diff options
Diffstat (limited to 'roles/openshift_examples/files/examples/v3.10/xpaas-templates/datavirt63-secure-s2i.json')
| -rw-r--r-- | roles/openshift_examples/files/examples/v3.10/xpaas-templates/datavirt63-secure-s2i.json | 994 |
1 files changed, 994 insertions, 0 deletions
diff --git a/roles/openshift_examples/files/examples/v3.10/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.10/xpaas-templates/datavirt63-secure-s2i.json new file mode 100644 index 000000000..202a57a1e --- /dev/null +++ b/roles/openshift_examples/files/examples/v3.10/xpaas-templates/datavirt63-secure-s2i.json @@ -0,0 +1,994 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datavirt", + "tags": "jdv,datavirt,database,jboss", + "version": "1.4.8", + "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration and ability to configure certificates for serving secure content.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datavirt63-secure-s2i" + }, + "labels": { + "template": "datavirt63-secure-s2i", + "xpaas": "1.4.8" + }, + "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "description": "The name for the application.", + "displayName": "Application Name", + "name": "APPLICATION_NAME", + "value": "datavirt-app", + "required": true + }, + { + "description": "The name of the secret containing configuration properties for the data sources.", + "displayName": "Configuration Secret Name", + "name": "CONFIGURATION_NAME", + "value": "datavirt-app-config", + "required": true + }, + { + "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>", + "displayName": "Custom http Route Hostname", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Specify a custom hostname for the https route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>", + "displayName": "Custom https Route Hostname", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "Specify a custom hostname for the JDBC route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>", + "displayName": "Custom JDBC Route Hostname", + "name": "HOSTNAME_JDBC", + "value": "", + "required": false + }, + { + "description": "The URL of the repository with your application source code.", + "displayName": "Git Repository URL", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.", + "displayName": "Git Reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "master", + "required": false + }, + { + "description": "Set this to the relative path to your project if it is not in the root of your repository.", + "displayName": "Context Directory", + "name": "CONTEXT_DIR", + "value": "datavirt/dynamicvdb-datafederation/app", + "required": false + }, + { + "description": "The name of the secret containing the keystore to be used for serving secure content.", + "displayName": "Server Keystore Secret Name", + "name": "HTTPS_SECRET", + "value": "datavirt-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret.", + "displayName": "Server Keystore Filename", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The type of the keystore file (JKS or JCEKS).", + "displayName": "Server Keystore Type", + "name": "HTTPS_KEYSTORE_TYPE", + "value": "", + "required": false + }, + { + "description": "The name associated with the server certificate.", + "displayName": "Server Certificate Name", + "name": "HTTPS_NAME", + "value": "jboss", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "displayName": "Server Keystore Password", + "name": "HTTPS_PASSWORD", + "value": "mykeystorepass", + "required": false + }, + { + "description": "Username associated with Teiid data service.", + "displayName": "Teiid Username", + "name": "TEIID_USERNAME", + "from": "[\\a]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Password for Teiid user.", + "displayName": "Teiid User Password", + "name": "TEIID_PASSWORD", + "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}", + "generate": "expression", + "required": true + }, + { + "description": "Username associated with ModeShape.", + "displayName": "ModeShape Username", + "name": "MODESHAPE_USERNAME", + "from": "[\\a]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Password for ModeShape user.", + "displayName": "ModeShape User Password", + "name": "MODESHAPE_PASSWORD", + "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}", + "generate": "expression", + "required": true + }, + { + "description": "A secret string used to configure the GitHub webhook.", + "displayName": "Github Webhook Secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "A secret string used to configure the Generic webhook.", + "displayName": "Generic Webhook Secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "displayName": "ImageStream Namespace", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "The name of the secret containing the keystore to be used for securing JGroups communications.", + "displayName": "JGroups Secret Name", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datavirt-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the JGroups secret.", + "displayName": "JGroups Keystore Filename", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the JGroups server certificate", + "displayName": "JGroups Certificate Name", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "secret-key", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "displayName": "JGroups Keystore Password", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "password", + "required": false + }, + { + "description": "Password used by JGroups to authenticate nodes in the cluster.", + "displayName": "JGroups Cluster Password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Controls whether exploded deployment content should be automatically deployed", + "displayName": "Deploy Exploded Archives", + "name": "AUTO_DEPLOY_EXPLODED", + "value": "false", + "required": false + }, + { + "description": "Comma delimited list of source directories containing VDBs for deployment", + "displayName": "VDB Deployment Directories", + "name": "VDB_DIRS", + "value": "", + "required": false + }, + { + "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.", + "displayName": "SSO Server URL", + "name": "SSO_URL", + "value": "", + "required": false + }, + { + "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.", + "displayName": "SSO Server Service URL", + "name": "SSO_SERVICE_URL", + "value": "", + "required": false + }, + { + "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).", + "displayName": "SSO Realm", + "name": "SSO_REALM", + "value": "", + "required": false + }, + { + "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.", + "displayName": "SSO Username", + "name": "SSO_USERNAME", + "value": "", + "required": false + }, + { + "description": "The password for the SSO service user.", + "displayName": "SSO User's Password", + "name": "SSO_PASSWORD", + "value": "", + "required": false + }, + { + "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.", + "displayName": "SSO Realm Public Key", + "name": "SSO_PUBLIC_KEY", + "value": "", + "required": false + }, + { + "description": "SSO Client Access Type. true or false", + "displayName": "SSO Bearer Only", + "name": "SSO_BEARER_ONLY", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "displayName": "SSO SAML Keystore Secret", + "name": "SSO_SAML_KEYSTORE_SECRET", + "value": "datavirt-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "displayName": "SSO SAML Keystore File", + "name": "SSO_SAML_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "displayName": "SSO SAML Certificate Alias", + "name": "SSO_SAML_CERTIFICATE_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "SSO_SAML_KEYSTORE_PASSWORD", + "displayName": "SSO SAML Keystore Password", + "value": "", + "required": false + }, + { + "description": "The SSO Client Secret for Confidential Access", + "name": "SSO_SECRET", + "displayName": "SSO Client Secret", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "Enable CORS for SSO applications. true or false", + "name": "SSO_ENABLE_CORS", + "displayName": "SSO Enable CORS", + "value": "false", + "required": false + }, + { + "description": "SSO logout page for SAML applications", + "name": "SSO_SAML_LOGOUT_PAGE", + "displayName": "SSO SAML Logout Page", + "value": "/", + "required": false + }, + { + "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)", + "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION", + "displayName": "SSO Disable SSL Certificate Validation", + "value": "true", + "required": false + }, + { + "description": "The name of the truststore file within the secret (e.g. truststore.jks)", + "name": "SSO_TRUSTSTORE", + "displayName": "SSO Truststore File", + "value": "", + "required": false + }, + { + "description": "The password for the truststore and certificate (e.g. mykeystorepass)", + "name": "SSO_TRUSTSTORE_PASSWORD", + "displayName": "SSO Truststore Password", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName", + "name": "SSO_TRUSTSTORE_SECRET", + "displayName": "SSO Truststore Secret", + "value": "datavirt-app-secret", + "required": false + }, + { + "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method", + "name": "SSO_OPENIDCONNECT_DEPLOYMENTS", + "displayName": "SSO OpenIDConnect Deployments", + "value": "", + "required": false + }, + { + "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method", + "name": "SSO_SAML_DEPLOYMENTS", + "displayName": "SSO SAML Deployments", + "value": "", + "required": false + }, + { + "displayName": "Maven mirror URL", + "description": "Maven mirror to use for S2I builds", + "name": "MAVEN_MIRROR_URL", + "value": "", + "required": false + }, + { + "displayName": "Artifact Directories", + "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.", + "name": "ARTIFACT_DIR", + "value": "", + "required": false + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "name": "http", + "port": 8080, + "targetPort": "http" + }, + { + "name": "https", + "port": 8443, + "targetPort": "https" + }, + { + "name": "jdbc", + "port": 31000, + "targetPort": "jdbc" + }, + { + "name": "jdbcs", + "port": 31443, + "targetPort": "jdbcs" + }, + { + "name": "odbc", + "port": 35432, + "targetPort": "odbc" + }, + { + "name": "odbcs", + "port": 35443, + "targetPort": "odbcs" + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The data virtualization services." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http (REST) service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "port": { + "targetPort": "http" + }, + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https (REST) service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "port": { + "targetPort": "https" + }, + "to": { + "name": "${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-jdbc", + "metadata": { + "name": "jdbc-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's JDBC service." + } + }, + "spec": { + "host": "${HOSTNAME_JDBC}", + "port": { + "targetPort": "jdbcs" + }, + "to": { + "name": "${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}", + "images": [ + { + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-client-openshift:1.1" + }, + "paths": [ + { + "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65", + "sourcePath": "/extensions/." + } + ] + } + ] + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datavirt63-openshift:1.4" + }, + "env": [ + { + "name": "MAVEN_MIRROR_URL", + "value": "${MAVEN_MIRROR_URL}" + }, + { + "name": "CUSTOM_INSTALL_DIRECTORIES", + "value": "extensions/*" + }, + { + "name": "VDB_DIRS", + "value": "${VDB_DIRS}" + }, + { + "name": "ARTIFACT_DIR", + "value": "${ARTIFACT_DIR}" + } + ] + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ImageChange", + "imageChange": { + "from": { + "kind": "ImageStreamTag", + "name": "jboss-datagrid65-client-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "configuration", + "mountPath": "/etc/datavirt-environment", + "readOnly": true + }, + { + "name": "datavirt-keystore-volume", + "mountPath": "/etc/datavirt-secret-volume", + "readOnly": true + }, + { + "name": "datavirt-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "jdbc", + "containerPort": 31000, + "protocol": "TCP" + }, + { + "name": "jdbcs", + "containerPort": 31443, + "protocol": "TCP" + }, + { + "name": "odbc", + "containerPort": 35432, + "protocol": "TCP" + }, + { + "name": "odbcs", + "containerPort": 35443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datavirt-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_KEYSTORE_TYPE", + "value": "${HTTPS_KEYSTORE_TYPE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + }, + { + "name": "AUTO_DEPLOY_EXPLODED", + "value": "${AUTO_DEPLOY_EXPLODED}" + }, + { + "name": "TEIID_USERNAME", + "value": "${TEIID_USERNAME}" + }, + { + "name": "TEIID_PASSWORD", + "value": "${TEIID_PASSWORD}" + }, + { + "name": "MODESHAPE_USERNAME", + "value": "${MODESHAPE_USERNAME}" + }, + { + "name": "MODESHAPE_PASSWORD", + "value": "${MODESHAPE_PASSWORD}" + }, + { + "name": "ENV_FILES", + "value": "/etc/datavirt-environment/*" + }, + { + "name": "DATAVIRT_TRANSPORT_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE", + "value": "${HTTPS_KEYSTORE_TYPE}" + }, + { + "name": "DATAVIRT_TRANSPORT_KEY_ALIAS", + "value": "${HTTPS_NAME}" + }, + { + "name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "SSO_URL", + "value": "${SSO_URL}" + }, + { + "name": "SSO_SERVICE_URL", + "value": "${SSO_SERVICE_URL}" + }, + { + "name": "SSO_REALM", + "value": "${SSO_REALM}" + }, + { + "name": "SSO_USERNAME", + "value": "${SSO_USERNAME}" + }, + { + "name": "SSO_PASSWORD", + "value": "${SSO_PASSWORD}" + }, + { + "name": "SSO_PUBLIC_KEY", + "value": "${SSO_PUBLIC_KEY}" + }, + { + "name": "SSO_BEARER_ONLY", + "value": "${SSO_BEARER_ONLY}" + }, + { + "name": "SSO_SAML_KEYSTORE_SECRET", + "value": "${SSO_SAML_KEYSTORE_SECRET}" + }, + { + "name": "SSO_SAML_KEYSTORE", + "value": "${SSO_SAML_KEYSTORE}" + }, + { + "name": "SSO_SAML_KEYSTORE_DIR", + "value": "/etc/sso-saml-secret-volume" + }, + { + "name": "SSO_SAML_CERTIFICATE_NAME", + "value": "${SSO_SAML_CERTIFICATE_NAME}" + }, + { + "name": "SSO_SAML_KEYSTORE_PASSWORD", + "value": "${SSO_SAML_KEYSTORE_PASSWORD}" + }, + { + "name": "SSO_SECRET", + "value": "${SSO_SECRET}" + }, + { + "name": "SSO_ENABLE_CORS", + "value": "${SSO_ENABLE_CORS}" + }, + { + "name": "SSO_SAML_LOGOUT_PAGE", + "value": "${SSO_SAML_LOGOUT_PAGE}" + }, + { + "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION", + "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}" + }, + { + "name": "SSO_TRUSTSTORE", + "value": "${SSO_TRUSTSTORE}" + }, + { + "name": "SSO_TRUSTSTORE_DIR", + "value": "/etc/sso-secret-volume" + }, + { + "name": "SSO_TRUSTSTORE_PASSWORD", + "value": "${SSO_TRUSTSTORE_PASSWORD}" + }, + { + "name": "SSO_OPENIDCONNECT_DEPLOYMENTS", + "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}" + }, + { + "name": "SSO_SAML_DEPLOYMENTS", + "value": "${SSO_SAML_DEPLOYMENTS}" + }, + { + "name": "HOSTNAME_HTTP", + "value": "${HOSTNAME_HTTP}" + }, + { + "name": "HOSTNAME_HTTPS", + "value": "${HOSTNAME_HTTPS}" + } + ] + } + ], + "volumes": [ + { + "name": "configuration", + "secret": { + "secretName": "${CONFIGURATION_NAME}" + } + }, + { + "name": "datavirt-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datavirt-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + } + ] +} |