shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384
							kind: Template
apiVersion: v1
metadata:
  annotations:
    description: Application template for Red Hat Decision Manager Execution Server 7.0 application built using S2I.
    iconClass: icon-decisionserver
    tags: rhdm,jboss,xpaas
    version: 1.4.8
    openshift.io/display-name: Red Hat Decision Manager Execution Server 7.0 S2I (Ephemeral with https)
  name: rhdm70-kieserver-https-s2i
labels:
  template: rhdm70-kieserver-https-s2i
  xpaas: 1.4.8
message: A new Decision Manager Execution Server application has been created in your
  project. Please be sure to create the "kieserver-service-account" service account and
  the secret named "${HTTPS_SECRET}" containing the ${HTTPS_KEYSTORE} file used for
  serving secure content. The username/password for accessing the KIE Server REST interface is ${KIE_SERVER_USER}/${KIE_SERVER_PWD}.
parameters:
- displayName: Application Name
  description: The name for the application.
  name: APPLICATION_NAME
  value: myapp
  required: true
- displayName: EAP Admin User
  description: EAP administrator username
  name: ADMIN_USERNAME
  value: eapadmin
  required: false
- displayName: EAP Admin Password
  description: EAP administrator password
  name: ADMIN_PASSWORD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Admin User
  description: KIE administrator username
  name: KIE_ADMIN_USER
  value: adminUser
  required: false
- displayName: KIE Admin Password
  description: KIE administrator password
  name: KIE_ADMIN_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server User
  description: KIE execution server username (Sets the org.kie.server.user system
    property)
  name: KIE_SERVER_USER
  value: executionUser
  required: false
- displayName: KIE Server Password
  description: KIE execution server password (Sets the org.kie.server.pwd system property)
  name: KIE_SERVER_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server ID
  description: Decision server identifier. Determines the template ID in Decision Central or controller. If this parameter is left blank, it is set using the $HOSTNAME environment variable or a random value. (Sets the org.kie.server.id system property).
  name: KIE_SERVER_ID
  value: ''
  required: false
- displayName: KIE Server Bypass Auth User
  description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user
    system property)
  name: KIE_SERVER_BYPASS_AUTH_USER
  value: 'false'
  required: false
- displayName: KIE MBeans
  description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and
    kie.scanner.mbeans system properties)
  name: KIE_MBEANS
  value: enabled
  required: false
- displayName: Drools Server Filter Classes
  description: KIE execution server class filtering (Sets the org.drools.server.filter.classes
    system property)
  name: DROOLS_SERVER_FILTER_CLASSES
  value: 'true'
  required: false
- displayName: Execution Server Custom http Route Hostname
  description: 'Custom hostname for http service route.  Leave blank for default hostname,
    e.g.: <application-name>-execserv-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Execution Server Custom https Route Hostname
  description: 'Custom hostname for https service route.  Leave blank for default
    hostname, e.g.: secure-<application-name>-execserv-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER_HOSTNAME_HTTPS
  value: ''
  required: false
- displayName: Server Keystore Secret Name
  description: The name of the secret containing the keystore file
  name: HTTPS_SECRET
  value: kieserver-app-secret
  required: false
- displayName: Server Keystore Filename
  description: The name of the keystore file within the secret
  name: HTTPS_KEYSTORE
  value: keystore.jks
  required: false
- displayName: Server Certificate Name
  description: The name associated with the server certificate
  name: HTTPS_NAME
  value: jboss
  required: false
- displayName: Server Keystore Password
  description: The password for the keystore and certificate
  name: HTTPS_PASSWORD
  value: mykeystorepass
  required: false
- displayName: KIE Server Container Deployment
  description: 'KIE Server Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2'
  name: KIE_SERVER_CONTAINER_DEPLOYMENT
  value: rhdm-kieserver-hellorules=org.openshift.quickstarts:rhdm-kieserver-hellorules:1.4.8.Final
  required: false
- displayName: Git Repository URL
  description: Git source URI for application
  name: SOURCE_REPOSITORY_URL
  value: https://github.com/jboss-container-images/rhdm-7-openshift-image.git
  required: true
- displayName: Git Reference
  description: Git branch/tag reference
  name: SOURCE_REPOSITORY_REF
  value: ose-v1.4.8-1
  required: false
- displayName: Context Directory
  description: Path within Git project to build; empty for root project directory.
  name: CONTEXT_DIR
  value: quickstarts/hello-rules/hellorules
  required: false
- displayName: Github Webhook Secret
  description: GitHub trigger secret
  name: GITHUB_WEBHOOK_SECRET
  from: "[a-zA-Z0-9]{8}"
  generate: expression
  required: true
- displayName: Generic Webhook Secret
  description: Generic build trigger secret
  name: GENERIC_WEBHOOK_SECRET
  from: "[a-zA-Z0-9]{8}"
  generate: expression
  required: true
- displayName: ImageStream Namespace
  description: Namespace in which the ImageStreams for Red Hat Middleware images are
    installed. These ImageStreams are normally installed in the openshift namespace.
    You should only need to modify this if you've installed the ImageStreams in a
    different namespace/project.
  name: IMAGE_STREAM_NAMESPACE
  value: openshift
  required: true
- displayName: Maven mirror URL
  description: Maven mirror to use for S2I builds
  name: MAVEN_MIRROR_URL
  value: ''
  required: false
- displayName: Maven repository URL
  description: Fully qualified URL to a Maven repository.
  name: MAVEN_REPO_URL
  value: ''
  required: false
- displayName: Maven repository username
  description: Username to access the Maven repository.
  name: MAVEN_REPO_USERNAME
  value: ''
  required: false
- displayName: Maven repository password
  description: Password to access the Maven repository.
  name: MAVEN_REPO_PASSWORD
  value: ''
  required: false
- description: List of directories from which archives will be copied into the deployment
    folder. If unspecified, all archives in /target will be copied.
  name: ARTIFACT_DIR
  value: ''
  required: false
objects:
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - port: 8080
      targetPort: 8080
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
    annotations:
      description: The execution server web server's http port.
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - port: 8443
      targetPort: 8443
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
  metadata:
    name: secure-${APPLICATION_NAME}-kieserver
    labels:
      application: "${APPLICATION_NAME}"
    annotations:
      description: The execution server web server's https port.
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-http"
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
    annotations:
      description: Route for execution server's http service.
  spec:
    host: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-kieserver"
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-https"
  metadata:
    name: secure-${APPLICATION_NAME}-kieserver
    labels:
      application: "${APPLICATION_NAME}"
    annotations:
      description: Route for execution server's https service.
  spec:
    host: "${EXECUTION_SERVER_HOSTNAME_HTTPS}"
    to:
      name: secure-${APPLICATION_NAME}-kieserver
    tls:
      termination: passthrough
- kind: ImageStream
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
- kind: BuildConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
  spec:
    source:
      type: Git
      git:
        uri: "${SOURCE_REPOSITORY_URL}"
        ref: "${SOURCE_REPOSITORY_REF}"
      contextDir: "${CONTEXT_DIR}"
    strategy:
      type: Source
      sourceStrategy:
        env:
        - name: KIE_SERVER_CONTAINER_DEPLOYMENT
          value: "${KIE_SERVER_CONTAINER_DEPLOYMENT}"
        - name: MAVEN_MIRROR_URL
          value: "${MAVEN_MIRROR_URL}"
        - name: ARTIFACT_DIR
          value: "${ARTIFACT_DIR}"
        forcePull: true
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: rhdm70-kieserver-openshift:1.0
    output:
      to:
        kind: ImageStreamTag
        name: "${APPLICATION_NAME}-kieserver:latest"
    triggers:
    - type: GitHub
      github:
        secret: "${GITHUB_WEBHOOK_SECRET}"
    - type: Generic
      generic:
        secret: "${GENERIC_WEBHOOK_SECRET}"
    - type: ImageChange
      imageChange: {}
    - type: ConfigChange
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-kieserver"
        from:
          kind: ImageStream
          name: "${APPLICATION_NAME}-kieserver"
    - type: ConfigChange
    replicas: 1
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
    template:
      metadata:
        name: "${APPLICATION_NAME}-kieserver"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-kieserver"
          application: "${APPLICATION_NAME}"
      spec:
        serviceAccountName: kieserver-service-account
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-kieserver"
          image: "${APPLICATION_NAME}-kieserver"
          imagePullPolicy: Always
          volumeMounts:
          - name: kieserver-keystore-volume
            mountPath: "/etc/kieserver-secret-volume"
            readOnly: true
          livenessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "/opt/eap/bin/livenessProbe.sh"
          readinessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "/opt/eap/bin/readinessProbe.sh"
          ports:
          - name: jolokia
            containerPort: 8778
            protocol: TCP
          - name: http
            containerPort: 8080
            protocol: TCP
          - name: https
            containerPort: 8443
            protocol: TCP
          env:
          - name: DROOLS_SERVER_FILTER_CLASSES
            value: "${DROOLS_SERVER_FILTER_CLASSES}"
          - name: KIE_ADMIN_PWD
            value: "${KIE_ADMIN_PWD}"
          - name: KIE_ADMIN_USER
            value: "${KIE_ADMIN_USER}"
          - name: KIE_MBEANS
            value: "${KIE_MBEANS}"
          - name: KIE_SERVER_BYPASS_AUTH_USER
            value: "${KIE_SERVER_BYPASS_AUTH_USER}"
          - name: KIE_SERVER_ID
            value: "${KIE_SERVER_ID}"
          - name: KIE_SERVER_HOST
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
          - name: KIE_SERVER_CONTAINER_DEPLOYMENT
            value: "${KIE_SERVER_CONTAINER_DEPLOYMENT}"
          - name: KIE_SERVER_PWD
            value: "${KIE_SERVER_PWD}"
          - name: KIE_SERVER_USER
            value: "${KIE_SERVER_USER}"
          - name: MAVEN_REPO_URL
            value: "${MAVEN_REPO_URL}"
          - name: MAVEN_REPO_USERNAME
            value: "${MAVEN_REPO_USERNAME}"
          - name: MAVEN_REPO_PASSWORD
            value: "${MAVEN_REPO_PASSWORD}"
          - name: HTTPS_KEYSTORE_DIR
            value: "/etc/kieserver-secret-volume"
          - name: HTTPS_KEYSTORE
            value: "${HTTPS_KEYSTORE}"
          - name: HTTPS_NAME
            value: "${HTTPS_NAME}"
          - name: HTTPS_PASSWORD
            value: "${HTTPS_PASSWORD}"
        volumes:
        - name: kieserver-keystore-volume
          secret:
            secretName: "${HTTPS_SECRET}"