RedHatTraining/business-process-apps-training-lab.git

Ricardo Jun

2018-11-07 a4f8e2d4d684fe8dd9253451e773eb712bbd840c

commit \| author \| age
945ada	1	apiVersion: v1
RJ	2	kind: Template
	3	labels:
	4	template: rhdm7-full-ng
	5	xpaas: 1.4.0
	6	message: A new persistent Decision Manager applications have been created in your project.
	7	The username/password for accessing the KIE Server / Decision Central interface is ${KIE_ADMIN_USER}/${KIE_ADMIN_PWD}.
	8	Please be sure to create the "decisioncentral-service-account" and "kieserver-service-account" service accounts
	9	and the secrets named "${DECISION_CENTRAL_HTTPS_SECRET}" and "${KIE_SERVER_HTTPS_SECRET}" containing the
	10	${DECISION_CENTRAL_HTTPS_KEYSTORE} and ${KIE_SERVER_HTTPS_KEYSTORE}files used for serving secure content.
	11	metadata:
	12	annotations:
	13	description: Application template for Red Hat JBoss Decision Management 7.0.
	14	iconClass: icon-jboss
	15	openshift.io/display-name: Red Hat Decision Manager 7.0 applications (Persistent with https)
	16	tags: rhdm,jboss,xpaas
	17	version: 1.4.0
	18	name: rhdm7-full-ng
	19	objects:
	20	# dtorresf: Adding the service account and secrets to the template.
	21	# I like having a more centralized approach for all the required assets to
	22	# instantiate the environment, instead of having to break into different
	23	# execution steps.
	24	- kind: ServiceAccount
	25	apiVersion: v1
	26	metadata:
	27	name: decisioncentral-service-account
	28	labels:
	29	application: "${APPLICATION_NAME}"
	30	secrets:
	31	- name: decisioncentral-app-secret
	32	- kind: Secret
	33	apiVersion: v1
	34	metadata:
	35	annotations:
	36	description: Default secret file with name 'jboss' and password 'mykeystorepass'
	37	name: decisioncentral-app-secret
	38	labels:
	39	application: "${APPLICATION_NAME}"
	40	data:
	41	keystore.jks: "/u3+7QAAAAIAAAABAAAAAQAFamJvc3MAAAFNbVtLLAAABQMwggT/MA4GCisGAQQBKgIRAQEFAASCBOsxl4wqa+E+XP8+qMZY9XLhvKrRX8V1MHdwFZQaLTEVURCizqYXoMnbhtfV0oMAUFsE7013TTA9Q2l+pSs+cqz6HH/vwjEEIkqJx5wD8WcD/bu9e9F9EHQ+zrjZFmpMFvXsvj9+ux1o/YLBDGY3kd4MoDcJy0yJ/ZpzNYLkXanlrMhWqxC7MAliCBsdyVgNn5RFb4Nn+JZgJuNSIGo/K292+0IFaFv9vsXbX889W9HPCvfO0mQIzoy8In0NhzdKli/67y4kbDkWaI0fRONckZTxNpxn6rMc0nN9zKrGVToLxj1Ufcoj/tCvR8agtPpv7KIWUqBYDg83ad+i4EE5XYISovlsl6RmtrrTb39PJcL86+wJ+x2ZrLuyzh6C9sAOdSBiKt/DY97ICIYltRMrb+cNwWdnJvT+PeYvv3vKo7YThha+akoJDjsWMp1HWpbIC9zg9ZjugU+/ao6nHtmoZmCaYjLuEE+sYl5s179uyQjE3LRc+0cVY2+bYCOD6P6JLH9GdfjkR40OhjryiWy2Md6vAGaATh6kjjreRHfSie4KCgIZx9Ngb1+uAwauYSM8d9OIwT5lRmLd4Go9CaFXtFdq/IZv3x5ZEPVqMjxcq0KXcs1QcfK3oSYL/rrkxXxKFTrd0N3KgvwATWx/KS90tdHBg65dF3PpBjK1AYQL3Q7KV3t45SVyYHd92TUsaduY1nUQk4TukNC8l9f8xYVeOFXoFHZRx9edqn8fjDMmCYn5PTPNuMPHQm7nKxeWhV2URY5jt774gmvHLNcXeEgrM7US81wOvs2y1jY/paJWn+OACf2x2a75MWFFkZH67bZoh9pPWAwOUEtegXTL5QVicHjzZrop8Qb7K7hlGgD0RP5YYOFYF4DD+SL5BHKr6fw/LS6MMJaK1wKsJd0oGg9HcHXjph9Kb+mqXrQ54C1KI42LpFftU3DCg8wGoqvg/zO/UtVeHX3rBZDUIkeQrCULEkki9oL5diDxe9mNx9Qua5FJ6FJGIffQmsC4b0+Xys6NyqUu1aeWLcAPA/5hcs6ZTiSRTHTBe3vxapyBjnAL5uij4ILbWbEGH1e0mAHBeiihRx+w4oxH4OGCvXOhwIDHETLJJUcnJe1CouECdqdfVy/eEsIfiEheVs8OwogJLiWgzB7PoebXM4SKsAWL3NcDtC1LV3KuPgFuTDH7MjPIR83eSxkKlJLMNGfEpUHyg+lm7aJ98PVIS+l1YV9oUzLfbo3S6S2sMjVgyviS90vNIPo5JOTEFHsg5aWJNHL0OV4zRUeILzwwdQz+VkTk9DobnkLWUeLnwUNWheOpaQh79Mk0IfwfLj4D0Vx9p+PShKKZCGs0wjckmCFBM5Pc1x2lwMdaP5yATzrw+jUc+/3UY4PF/4Ya66m/DRsBKEcXjVAHcTce6OdNdGlBNT8VgkxPiylwO8hvyvpf6j+wdb9iXi6eOnk0AiEJ6mUAXs/eyDD/cqQjnUBKRGLQUSdHhvtpw8RfvyVhAAxNOnBsOT0WYol9iK6pSclGTF5mZleASRzZhH69GgdebfFhXimb0j/wYj3uLgf6mrKMDwlrXJ80SiWkXxd5TX/7XtB9lbPzNpaR12M8U8UVg16VOtMwCR2Gss2vmhqQnQFLsUsAKcYM0TRp1pWqbzpGebCvJkVWiIYocN3ZI1csAhGX3G86ewAAAAEABVguNTA5AAADeTCCA3UwggJdoAMCAQICBGekovEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMB4XDTE1MDUxOTE4MDYxOFoXDTE1MDgxNzE4MDYxOFowazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zbGtem+If//jw0OTszIcpX4ydOCC0PeqktulYkm4pG0qEVBB+HuMj7yeTBc1KCDl2xm+Q6LPeTzUufk7BXFEg4Ru1l3PSW70LyJBfHy5ns0dYE5M1I0Avv9rvjgC1VTsiBmdXh+tIIQDPknIKpWpcs79XPOURGLvuGjfyj08EZWFvAZzYrk3lKwkceDHpYYb5i+zxFRz5K6of/h9gQ9CzslqNd7uxxvyy/yTtNFk2J797Vk3hKtbiATqc9+egEHcEQrzADejPYol5ke3DA1NPRBqFGku5n215i2eYzYvVV1xmifID/3lzvNWN0bWlOxl74VsPnWa/2JPP3hZ6p5QIDAQABoyEwHzAdBgNVHQ4EFgQURLJKk/gaSrMjDyX8iYtCzPtTBqAwDQYJKoZIhvcNAQELBQADggEBAA4ESTKsWevv40hFv11t+lGNHT16u8Xk+WnvB4Ko5sZjVhvRWTTKOEBE5bDYfMhf0esn8gg0B4Qtm4Rb5t9PeaG/0d6xxD0BIV6eWihJVtEGOH47Wf/UzfC88fqoIxZ6MMBPik/WeafvOK+HIHfZSwAmqlXgl4nNVDdMNHtBhNAvikL3osxrSbqdi3eyI7rqSpb41Lm9v+PF+vZTOGRQf22Gq30/Ie85DlqugtRKimWHJYL2HeL4ywTtQKgde6JDRCOHwbDcsl6CbMjugt3yyI7Yo9EJdKb5p6YoVOpnCz7369W9Uim+Xrl2ELZWM5WTiQFxd6S36Ql2TUk+s8zj/GoN9ov0Y/yNNCxAibwyzo94N+Q4vA=="
	42	- kind: ServiceAccount
	43	apiVersion: v1
	44	metadata:
	45	name: kieserver-service-account
	46	labels:
	47	application: "${APPLICATION_NAME}"
	48	secrets:
	49	- name: kieserver-app-secret
	50	- kind: Secret
	51	apiVersion: v1
	52	metadata:
	53	annotations:
	54	description: Default secret file with name 'jboss' and password 'mykeystorepass'
	55	name: kieserver-app-secret
	56	labels:
	57	application: "${APPLICATION_NAME}"
	58	data:
	59	keystore.jks: "/u3+7QAAAAIAAAABAAAAAQAFamJvc3MAAAFNbVtLLAAABQMwggT/MA4GCisGAQQBKgIRAQEFAASCBOsxl4wqa+E+XP8+qMZY9XLhvKrRX8V1MHdwFZQaLTEVURCizqYXoMnbhtfV0oMAUFsE7013TTA9Q2l+pSs+cqz6HH/vwjEEIkqJx5wD8WcD/bu9e9F9EHQ+zrjZFmpMFvXsvj9+ux1o/YLBDGY3kd4MoDcJy0yJ/ZpzNYLkXanlrMhWqxC7MAliCBsdyVgNn5RFb4Nn+JZgJuNSIGo/K292+0IFaFv9vsXbX889W9HPCvfO0mQIzoy8In0NhzdKli/67y4kbDkWaI0fRONckZTxNpxn6rMc0nN9zKrGVToLxj1Ufcoj/tCvR8agtPpv7KIWUqBYDg83ad+i4EE5XYISovlsl6RmtrrTb39PJcL86+wJ+x2ZrLuyzh6C9sAOdSBiKt/DY97ICIYltRMrb+cNwWdnJvT+PeYvv3vKo7YThha+akoJDjsWMp1HWpbIC9zg9ZjugU+/ao6nHtmoZmCaYjLuEE+sYl5s179uyQjE3LRc+0cVY2+bYCOD6P6JLH9GdfjkR40OhjryiWy2Md6vAGaATh6kjjreRHfSie4KCgIZx9Ngb1+uAwauYSM8d9OIwT5lRmLd4Go9CaFXtFdq/IZv3x5ZEPVqMjxcq0KXcs1QcfK3oSYL/rrkxXxKFTrd0N3KgvwATWx/KS90tdHBg65dF3PpBjK1AYQL3Q7KV3t45SVyYHd92TUsaduY1nUQk4TukNC8l9f8xYVeOFXoFHZRx9edqn8fjDMmCYn5PTPNuMPHQm7nKxeWhV2URY5jt774gmvHLNcXeEgrM7US81wOvs2y1jY/paJWn+OACf2x2a75MWFFkZH67bZoh9pPWAwOUEtegXTL5QVicHjzZrop8Qb7K7hlGgD0RP5YYOFYF4DD+SL5BHKr6fw/LS6MMJaK1wKsJd0oGg9HcHXjph9Kb+mqXrQ54C1KI42LpFftU3DCg8wGoqvg/zO/UtVeHX3rBZDUIkeQrCULEkki9oL5diDxe9mNx9Qua5FJ6FJGIffQmsC4b0+Xys6NyqUu1aeWLcAPA/5hcs6ZTiSRTHTBe3vxapyBjnAL5uij4ILbWbEGH1e0mAHBeiihRx+w4oxH4OGCvXOhwIDHETLJJUcnJe1CouECdqdfVy/eEsIfiEheVs8OwogJLiWgzB7PoebXM4SKsAWL3NcDtC1LV3KuPgFuTDH7MjPIR83eSxkKlJLMNGfEpUHyg+lm7aJ98PVIS+l1YV9oUzLfbo3S6S2sMjVgyviS90vNIPo5JOTEFHsg5aWJNHL0OV4zRUeILzwwdQz+VkTk9DobnkLWUeLnwUNWheOpaQh79Mk0IfwfLj4D0Vx9p+PShKKZCGs0wjckmCFBM5Pc1x2lwMdaP5yATzrw+jUc+/3UY4PF/4Ya66m/DRsBKEcXjVAHcTce6OdNdGlBNT8VgkxPiylwO8hvyvpf6j+wdb9iXi6eOnk0AiEJ6mUAXs/eyDD/cqQjnUBKRGLQUSdHhvtpw8RfvyVhAAxNOnBsOT0WYol9iK6pSclGTF5mZleASRzZhH69GgdebfFhXimb0j/wYj3uLgf6mrKMDwlrXJ80SiWkXxd5TX/7XtB9lbPzNpaR12M8U8UVg16VOtMwCR2Gss2vmhqQnQFLsUsAKcYM0TRp1pWqbzpGebCvJkVWiIYocN3ZI1csAhGX3G86ewAAAAEABVguNTA5AAADeTCCA3UwggJdoAMCAQICBGekovEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMB4XDTE1MDUxOTE4MDYxOFoXDTE1MDgxNzE4MDYxOFowazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zbGtem+If//jw0OTszIcpX4ydOCC0PeqktulYkm4pG0qEVBB+HuMj7yeTBc1KCDl2xm+Q6LPeTzUufk7BXFEg4Ru1l3PSW70LyJBfHy5ns0dYE5M1I0Avv9rvjgC1VTsiBmdXh+tIIQDPknIKpWpcs79XPOURGLvuGjfyj08EZWFvAZzYrk3lKwkceDHpYYb5i+zxFRz5K6of/h9gQ9CzslqNd7uxxvyy/yTtNFk2J797Vk3hKtbiATqc9+egEHcEQrzADejPYol5ke3DA1NPRBqFGku5n215i2eYzYvVV1xmifID/3lzvNWN0bWlOxl74VsPnWa/2JPP3hZ6p5QIDAQABoyEwHzAdBgNVHQ4EFgQURLJKk/gaSrMjDyX8iYtCzPtTBqAwDQYJKoZIhvcNAQELBQADggEBAA4ESTKsWevv40hFv11t+lGNHT16u8Xk+WnvB4Ko5sZjVhvRWTTKOEBE5bDYfMhf0esn8gg0B4Qtm4Rb5t9PeaG/0d6xxD0BIV6eWihJVtEGOH47Wf/UzfC88fqoIxZ6MMBPik/WeafvOK+HIHfZSwAmqlXgl4nNVDdMNHtBhNAvikL3osxrSbqdi3eyI7rqSpb41Lm9v+PF+vZTOGRQf22Gq30/Ie85DlqugtRKimWHJYL2HeL4ywTtQKgde6JDRCOHwbDcsl6CbMjugt3yyI7Yo9EJdKb5p6YoVOpnCz7369W9Uim+Xrl2ELZWM5WTiQFxd6S36Ql2TUk+s8zj/GoN9ov0Y/yNNCxAibwyzo94N+Q4vA=="
	60	- kind: Service
	61	apiVersion: v1
	62	spec:
	63	ports:
	64	- port: 8080
	65	targetPort: 8080
	66	selector:
	67	deploymentConfig: "${APPLICATION_NAME}-rhdmcentr"
	68	metadata:
	69	name: "${APPLICATION_NAME}-rhdmcentr"
	70	labels:
	71	application: "${APPLICATION_NAME}"
	72	annotations:
	73	description: The Decision Central web server's http port.
	74	- kind: Service
	75	apiVersion: v1
	76	spec:
	77	ports:
	78	- port: 8443
	79	targetPort: 8443
	80	selector:
	81	deploymentConfig: "${APPLICATION_NAME}-rhdmcentr"
	82	metadata:
	83	name: secure-${APPLICATION_NAME}-rhdmcentr
	84	labels:
	85	application: "${APPLICATION_NAME}"
	86	annotations:
	87	description: The Decision Central web server's https port.
	88	- kind: Service
	89	apiVersion: v1
	90	spec:
	91	ports:
	92	- port: 8080
	93	targetPort: 8080
	94	selector:
	95	deploymentConfig: "${APPLICATION_NAME}-kieserver"
	96	metadata:
	97	name: "${APPLICATION_NAME}-kieserver"
	98	labels:
	99	application: "${APPLICATION_NAME}"
	100	annotations:
	101	description: The KIE server web server's http port.
	102	- kind: Service
	103	apiVersion: v1
	104	spec:
	105	ports:
	106	- port: 8443
	107	targetPort: 8443
	108	selector:
	109	deploymentConfig: "${APPLICATION_NAME}-kieserver"
	110	metadata:
	111	name: secure-${APPLICATION_NAME}-kieserver
	112	labels:
	113	application: "${APPLICATION_NAME}"
	114	annotations:
	115	description: The KIE server web server's https port.
	116	- apiVersion: v1
	117	kind: Service
	118	metadata:
	119	annotations:
	120	description: The nodejs web server's http port for the angular application demo.
	121	labels:
	122	application: ${APPLICATION_NAME}
	123	# dtorresf: Now the angular2 application does not only is integrated with the
	124	# mortgages kie container, but also with the other kie containers:
	125	# customer-greeting, mortgages and policy-quote
	126	name: ${APPLICATION_NAME}-ng-dmf
	127	spec:
	128	ports:
	129	- port: 8080
	130	targetPort: 8080
	131	selector:
	132	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	133	- kind: Route
	134	apiVersion: v1
	135	id: "${APPLICATION_NAME}-rhdmcentr-http"
	136	metadata:
	137	name: "${APPLICATION_NAME}-rhdmcentr"
	138	labels:
	139	application: "${APPLICATION_NAME}"
	140	annotations:
	141	description: Route for Decision Central's http service.
	142	haproxy.router.openshift.io/timeout: 60s
	143	spec:
	144	host: "${DECISION_CENTRAL_HOSTNAME_HTTP}"
	145	to:
	146	name: "${APPLICATION_NAME}-rhdmcentr"
	147	- kind: Route
	148	apiVersion: v1
	149	id: "${APPLICATION_NAME}-rhdmcentr-https"
	150	metadata:
	151	name: secure-${APPLICATION_NAME}-rhdmcentr
	152	labels:
	153	application: "${APPLICATION_NAME}"
	154	annotations:
	155	description: Route for Decision Central's https service.
	156	haproxy.router.openshift.io/timeout: 60s
	157	spec:
	158	host: "${DECISION_CENTRAL_HOSTNAME_HTTPS}"
	159	to:
	160	name: secure-${APPLICATION_NAME}-rhdmcentr
	161	tls:
	162	termination: passthrough
	163	- kind: Route
	164	apiVersion: v1
	165	id: "${APPLICATION_NAME}-kieserver-http"
	166	metadata:
	167	name: "${APPLICATION_NAME}-kieserver"
	168	labels:
	169	application: "${APPLICATION_NAME}"
	170	annotations:
	171	description: Route for KIE server's http service.
	172	spec:
	173	host: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
	174	to:
	175	name: "${APPLICATION_NAME}-kieserver"
	176	- kind: Route
	177	apiVersion: v1
	178	id: "${APPLICATION_NAME}-kieserver-https"
	179	metadata:
	180	name: secure-${APPLICATION_NAME}-kieserver
	181	labels:
	182	application: "${APPLICATION_NAME}"
	183	annotations:
	184	description: Route for KIE server's https service.
	185	spec:
	186	host: "${EXECUTION_SERVER_HOSTNAME_HTTPS}"
	187	to:
	188	name: secure-${APPLICATION_NAME}-kieserver
	189	tls:
	190	termination: passthrough
	191	- apiVersion: v1
	192	id: ${APPLICATION_NAME}-ng-dmf-http
	193	kind: Route
	194	metadata:
	195	annotations:
	196	description: Route for nodejs mortgages http service.
	197	labels:
	198	application: ${APPLICATION_NAME}
	199	name: ${APPLICATION_NAME}-ng-dmf
	200	spec:
	201	host: ${DECISION_CENTRAL_HOSTNAME_HTTP}
	202	to:
	203	name: ${APPLICATION_NAME}-ng-dmf
	204
	205
	206	- apiVersion: v1
	207	kind: DeploymentConfig
	208	metadata:
	209	labels:
	210	application: ${APPLICATION_NAME}
	211	name: ${APPLICATION_NAME}-rhdmcentr
	212	spec:
	213	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	214	paused: true
	215	replicas: 1
	216	selector:
	217	deploymentConfig: ${APPLICATION_NAME}-rhdmcentr
	218	strategy:
	219
	220	# When redeploying, a new decision central deployment will fail if set to rolling because the Lucene indexer cannot obtain a lock on a file, as the lock is held by the current deployment
	221	type: Recreate
	222
	223	template:
	224	metadata:
	225	labels:
	226	application: ${APPLICATION_NAME}
	227	deploymentConfig: ${APPLICATION_NAME}-rhdmcentr
	228	name: ${APPLICATION_NAME}-rhdmcentr
	229	spec:
	230	containers:
	231	- env:
	232	# Can expect -Xmx of 2458MB based on 3Gi memory limit
	233	- name: JAVA_MAX_MEM_RATIO
	234	value: "80"
	235	- name: JAVA_INITIAL_MEM_RATIO
	236	value: "0"
	237	- name: GC_MAX_METASPACE_SIZE
	238	value: "500"
	239	- name: KIE_ADMIN_PWD
	240	value: "${KIE_ADMIN_PWD}"
	241	- name: KIE_ADMIN_USER
	242	value: "${KIE_ADMIN_USER}"
	243	- name: KIE_MBEANS
	244	value: "${KIE_MBEANS}"
	245	- name: KIE_SERVER_CONTROLLER_PWD
	246	value: "${KIE_SERVER_CONTROLLER_PWD}"
	247	- name: KIE_SERVER_CONTROLLER_USER
	248	value: "${KIE_SERVER_CONTROLLER_USER}"
	249
	250
	251	# Default is http:
	252	# When KIE server is bounced, idled or rescheduled, the new instance will register with Decision Central, but the old, no longer existing instance is not removed from the server list by Decision Central.
	253	# As a result, Decision Central has stale entries.
	254	# When sing WebSockets as protocol, when a KIE server disappears, this is detected by Decision Central, and the server is removed from the server list.
	255	- name: KIE_SERVER_CONTROLLER_PROTOCOL
	256	value: ws
	257
	258
	259	- name: KIE_SERVER_PWD
	260	value: "${KIE_SERVER_PWD}"
	261	- name: KIE_SERVER_USER
	262	value: "${KIE_SERVER_USER}"
	263	- name: HTTPS_KEYSTORE_DIR
	264	value: "/etc/decisioncentral-secret-volume"
	265	- name: HTTPS_KEYSTORE
	266	value: "${DECISION_CENTRAL_HTTPS_KEYSTORE}"
	267	- name: HTTPS_NAME
	268	value: "${DECISION_CENTRAL_HTTPS_NAME}"
	269	- name: HTTPS_PASSWORD
	270	value: "${DECISION_CENTRAL_HTTPS_PASSWORD}"
	271	- name: ADMIN_USERNAME
	272	value: "${ADMIN_USERNAME}"
	273	- name: ADMIN_PASSWORD
	274	value: "${ADMIN_PASSWORD}"
	275	- name: PROBE_IMPL
	276	value: probe.eap.jolokia.EapProbe
	277	- name: PROBE_DISABLE_BOOT_ERRORS_CHECK
	278	value: 'true'
	279	# dtorresf: Enable ssh access through external tools like JBDS
	280	- name: JAVA_OPTS_APPEND
	281	value: '-Dorg.uberfire.nio.git.ssh.algorithm=RSA -Dorg.uberfire.nio.git.ssh.host=0.0.0.0'
	282	image: rhdm70-decisioncentral-openshift:1.1
	283	imagePullPolicy: Always
	284	livenessProbe:
	285	exec:
	286	command:
	287	- /bin/bash
	288	- -c
	289	- /opt/eap/bin/livenessProbe.sh
	290
	291	# JA Bride: Bumping up resources
	292	resources:
	293	limits:
	294	cpu: "1"
	295	# Utilized when determining -XmX
	296	memory: 3Gi
	297	requests:
	298	cpu: "1"
	299	memory: 2Gi
	300
	301	name: ${APPLICATION_NAME}-rhdmcentr
	302	ports:
	303	- containerPort: 8778
	304	name: jolokia
	305	protocol: TCP
	306	- containerPort: 8080
	307	name: http
	308	protocol: TCP
	309	- containerPort: 8443
	310	name: https
	311	protocol: TCP
	312	readinessProbe:
	313	exec:
	314	command:
	315	- /bin/bash
	316	- -c
	317	- /opt/eap/bin/readinessProbe.sh
	318	volumeMounts:
	319	- mountPath: /etc/decisioncentral-secret-volume
	320	name: decisioncentral-keystore-volume
	321	readOnly: true
	322	- name: "${APPLICATION_NAME}-rhdmcentr-pvol"
	323	mountPath: "/opt/eap/standalone/data/bpmsuite"
	324	serviceAccountName: decisioncentral-service-account
	325	terminationGracePeriodSeconds: 60
	326	volumes:
	327	- name: decisioncentral-keystore-volume
	328	secret:
	329	secretName: ${DECISION_CENTRAL_HTTPS_SECRET}
	330	- name: "${APPLICATION_NAME}-rhdmcentr-pvol"
	331	persistentVolumeClaim:
	332	claimName: "${APPLICATION_NAME}-rhdmcentr-claim"
	333	triggers:
	334	- imageChangeParams:
	335	automatic: true
	336	containerNames:
	337	- ${APPLICATION_NAME}-rhdmcentr
	338	from:
	339	kind: ImageStreamTag
	340	name: rhdm70-decisioncentral-openshift:1.1
	341	namespace: ${RHT_IMAGE_STREAM_NAMESPACE}
	342	type: ImageChange
	343	- type: ConfigChange
	344
	345	# JA Bride: Defining a BC to layer custom run script on kieserver image
	346	- apiVersion: v1
	347	kind: BuildConfig
	348	metadata:
	349	labels:
	350	application: ${APPLICATION_NAME}
	351	name: ${APPLICATION_NAME}-custom-kieserver
	352	spec:
	353	output:
	354	to:
	355	kind: ImageStreamTag
	356	name: custom-kieserver:latest
	357	postCommit: {}
	358
	359	# JA Bride: Bumping up limit and request so tht node app builds in a timely manner without timing out
	360	resources:
	361	limits:
	362	cpu: "1"
	363	memory: 1Gi
	364	requests:
	365	cpu: "1"
	366	memory: 1Gi
	367
	368	# JA Bride: The BPM exec server build config object is comprised of the bpmsuite7 exec server layered with the source code of this project.
	369	# The only thing this project source code does is provide a run script to customize the standalone-openshift.xml config file of JBoss EAP.
	370	runPolicy: Serial
	371	source:
	372	contextDir: exec-server
	373	git:
	374	ref: master
	375	type: Git
a4f8e2	376	uri: http://services.lab.example.com/bxms_decision_mgmt_foundations_lab.git
945ada	377	strategy:
RJ	378	sourceStrategy:
	379	from:
	380	kind: ImageStreamTag
	381	name: rhdm70-kieserver-openshift:1.1
	382	namespace: ${RHT_IMAGE_STREAM_NAMESPACE}
	383	type: Source
	384	triggers:
	385	- type: ImageChange
	386	- type: ConfigChange
	387
	388	# JA Bride: imagestream for customized kieserver created from BC resource defined in this template
	389	- apiVersion: v1
	390	kind: ImageStream
	391	metadata:
	392	labels:
	393	application: ${APPLICATION_NAME}
	394	name: custom-kieserver
	395	spec:
	396	lookupPolicy:
	397	local: false
	398
	399	# dtorresf: Having the ConfigMap in the same template to reduce instantiation steps
	400	- apiVersion: v1
	401	kind: ConfigMap
	402	data:
	403	undertow-cors.cli: >
	404	batch
	405
	406	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Origin:add(header-name="Access-Control-Allow-Origin",
	407	header-value="*")
	408
	409	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Origin/:add()
	410
	411	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Methods:add(header-name="Access-Control-Allow-Methods",
	412	header-value="GET, POST, OPTIONS, PUT, DELETE")
	413
	414	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Methods/:add()
	415
	416	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Headers:add(header-name="Access-Control-Allow-Headers",
	417	header-value="accept, authorization, content-type, x-requested-with")
	418
	419	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Headers/:add()
	420
	421	/subsystem=undertow/configuration=filter/response-header=Access-Control-Allow-Credentials:add(header-name="Access-Control-Allow-Credentials",
	422	header-value="true")
	423
	424	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Allow-Credentials/:add()
	425
	426	/subsystem=undertow/configuration=filter/response-header=Access-Control-Max-Age:add(header-name="Access-Control-Max-Age",
	427	header-value="2")
	428
	429	/subsystem=undertow/server=default-server/host=default-host/filter-ref=Access-Control-Max-Age/:add()
	430
	431	run-batch
	432	metadata:
	433	labels:
	434	application: ${APPLICATION_NAME}
	435	name: undertow-cors
	436
	437	- apiVersion: v1
	438	kind: DeploymentConfig
	439	metadata:
	440	labels:
	441	application: ${APPLICATION_NAME}
	442	name: ${APPLICATION_NAME}-kieserver
	443	spec:
	444	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	445	paused: true
	446	replicas: 1
	447	selector:
	448	deploymentConfig: ${APPLICATION_NAME}-kieserver
	449	strategy:
	450	# https://github.com/redhat-gpe/bxms_decision_mgmt_foundations/issues/39
	451	type: Rolling
	452	template:
	453	metadata:
	454	labels:
	455	application: ${APPLICATION_NAME}
	456	deploymentConfig: ${APPLICATION_NAME}-kieserver
	457	name: ${APPLICATION_NAME}-kieserver
	458	spec:
	459	containers:
	460	- env:
	461	# Can expect -Xmx of 1600MB based on 2Gi memory limit
	462	- name: JAVA_MAX_MEM_RATIO
	463	value: "80"
	464	- name: JAVA_INITIAL_MEM_RATIO
	465	value: "0"
	466	- name: DROOLS_SERVER_FILTER_CLASSES
	467	value: "${DROOLS_SERVER_FILTER_CLASSES}"
	468	- name: KIE_ADMIN_PWD
	469	value: "${KIE_ADMIN_PWD}"
	470	- name: KIE_ADMIN_USER
	471	value: "${KIE_ADMIN_USER}"
	472	- name: KIE_MBEANS
	473	value: "${KIE_MBEANS}"
	474	- name: KIE_SERVER_BYPASS_AUTH_USER
	475	value: "${KIE_SERVER_BYPASS_AUTH_USER}"
	476	- name: KIE_SERVER_CONTROLLER_PWD
	477	value: "${KIE_SERVER_CONTROLLER_PWD}"
	478	- name: KIE_SERVER_CONTROLLER_SERVICE
	479	value: "${APPLICATION_NAME}-rhdmcentr"
	480	- name: KIE_SERVER_CONTROLLER_USER
	481	value: "${KIE_SERVER_CONTROLLER_USER}"
	482
	483
	484	# Default is http:
	485	# When KIE server is bounced, idled or rescheduled, the new instance will register with Decision Central, but the old, no longer existing instance is not removed from the server list by Decision Central.
	486	# As a result, Decision Central has stale entries.
	487	# When sing WebSockets as protocol, when a KIE server disappears, this is detected by Decision Central, and the server is removed from the server list.
	488	- name: KIE_SERVER_CONTROLLER_PROTOCOL
	489	value: ws
	490
	491	- name: KIE_SERVER_HOST
	492	valueFrom:
	493	fieldRef:
	494	fieldPath: status.podIP
	495	- name: KIE_SERVER_PWD
	496	value: "${KIE_SERVER_PWD}"
	497	- name: KIE_SERVER_USER
	498	value: "${KIE_SERVER_USER}"
	499	- name: MAVEN_REPO_URL
	500	value: "${MAVEN_REPO_URL}"
	501	- name: MAVEN_REPO_SERVICE
	502	value: "${APPLICATION_NAME}-rhdmcentr"
	503	- name: MAVEN_REPO_PATH
	504	value: "/maven2/"
	505	- name: MAVEN_REPO_USERNAME
	506	value: "${MAVEN_REPO_USERNAME}"
	507	- name: MAVEN_REPO_PASSWORD
	508	value: "${MAVEN_REPO_PASSWORD}"
	509	- name: HTTPS_KEYSTORE_DIR
	510	value: "/etc/kieserver-secret-volume"
	511	- name: HTTPS_KEYSTORE
	512	value: "${KIE_SERVER_HTTPS_KEYSTORE}"
	513	- name: HTTPS_NAME
	514	value: "${KIE_SERVER_HTTPS_NAME}"
	515	- name: HTTPS_PASSWORD
	516	value: "${KIE_SERVER_HTTPS_PASSWORD}"
	517	image: custom-kieserver:latest
	518	imagePullPolicy: Always
	519	livenessProbe:
	520	exec:
	521	command:
	522	- /bin/bash
	523	- -c
	524	- /opt/eap/bin/livenessProbe.sh
	525	resources:
	526	limits:
	527	cpu: "1"
	528	memory: 2Gi
	529	requests:
	530	cpu: "1"
	531	memory: 1Gi
	532
	533	name: ${APPLICATION_NAME}-kieserver
	534	ports:
	535	- containerPort: 8778
	536	name: jolokia
	537	protocol: TCP
	538	- containerPort: 8080
	539	name: http
	540	protocol: TCP
	541	- containerPort: 8443
	542	name: https
	543	protocol: TCP
	544	readinessProbe:
	545	exec:
	546	command:
	547	- /bin/bash
	548	- -c
	549	- /opt/eap/bin/readinessProbe.sh
	550	volumeMounts:
	551	- mountPath: /etc/kieserver-secret-volume
	552	name: kieserver-keystore-volume
	553	readOnly: true
	554	- mountPath: /data
	555	name: cors-volume
	556	serviceAccountName: decisioncentral-service-account
	557	terminationGracePeriodSeconds: 60
	558	volumes:
	559	- name: kieserver-keystore-volume
	560	secret:
	561	secretName: ${KIE_SERVER_HTTPS_SECRET}
	562	- configMap:
	563	name: undertow-cors
	564	name: cors-volume
	565	triggers:
	566	- imageChangeParams:
	567	automatic: true
	568	containerNames:
	569	- ${APPLICATION_NAME}-kieserver
	570	from:
	571	kind: ImageStreamTag
	572	name: custom-kieserver:latest
	573	type: ImageChange
	574	- type: ConfigChange
	575	- apiVersion: v1
	576	kind: PersistentVolumeClaim
	577	metadata:
	578	name: "${APPLICATION_NAME}-rhdmcentr-claim"
	579	labels:
	580	application: ${APPLICATION_NAME}
	581	spec:
	582	accessModes:
	583	- ReadWriteOnce
	584	resources:
	585	requests:
	586	storage: "${DECISION_CENTRAL_VOLUME_CAPACITY}"
	587
	588	# dtorresf: configmap replaced by environment variables in BuildConfig
	589
	590	- apiVersion: v1
	591	kind: BuildConfig
	592	metadata:
	593	labels:
	594	application: ${APPLICATION_NAME}
	595	name: ${APPLICATION_NAME}-ng-dmf
	596	spec:
	597	nodeSelector: null
	598	output:
	599	to:
	600	kind: ImageStreamTag
	601	name: ng-dmf:latest
	602	postCommit: {}
	603	resources:
	604
	605	# JA Bride / dtorresf: bumping to 2 cpu and 2Gi
	606	# The new version of this node app has more javascript components and pre-evaluations.
	607	# the new application has a menu for the demos and centralizes the demos for our course.
	608	limits:
	609	cpu: "2"
	610	memory: 2Gi
	611	requests:
	612	cpu: "1"
	613	memory: 1Gi
	614	runPolicy: Serial
	615	source:
	616	git:
	617	ref: security-fix
	618	# dtorresf: new git repository with templated angular2 application
a4f8e2	619	uri: 'http://services.lab.example.com/gpte-ng-dmf.git'
945ada	620	type: Git
RJ	621	strategy:
	622	sourceStrategy:
	623	# dtorresf: use environment variables to obtain namespace and cluster name for kie-server endpoint configuration
	624	# replaces the old ng-environment configmap
	625	env:
	626	- name: OCP_NAMESPACE
	627	valueFrom:
	628	fieldRef:
	629	fieldPath: metadata.namespace
e7a843	630	- name: NPM_MIRROR
a4f8e2	631	value: 'http://services.lab.example.com:8081/nexus/content/groups/nodejs/'
945ada	632	- name: REST_API_URL
RJ	633	value: 'http://${APPLICATION_NAME}-kieserver-$(OCP_NAMESPACE).${CLUSTER}/'
	634	- name: REST_API_USER
	635	value: '${KIE_ADMIN_USER}'
	636	- name: REST_API_PWD
	637	value: '${KIE_ADMIN_PWD}'
	638	from:
	639	# dtorresf: Using the available ImageStreamTag from the openshift registry
	640	kind: ImageStreamTag
4d109c	641	name: 'node:latest'
945ada	642	namespace: openshift
RJ	643	type: Source
	644	triggers:
	645	- type: ImageChange
	646	- apiVersion: v1
	647	kind: ImageStream
	648	metadata:
	649	labels:
	650	application: ${APPLICATION_NAME}
	651	name: ng-dmf
	652	spec:
	653	lookupPolicy:
	654	local: false
	655
	656	- apiVersion: v1
	657	kind: DeploymentConfig
	658	metadata:
	659	labels:
	660	application: ${APPLICATION_NAME}
	661	name: ${APPLICATION_NAME}-ng-dmf
	662	spec:
	663	# JA Bride: setting all DCs to paused. Will then start each one via ansible
	664	paused: true
	665	replicas: 1
	666	selector:
	667	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	668	strategy:
	669	# https://github.com/redhat-gpe/bxms_decision_mgmt_foundations/issues/39
	670	type: Rolling
	671	template:
	672	metadata:
	673	labels:
	674	application: ${APPLICATION_NAME}
	675	deploymentConfig: ${APPLICATION_NAME}-ng-dmf
	676	name: ${APPLICATION_NAME}-ng-dmf
	677	spec:
	678	containers:
	679	- image: ng-dmf:latest
	680	imagePullPolicy: Always
	681	livenessProbe:
	682	failureThreshold: 10
	683	initialDelaySeconds: 50
	684	periodSeconds: 10
	685	tcpSocket:
	686	port: 8080
	687	timeoutSeconds: 1
	688	name: ${APPLICATION_NAME}-ng-dmf
	689	ports:
	690	- containerPort: 8080
	691	name: http
	692	protocol: TCP
	693	readinessProbe:
	694	initialDelaySeconds: 50
	695	failureThreshold: 30
	696	periodSeconds: 10
	697	tcpSocket:
	698	port: 8080
	699	timeoutSeconds: 1
	700	resources:
	701	limits:
	702	cpu: "1"
	703	memory: 2Gi
	704	requests:
	705	cpu: "1"
	706	memory: 256Mi
	707	# dtorresf: ng-environment configMap replaced by environment variables at BuildConfig
	708	triggers:
	709	- imageChangeParams:
	710	automatic: true
	711	containerNames:
	712	- ${APPLICATION_NAME}-ng-dmf
	713	from:
	714	kind: ImageStreamTag
	715	name: ng-dmf:latest
	716	type: ImageChange
	717	- type: ConfigChange
	718	parameters:
	719	- displayName: Application Name
	720	description: The name for the application.
	721	name: APPLICATION_NAME
	722	value: myapp
	723	required: true
	724	- displayName: EAP Admin User
	725	description: EAP administrator username
	726	name: ADMIN_USERNAME
	727	value: eapadmin
	728	required: false
	729	- displayName: EAP Admin Password
	730	description: EAP administrator password
	731	name: ADMIN_PASSWORD
	732	from: "[a-zA-Z]{6}[0-9]{1}!"
	733	generate: expression
	734	required: false
	735	- displayName: KIE Admin User
	736	description: KIE administrator username
	737	name: KIE_ADMIN_USER
	738	value: adminUser
	739	required: false
	740	- displayName: KIE Admin Password
	741	description: KIE administrator password
	742	name: KIE_ADMIN_PWD
	743	from: "[a-zA-Z]{6}[0-9]{1}!"
	744	generate: expression
	745	required: false
	746	- displayName: KIE Server Controller User
	747	description: KIE server controller username (Sets the org.kie.server.controller.user system property)
	748	name: KIE_SERVER_CONTROLLER_USER
	749	value: controllerUser
	750	required: false
	751	- displayName: KIE Server Controller Password
	752	description: KIE server controller password (Sets the org.kie.server.controller.pwd system property)
	753	name: KIE_SERVER_CONTROLLER_PWD
	754	from: "[a-zA-Z]{6}[0-9]{1}!"
	755	generate: expression
	756	required: false
	757	- displayName: KIE Server User
	758	description: KIE execution server username (Sets the org.kie.server.user system property)
	759	name: KIE_SERVER_USER
	760	value: executionUser
	761	required: false
	762	- displayName: KIE Server Password
	763	description: KIE execution server password (Sets the org.kie.server.pwd system property)
	764	name: KIE_SERVER_PWD
	765	from: "[a-zA-Z]{6}[0-9]{1}!"
	766	generate: expression
	767	required: false
	768	- displayName: KIE Server Bypass Auth User
	769	description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property)
	770	name: KIE_SERVER_BYPASS_AUTH_USER
	771	value: 'false'
	772	required: false
	773	- displayName: KIE MBeans
	774	description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties)
	775	name: KIE_MBEANS
	776	value: enabled
	777	required: false
	778	- displayName: Drools Server Filter Classes
	779	description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property)
	780	name: DROOLS_SERVER_FILTER_CLASSES
	781	value: 'true'
	782	required: false
	783	- displayName: Decision Central Custom http Route Hostname
	784	description: 'Custom hostname for http service route. Leave blank for default hostname,
	785	e.g.: <application-name>-rhdmcentr-<project>.<default-domain-suffix>'
	786	name: DECISION_CENTRAL_HOSTNAME_HTTP
	787	value: ''
	788	required: false
	789	- displayName: Decision Central Custom https Route Hostname
	790	description: 'Custom hostname for https service route. Leave blank for default
	791	hostname, e.g.: secure-<application-name>-rhdmcentr-<project>.<default-domain-suffix>'
	792	name: DECISION_CENTRAL_HOSTNAME_HTTPS
	793	value: ''
	794	required: false
	795	- displayName: Execution Server Custom http Route Hostname
	796	description: 'Custom hostname for http service route. Leave blank for default hostname,
	797	e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
	798	name: EXECUTION_SERVER_HOSTNAME_HTTP
	799	value: ''
	800	required: false
	801	- displayName: Execution Server Custom https Route Hostname
	802	description: 'Custom hostname for https service route. Leave blank for default
	803	hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
	804	name: EXECUTION_SERVER_HOSTNAME_HTTPS
	805	value: ''
	806	required: false
	807	- displayName: Decision Central Server Keystore Secret Name
	808	description: The name of the secret containing the keystore file
	809	name: DECISION_CENTRAL_HTTPS_SECRET
	810	value: decisioncentral-app-secret
	811	required: false
	812	- displayName: Decision Central Server Keystore Filename
	813	description: The name of the keystore file within the secret
	814	name: DECISION_CENTRAL_HTTPS_KEYSTORE
	815	value: keystore.jks
	816	required: false
	817	- displayName: Decision Central Server Certificate Name
	818	description: The name associated with the server certificate
	819	name: DECISION_CENTRAL_HTTPS_NAME
	820	value: jboss
	821	required: false
	822	- displayName: Decision Central Server Keystore Password
	823	description: The password for the keystore and certificate
	824	name: DECISION_CENTRAL_HTTPS_PASSWORD
	825	value: mykeystorepass
	826	required: false
	827	- displayName: KIE Server Keystore Secret Name
	828	description: The name of the secret containing the keystore file
	829	name: KIE_SERVER_HTTPS_SECRET
	830	value: kieserver-app-secret
	831	required: false
	832	- displayName: KIE Server Keystore Filename
	833	description: The name of the keystore file within the secret
	834	name: KIE_SERVER_HTTPS_KEYSTORE
	835	value: keystore.jks
	836	required: false
	837	- displayName: KIE Server Certificate Name
	838	description: The name associated with the server certificate
	839	name: KIE_SERVER_HTTPS_NAME
	840	value: jboss
	841	required: false
	842	- displayName: KIE Server Keystore Password
	843	description: The password for the keystore and certificate
	844	name: KIE_SERVER_HTTPS_PASSWORD
	845	value: mykeystorepass
	846	required: false
	847	- displayName: RHT ImageStream Namespace
	848	description: Namespace in which the ImageStreams for Red Hat Middleware images are
	849	installed. These ImageStreams are normally installed in the openshift namespace.
	850	You should only need to modify this if you've installed the ImageStreams in a
	851	different namespace/project.
	852	name: RHT_IMAGE_STREAM_NAMESPACE
	853	value: openshift
	854	required: true
	855	- displayName: GPTE ImageStream Namespace
	856	description: Namespace in which the ImageStreams for RHT GPTE images are installed.
	857	name: GPTE_IMAGE_STREAM_NAMESPACE
	858	value: openshift
	859	required: true
	860	- displayName: Maven repository URL
	861	description: Fully qualified URL to a Maven repository. If unspecified, will fall back to Decision Central service.
	862	name: MAVEN_REPO_URL
	863	required: false
	864	- displayName: Maven repository username
	865	description: Username to access the Maven repository. If using Decision Central, will have to match KIE_ADMIN_USER.
	866	Default is "adminUser".
	867	name: MAVEN_REPO_USERNAME
	868	value: adminUser
	869	required: false
	870	- displayName: Maven repository password
	871	description: Password to access the Maven repository. If using Decision Central, will have to match KIE_ADMIN_PWD.
	872	No default specified.
	873	name: MAVEN_REPO_PASSWORD
	874	required: false
	875	- displayName: Decision Central Volume Capacity
	876	description: Size of the persistent storage for Decision Central's runtime data.
	877	name: DECISION_CENTRAL_VOLUME_CAPACITY
	878	value: 512Mi
	879	required: true
	880	# dtorresf: PROJECT name parameter replace by metadata namespace.
	881	# dtorresf: These parameters enable the setup of project and cluster properties for the angular2
	882	- displayName: Project name
	883	name: PROJECT
	884	required: false
	885	value: ''
	886	- displayName: Cluster name
	887	name: CLUSTER
	888	value: apps.dev37.openshift.opentlc.com
	889	required: true