Last active
March 25, 2020 11:35
-
-
Save eliaspn/3c7174d9c3de2456e74cca6cca6fb66d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "kind": "Template", | |
| "apiVersion": "v1", | |
| "metadata": { | |
| "name": "keycloak-https", | |
| "annotations": { | |
| "iconClass": "icon-sso", | |
| "tags": "keycloak", | |
| "version": "4.0.0.Beta2", | |
| "openshift.io/display-name": "Keycloak", | |
| "description": "An example Keycloak server with HTTPS" | |
| } | |
| }, | |
| "parameters": [ | |
| { | |
| "displayName": "Application Name", | |
| "description": "The name for the application.", | |
| "name": "APPLICATION_NAME", | |
| "value": "keycloak", | |
| "required": true | |
| }, | |
| { | |
| "displayName": "Keycloak Administrator Username", | |
| "description": "Keycloak Server administrator username", | |
| "name": "KEYCLOAK_USER", | |
| "from": "[a-zA-Z0-9]{8}", | |
| "generate": "expression", | |
| "required": true | |
| }, | |
| { | |
| "displayName": "Keycloak Administrator Password", | |
| "description": "Keycloak Server administrator password", | |
| "name": "KEYCLOAK_PASSWORD", | |
| "from": "[a-zA-Z0-9]{8}", | |
| "generate": "expression", | |
| "required": true | |
| }, | |
| { | |
| "displayName": "DB Vendor", | |
| "description": "DB vendor (H2, POSTGRES, MYSQL or MARIADB)", | |
| "name": "DB_VENDOR", | |
| "value": "H2", | |
| "required": true | |
| }, | |
| { | |
| "displayName": "Custom http Route Hostname", | |
| "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", | |
| "name": "HOSTNAME_HTTP", | |
| "value": "", | |
| "required": false | |
| }, | |
| { | |
| "displayName": "Custom https Route Hostname", | |
| "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", | |
| "name": "HOSTNAME_HTTPS", | |
| "value": "", | |
| "required": false | |
| }, | |
| { | |
| "displayName": "Namespace used for DNS discovery", | |
| "description": "This namespace is a part of DNS query sent to Kubernetes API. This query allows the DNS_PING protocol to extract cluster members. This parameter might be removed once https://issues.jboss.org/browse/JGRP-2292 is implemented.", | |
| "name": "NAMESPACE", | |
| "required": true | |
| } | |
| ], | |
| "objects": [ | |
| { | |
| "kind": "Service", | |
| "apiVersion": "v1", | |
| "spec": { | |
| "ports": [ | |
| { | |
| "port": 8080, | |
| "targetPort": 8080 | |
| } | |
| ], | |
| "selector": { | |
| "deploymentConfig": "${APPLICATION_NAME}" | |
| } | |
| }, | |
| "metadata": { | |
| "name": "${APPLICATION_NAME}", | |
| "labels": { | |
| "application": "${APPLICATION_NAME}" | |
| }, | |
| "annotations": { | |
| "description": "The web server's http port." | |
| } | |
| } | |
| }, | |
| { | |
| "kind": "Service", | |
| "apiVersion": "v1", | |
| "spec": { | |
| "ports": [ | |
| { | |
| "port": 8443, | |
| "targetPort": 8443 | |
| } | |
| ], | |
| "selector": { | |
| "deploymentConfig": "${APPLICATION_NAME}" | |
| } | |
| }, | |
| "metadata": { | |
| "name": "secure-${APPLICATION_NAME}", | |
| "labels": { | |
| "application": "${APPLICATION_NAME}" | |
| }, | |
| "annotations": { | |
| "description": "The web server's https port." | |
| } | |
| } | |
| }, | |
| { | |
| "kind": "Route", | |
| "apiVersion": "v1", | |
| "id": "${APPLICATION_NAME}-http", | |
| "metadata": { | |
| "name": "${APPLICATION_NAME}", | |
| "labels": { | |
| "application": "${APPLICATION_NAME}" | |
| }, | |
| "annotations": { | |
| "description": "Route for application's http service." | |
| } | |
| }, | |
| "spec": { | |
| "host": "${HOSTNAME_HTTP}", | |
| "to": { | |
| "name": "${APPLICATION_NAME}" | |
| } | |
| } | |
| }, | |
| { | |
| "kind": "Route", | |
| "apiVersion": "v1", | |
| "id": "${APPLICATION_NAME}-https", | |
| "metadata": { | |
| "name": "secure-${APPLICATION_NAME}", | |
| "labels": { | |
| "application": "${APPLICATION_NAME}" | |
| }, | |
| "annotations": { | |
| "description": "Route for application's https service." | |
| } | |
| }, | |
| "spec": { | |
| "host": "${HOSTNAME_HTTPS}", | |
| "to": { | |
| "name": "secure-${APPLICATION_NAME}" | |
| }, | |
| "tls": { | |
| "termination": "passthrough" | |
| } | |
| } | |
| }, | |
| { | |
| "kind": "DeploymentConfig", | |
| "apiVersion": "v1", | |
| "metadata": { | |
| "name": "${APPLICATION_NAME}", | |
| "labels": { | |
| "application": "${APPLICATION_NAME}" | |
| } | |
| }, | |
| "spec": { | |
| "strategy": { | |
| "type": "Recreate" | |
| }, | |
| "triggers": [ | |
| { | |
| "type": "ConfigChange" | |
| } | |
| ], | |
| "replicas": 1, | |
| "selector": { | |
| "deploymentConfig": "${APPLICATION_NAME}" | |
| }, | |
| "template": { | |
| "metadata": { | |
| "name": "${APPLICATION_NAME}", | |
| "labels": { | |
| "deploymentConfig": "${APPLICATION_NAME}", | |
| "application": "${APPLICATION_NAME}" | |
| } | |
| }, | |
| "spec": { | |
| "containers": [ | |
| { | |
| "name": "${APPLICATION_NAME}", | |
| "image": "quay.io/keycloak/keycloak:7.0.0", | |
| "livenessProbe": { | |
| "failureThreshold": 3, | |
| "httpGet": { | |
| "path": "/auth/realms/master", | |
| "port": 8080, | |
| "scheme": "HTTP" | |
| }, | |
| "initialDelaySeconds": 60 | |
| }, | |
| "ports": [ | |
| { | |
| "containerPort": 8080, | |
| "protocol": "TCP" | |
| }, | |
| { | |
| "name": "https", | |
| "containerPort": 8443, | |
| "protocol": "TCP" | |
| } | |
| ], | |
| "readinessProbe": { | |
| "failureThreshold": 3, | |
| "httpGet": { | |
| "path": "/auth/realms/master", | |
| "port": 8080, | |
| "scheme": "HTTP" | |
| }, | |
| "initialDelaySeconds": 30 | |
| }, | |
| "env": [ | |
| { | |
| "name": "KEYCLOAK_USER", | |
| "value": "${KEYCLOAK_USER}" | |
| }, | |
| { | |
| "name": "KEYCLOAK_PASSWORD", | |
| "value": "${KEYCLOAK_PASSWORD}" | |
| }, | |
| { | |
| "name": "DB_VENDOR", | |
| "value": "${DB_VENDOR}" | |
| }, | |
| { | |
| "name": "JGROUPS_DISCOVERY_PROTOCOL", | |
| "value": "dns.DNS_PING" | |
| }, | |
| { | |
| "name": "JGROUPS_DISCOVERY_PROPERTIES", | |
| "value": "dns_query=${APPLICATION_NAME}.${NAMESPACE}.svc.cluster.local" | |
| } | |
| ], | |
| "securityContext": { | |
| "privileged": false | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment