-port
+ - "6443"
+ - --etcd-servers
+ - {{ etcd_servers }}
+ - --etcd-cafile
+ - {{ etcd_cafile }}
+ - --etcd-certfile
+ - /etc/origin/master/master.etcd-client.crt
+ - --etcd-keyfile
+ - /etc/origin/master/master.etcd-client.key
+ - -v
+ - "10"
+ - --cors-allowed-origins
+ - {{ cors_allowed_origin }}
+ - --admission-control
+ - "KubernetesNamespaceLifecycle"
+ image: {{ openshift_service_catalog_image_prefix }}service-catalog:{{ openshift_service_catalog_image_version }}
+ command: ["/usr/bin/apiserver"]
+ imagePullPolicy: Always
+ name: apiserver
+ ports:
+ - containerPort: 6443
+ protocol: TCP
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - mountPath: /var/run/kubernetes-service-catalog
+ name: apiserver-ssl
+ readOnly: true
+ - mountPath: /etc/origin/master
+ name: etcd-host-cert
+ readOnly: true
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ securityContext: {}
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: apiserver-ssl
+ secret:
+ defaultMode: 420
+ secretName: apiserver-ssl
+ items:
+ - key: tls.crt
+ path: apiserver.crt
+ - key: tls.key
+ path: apiserver.key
+ - hostPath:
+ path: /etc/origin/master
+ name: etcd-host-cert
+ - emptyDir: {}
+ name: data-dir
diff --git a/roles/openshift_service_catalog/templates/api_server_route.j2 b/roles/openshift_service_catalog/templates/api_server_route.j2
new file mode 100644
index 000000000..3c3da254d
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server_route.j2
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Route
+metadata:
+ name: apiserver
+spec:
+ port:
+ targetPort: secure
+ tls:
+ termination: passthrough
+ to:
+ kind: Service
+ name: apiserver
+ weight: 100
+ wildcardPolicy: None
diff --git a/roles/openshift_service_catalog/templates/api_server_service.j2 b/roles/openshift_service_catalog/templates/api_server_service.j2
new file mode 100644
index 000000000..bae337201
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server_service.j2
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: apiserver
+spec:
+ ports:
+ - name: secure
+ port: 443
+ protocol: TCP
+ targetPort: 6443
+ selector:
+ app: apiserver
+ sessionAffinity: None
diff --git a/roles/openshift_service_catalog/templates/controller_manager.j2 b/roles/openshift_service_catalog/templates/controller_manager.j2
new file mode 100644
index 000000000..33932eeb7
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/controller_manager.j2
@@ -0,0 +1,46 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ labels:
+ app: controller-manager
+ name: controller-manager
+spec:
+ selector:
+ matchLabels:
+ app: controller-manager
+ strategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: controller-manager
+ spec:
+ nodeSelector:
+{% for key, value in node_selector.iteritems() %}
+ {{key}}: "{{value}}"
+{% endfor %}
+ containers:
+ - env:
+ - name: K8S_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ args:
+ - -v
+ - "5"
+ - "--leader-election-namespace=$(K8S_NAMESPACE)"
+ image: {{ openshift_service_catalog_image_prefix }}service-catalog:{{ openshift_service_catalog_image_version }}
+ command: ["/usr/bin/controller-manager"]
+ imagePullPolicy: Always
+ name: controller-manager
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ securityContext: {}
+ terminationGracePeriodSeconds: 30
diff --git a/roles/openshift_service_catalog/templates/controller_manager_service.j2 b/roles/openshift_service_catalog/templates/controller_manager_service.j2
new file mode 100644
index 000000000..2bac645fc
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/controller_manager_service.j2
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: controller-manager
+spec:
+ ports:
+ - port: 6443
+ protocol: TCP
+ targetPort: 6443
+ selector:
+ app: controller-manager
+ sessionAffinity: None
+ type: ClusterIP
diff --git a/roles/openshift_service_catalog/vars/default_images.yml b/roles/openshift_service_catalog/vars/default_images.yml
new file mode 100644
index 000000000..6fb9d1b86
--- /dev/null
+++ b/roles/openshift_service_catalog/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_service_catalog_image_prefix: "docker.io/openshift/origin-"
+__openshift_service_catalog_image_version: "latest"
diff --git a/roles/openshift_service_catalog/vars/openshift-enterprise.yml b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..8c3f14485
--- /dev/null
+++ b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_service_catalog_image_prefix: "registry.access.redhat.com/openshift3/"
+__openshift_service_catalog_image_version: "3.6.0"
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 4406ef28b..af901103e 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -26,7 +26,7 @@
- kind: "sa"
name: "heketi-{{ glusterfs_name }}-service-account"
- kind: "secret"
- name: "heketi-{{ glusterfs_name }}-user-secret"
+ name: "heketi-{{ glusterfs_name }}-admin-secret"
failed_when: False
when: glusterfs_heketi_wipe
@@ -66,6 +66,7 @@
- name: Add heketi service account to privileged SCC
oc_adm_policy_user:
+ namespace: "{{ glusterfs_namespace }}"
user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
resource_kind: scc
resource_name: privileged
@@ -74,6 +75,7 @@
- name: Allow heketi service account to view/edit pods
oc_adm_policy_user:
+ namespace: "{{ glusterfs_namespace }}"
user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
resource_kind: role
resource_name: edit
@@ -148,7 +150,7 @@
- name: Set heketi-cli command
set_fact:
- glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}oc rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}heketi-cli -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
+ glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}heketi-cli -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
- name: Verify heketi service
command: "{{ glusterfs_heketi_client }} cluster list"
@@ -170,7 +172,7 @@
oc_secret:
namespace: "{{ glusterfs_namespace }}"
state: present
- name: "heketi-{{ glusterfs_name }}-secret"
+ name: "heketi-{{ glusterfs_name }}-admin-secret"
type: "kubernetes.io/glusterfs"
force: True
contents:
diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
index 26343b909..63009c539 100644
--- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
+++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
@@ -4,7 +4,7 @@
register: setup_storage
- name: Copy heketi-storage list
- shell: "{{ openshift.common.client_binary }} rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json"
+ shell: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json"
# This is used in the subsequent task
- name: Copy the admin client config
@@ -125,7 +125,7 @@
- name: Set heketi-cli command
set_fact:
- glusterfs_heketi_client: "oc rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} heketi-cli -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
+ glusterfs_heketi_client: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} heketi-cli -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
- name: Verify heketi service
command: "{{ glusterfs_heketi_client }} cluster list"
diff --git a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
index 5ea801e60..2ec9a9e9a 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
@@ -8,4 +8,4 @@ parameters:
resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
restuser: "admin"
secretNamespace: "{{ glusterfs_namespace }}"
- secretName: "heketi-{{ glusterfs_name }}-secret"
+ secretName: "heketi-{{ glusterfs_name }}-admin-secret"
diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml
index 16792388f..f4cb8ddb2 100644
--- a/roles/openshift_version/tasks/main.yml
+++ b/roles/openshift_version/tasks/main.yml
@@ -84,115 +84,119 @@
- openshift_version is not defined
- openshift_protect_installed_version | bool
-- name: Set openshift_version for rpm installation
- include: set_version_rpm.yml
- when: not is_containerized | bool
-
-- name: Set openshift_version for containerized installation
- include: set_version_containerized.yml
- when: is_containerized | bool
-
-- block:
- - name: Get available {{ openshift.common.service_type}} version
- repoquery:
- name: "{{ openshift.common.service_type}}"
- ignore_excluders: true
- register: rpm_results
- - fail:
- msg: "Package {{ openshift.common.service_type}} not found"
- when: not rpm_results.results.package_found
- - set_fact:
- openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}"
- - name: Fail if rpm version and docker image version are different
- fail:
- msg: "OCP rpm version {{ openshift_rpm_version }} is different from OCP image version {{ openshift_version }}"
- # Both versions have the same string representation
+# The rest of these tasks should only execute on
+# masters and nodes as we can verify they have subscriptions
+- when:
+ - inventory_hostname in groups['oo_masters_to_config'] or inventory_hostname in groups['oo_nodes_to_config']
+ block:
+ - name: Set openshift_version for rpm installation
+ include: set_version_rpm.yml
+ when: not is_containerized | bool
+
+ - name: Set openshift_version for containerized installation
+ include: set_version_containerized.yml
+ when: is_containerized | bool
+
+ - block:
+ - name: Get available {{ openshift.common.service_type}} version
+ repoquery:
+ name: "{{ openshift.common.service_type}}"
+ ignore_excluders: true
+ register: rpm_results
+ - fail:
+ msg: "Package {{ openshift.common.service_type}} not found"
+ when: not rpm_results.results.package_found
+ - set_fact:
+ openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}"
+ - name: Fail if rpm version and docker image version are different
+ fail:
+ msg: "OCP rpm version {{ openshift_rpm_version }} is different from OCP image version {{ openshift_version }}"
+ # Both versions have the same string representation
+ when:
+ - openshift_rpm_version != openshift_version
+ # if openshift_pkg_version or openshift_image_tag is defined, user gives a permission the rpm and docker image versions can differ
+ - openshift_pkg_version is not defined
+ - openshift_image_tag is not defined
when:
- - openshift_rpm_version != openshift_version
- # if openshift_pkg_version or openshift_image_tag is defined, user gives a permission the rpm and docker image versions can differ
- - openshift_pkg_version is not defined
- - openshift_image_tag is not defined
- when:
- - is_containerized | bool
- - not is_atomic | bool
-
-# Warn if the user has provided an openshift_image_tag but is not doing a containerized install
-# NOTE: This will need to be modified/removed for future container + rpm installations work.
-- name: Warn if openshift_image_tag is defined when not doing a containerized install
- debug:
- msg: >
- openshift_image_tag is used for containerized installs. If you are trying to
- specify an image for a non-container install see oreg_url or oreg_url_master or oreg_url_node.
- when:
- - not is_containerized | bool
- - openshift_image_tag is defined
-
+ - is_containerized | bool
+ - not is_atomic | bool
+
+ # Warn if the user has provided an openshift_image_tag but is not doing a containerized install
+ # NOTE: This will need to be modified/removed for future container + rpm installations work.
+ - name: Warn if openshift_image_tag is defined when not doing a containerized install
+ debug:
+ msg: >
+ openshift_image_tag is used for containerized installs. If you are trying to
+ specify an image for a non-container install see oreg_url or oreg_url_master or oreg_url_node.
+ when:
+ - not is_containerized | bool
+ - openshift_image_tag is defined
-# At this point we know openshift_version is set appropriately. Now we set
-# openshift_image_tag and openshift_pkg_version, so all roles can always assume
-# each of this variables *will* be set correctly and can use them per their
-# intended purpose.
+ # At this point we know openshift_version is set appropriately. Now we set
+ # openshift_image_tag and openshift_pkg_version, so all roles can always assume
+ # each of this variables *will* be set correctly and can use them per their
+ # intended purpose.
-- block:
- - debug:
- msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}"
+ - block:
+ - debug:
+ msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}"
- - set_fact:
- openshift_image_tag: v{{ openshift_version }}
+ - set_fact:
+ openshift_image_tag: v{{ openshift_version }}
- when: openshift_image_tag is not defined
+ when: openshift_image_tag is not defined
-- block:
- - debug:
- msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}"
+ - block:
+ - debug:
+ msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}"
- - set_fact:
- openshift_pkg_version: -{{ openshift_version }}
+ - set_fact:
+ openshift_pkg_version: -{{ openshift_version }}
- when: openshift_pkg_version is not defined
+ when: openshift_pkg_version is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_version
- name: Abort if openshift_version was not set
- when: openshift_version is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_version
+ name: Abort if openshift_version was not set
+ when: openshift_version is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_image_tag
- name: Abort if openshift_image_tag was not set
- when: openshift_image_tag is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_image_tag
+ name: Abort if openshift_image_tag was not set
+ when: openshift_image_tag is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_pkg_version
- name: Abort if openshift_pkg_version was not set
- when: openshift_pkg_version is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_pkg_version
+ name: Abort if openshift_pkg_version was not set
+ when: openshift_pkg_version is not defined
-- fail:
- msg: "No OpenShift version available; please ensure your systems are fully registered and have access to appropriate yum repositories."
- name: Abort if openshift_pkg_version was not set
- when:
- - not is_containerized | bool
- - openshift_version == '0.0'
+ - fail:
+ msg: "No OpenShift version available; please ensure your systems are fully registered and have access to appropriate yum repositories."
+ name: Abort if openshift_pkg_version was not set
+ when:
+ - not is_containerized | bool
+ - openshift_version == '0.0'
-# We can't map an openshift_release to full rpm version like we can with containers; make sure
-# the rpm version we looked up matches the release requested and error out if not.
-- name: For an RPM install, abort when the release requested does not match the available version.
- when:
- - not is_containerized | bool
- - openshift_release is defined
- assert:
- that:
- - openshift_version.startswith(openshift_release) | bool
- msg: |-
- You requested openshift_release {{ openshift_release }}, which is not matched by
- the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }}
- on host {{ inventory_hostname }}.
- We will only install the latest RPMs, so please ensure you are getting the release
- you expect. You may need to adjust your Ansible inventory, modify the repositories
- available on the host, or run the appropriate OpenShift upgrade playbook.
+ # We can't map an openshift_release to full rpm version like we can with containers; make sure
+ # the rpm version we looked up matches the release requested and error out if not.
+ - name: For an RPM install, abort when the release requested does not match the available version.
+ when:
+ - not is_containerized | bool
+ - openshift_release is defined
+ assert:
+ that:
+ - openshift_version.startswith(openshift_release) | bool
+ msg: |-
+ You requested openshift_release {{ openshift_release }}, which is not matched by
+ the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }}
+ on host {{ inventory_hostname }}.
+ We will only install the latest RPMs, so please ensure you are getting the release
+ you expect. You may need to adjust your Ansible inventory, modify the repositories
+ available on the host, or run the appropriate OpenShift upgrade playbook.
-# The end result of these three variables is quite important so make sure they are displayed and logged:
-- debug: var=openshift_release
+ # The end result of these three variables is quite important so make sure they are displayed and logged:
+ - debug: var=openshift_release
-- debug: var=openshift_image_tag
+ - debug: var=openshift_image_tag
-- debug: var=openshift_pkg_version
+ - debug: var=openshift_pkg_version
diff --git a/roles/rhel_subscribe/meta/main.yml b/roles/rhel_subscribe/meta/main.yml
index 0bbeadd34..23d65c7ef 100644
--- a/roles/rhel_subscribe/meta/main.yml
+++ b/roles/rhel_subscribe/meta/main.yml
@@ -1,3 +1,2 @@
---
-dependencies:
- - role: openshift_facts
+dependencies: []
diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml
index 28c3c7080..453044a6e 100644
--- a/roles/rhel_subscribe/tasks/main.yml
+++ b/roles/rhel_subscribe/tasks/main.yml
@@ -21,6 +21,11 @@
msg: Either rhsub_pass or the rhel_subscription_pass env variable are required for this role.
when: rhel_subscription_pass is not defined
+- name: Detecting Atomic Host Operating System
+ stat:
+ path: /run/ostree-booted
+ register: ostree_booted
+
- name: Satellite preparation
command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
args:
@@ -57,5 +62,6 @@
when: openshift_pool_id.stdout != ''
- include: enterprise.yml
- when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] and
- not openshift.common.is_atomic | bool
+ when:
+ - deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ]
+ - not ostree_booted.stat.exists | bool
diff --git a/test/integration/openshift_health_checker/setup_container.yml b/test/integration/openshift_health_checker/setup_container.yml
index 8793d954e..33e94cf1f 100644
--- a/test/integration/openshift_health_checker/setup_container.yml
+++ b/test/integration/openshift_health_checker/setup_container.yml
@@ -43,3 +43,6 @@
delegate_facts: True
delegate_to: "{{ container_name }}"
with_dict: "{{ l_host_vars | default({}) }}"
+
+- include: ../../../playbooks/byo/openshift-cluster/initialize_groups.yml
+- include: ../../../playbooks/common/openshift-cluster/evaluate_groups.yml